Think ive got a virus

Page may contain affiliate links. Please see terms for details.
jaymanek

jaymanek

Authorised Forum Sponsor
SUPPORTER
Joined
Nov 29, 2002
Messages
16,837
Location
Nuneaton Warwickshire
Car
Lots of Mercedes!
Hi All,

Well my mate came over to work and was using my PC... looked over and he was clicking on some pop up thing and it started downloading...

so i shot over and closed it down, but think i may have been too late..

for the last few days if been getting "undelivered" messages in the hundreds!

my AVG is not picking up anything... what should i do?
 
Can you do a system restore to a point before your mate got near it?
 
Try starting up in safe mode and do a scan again.
 
AVG is not the best of anti virus software packages out there to be honest. I use and would recomend 'Norton Internet Security 2008'. Picks just about all the virus's up to date and it stops pop ups completly to avoid such a problem happening again in the future.
 
Something like this has happened --- one way to combat it is to change your E-MAIL ADDRESS


"Undeliverable Mail", "Virus in your email" and other such error messages
What you see

Quite often you will receive an error message about mail you sent being undeliverable. Sometimes the mail this message refers to seems completely unfamiliar - you will get notification about a Viagra advertisement you sent being unable to reach the recipient, even though you have never mailed any such thing.

Or you might have a frightening email informing you that a "Virus found in your mail" to a familiar or unfamiliar address, and that your message has been blocked. You never remember sending the message the warning refers to, and your anti-virus program doesn't find anything suspicious on your computer.
What is going on?

In both of the cases mentioned it is very likely that the original message (the message that was responded to) had a forged email address as the sender address. It's very easy to forge the sender information of an email message, and many viruses and spammers do this. Commercial bulk email and viruses spread with addresses that have nothing to do with their actual senders, and when they don't find their target, or are deflected by an anti-virus shield, the announcement goes to an innocent bystander.

An email with a forged sender address has nothing to do with the "victim's" computer or email. Forging an email address in no way implies that the forger might be able to read his victim's email, or even is aware of his existence.
 
The undelivered messages mean that your PC is being used to send out spam by the skipload for someone else. You have been well and truly shafted.

Your best plan is to .....

Go over to Captain Spyware’s Virus Vault and register:
*
http://virusvault.co.uk/fusionbb/fusionbb.php
*
Then go to the HijackThis Logs Forums:
*
http://virusvault.co.uk/fusionbb/showforum.php?fid/15/
*
And read ALL the information in the thread entitled:
*
YOU MUST READ THIS BEFORE POSTING A HIJACKTHIS LOG
*
John McKenna (Captain Spyware) or one of the other experts will get you up and running.
Just do exactly as they say and don't try anything that they have not said.
.
 
Thanks Stratman, will give it a go...
 
Once you have sorted out the problem you could try using Kaspersky Internet Security http://www.kaspersky.co.uk/ It is very good, cheaper than Norton and uses less resources. Norton has a habit of doing strange things and requires reinstalling every now and again. I have got rid of all my Norton Products as it was taking over the systems. Not a product I could recommend to anyone.

Best of luck
 
Stratman said:
The undelivered messages mean that your PC is being used to send out spam by the skipload for someone else. You have been well and truly shafted.
Click to expand...

Err, not sure I can agree with that. An undelivered message merely means that your email address has been used as the "From" address in a spamming activity. It is most likely that the person whose machine has been used for the spamming activity is somebody who has your email address in their address book.

Philip
 
prprandall51 said:
Err, not sure I can agree with that. An undelivered message merely means that your email address has been used as the "From" address in a spamming activity. It is most likely that the person whose machine has been used for the spamming activity is somebody who has your email address in their address book.

Philip
Click to expand...

Whilst it's possible that your computer is being used to send the emails, it's very unlikely. Philips suggestion is on the money...

It's far more likely that your email address has been picked up from a webpage or distribution list and spoofed - that is to say that the sender of spam emails has specified your email address in the From field of an email.

Is the email address that you're having problems with [email protected] by any chance?

If so it's probably been picked up from your web page, and it may be unfortunate timing that means it's coincided with your mates dodgy download attempt.

I hope this helps.
 
Last edited:
Oh forgot to say - if you use Microsoft Outlook or Outlook Express as your email client, then you can set up a rule from the Message menu (Outlook Express), to divert the bogus emails to a SPAM folder. You'll need to set up a folder called SPAM first.

What you're aiming for is a rule like this:
Apply this rule after the message arrives
Where the Subject line contains 'Undeliverable' or 'failure notice'
Move it to the SPAM folder

That should be your last line of defence though. Take a look at the settings for your email re-directs to see if there are any security settings you can tighten up. It's likely that it will be the Control Panel for the the company that you purchased the www.merclandrover.com domain name from.

Again, I hope this is of some use.
 
Last edited:
if you know what you are doing. you can edit your registry.
DO NOT attempt it if you do not know what you are doing.
 
Looking at the email headers of the bounces should indicate if you are the source.

I had a problem 18 months ago where a very clever little script kiddie had found a little area on my web server with write access. He/she had written a little bit of perl which allowed him to upload csv files containing millions of email addresses and spam big time using this little back door into my (local) mailserver.

I was getting over a million bounce backs a minute at one point. As you can imagine, my server and PC were both dying rapidly under the load. It took a fair while to find where it was coming from I can tell you.

As I say, look very closely at the headers to see where the source is as it may or may not be you.
 
Be very careful with some of the so called spy/malware detection and repair programs - they are bigger trouble than the virus .
Truth is some nasty software embeds itself so deep that it can be impossible to remove it properly - I can only recommend the use of Ghost to make a drive image that can be restored in a few minutes .
 
with regard to Future protecting your PC....

Norton Internet Security is good (it does what is says on the tin), BUT it will slow down your PC by a noticable amount, unless you have a newish machine with oddles of RAM.

I personally tend to use Symantec Anti-Virus, and Webroot Spysweeper to cover personal PC's, as this combination does not seen too heavy on performance.
 
jaymanek said:
Think you have almost hit the nail on the head..

All the emails seem to be sent from [email protected]/// e.g one of them was [email protected] any clues?

p.s. im not good enough to be messing with my registry..
Click to expand...

I can send you an email that looks like it is coming from you - the knack is to open the email (carefully) and view the source - you will see where it really came from, "the hello" .

It's just a way of sending spam rubbish that looks like it comes from a domain that isn't on the blacklist - don't touch your registry, the answer is certainly not there.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)

Similar threads

M
You've got to laugh
Replies
8
Views
1K
ChrisEdu
ChrisEdu
Gollom
Passport rules: 'Escorted through the airport like a criminal'
Replies
10
Views
417
TC350
TC350
S
New Mercedes
Replies
2
Views
663
WOODYTHEWISE
WOODYTHEWISE
P
Is it my key?
Replies
10
Views
662
OneForTheRoad
OneForTheRoad
ChrisHGTV
New purchase and falling down a wormhole!
Replies
6
Views
1K
Curve
Curve
Back
Top Bottom