Anyone else having problems with viral e-mails?

Money_Grabber13579

I've recently got an e-mail about fastnewbuy, which as soon as I got it, sent itself on to everyone in my address book. My laptop was getting a service and was turned off at the time I got it, so how did they manage to send it on to everyone? I can't see how a virus would do this, so am I secure?

Browntoa

to check :-

Please download Malwarebytes Anti-Malware and save it to your desktop.

• Make sure you are connected to the Internet.
• Double-click on mbam-setup.exe to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
• On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box and continue with the removal process.
• Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked, and click Remove Selected.
• When removal is completed, a log report will open in Notepad.
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.

Money_Grabber13579

Yeah, I've done that the the only things it found were adware. These were the filehippo update scanner setup and uninstall files. Is filehippo really adware, or is it a false positive? Anyway, I assume that's nothing to do with the e-mail problem though, is it?

bonzer

Money_Grabber13579 wrote: »

My laptop was getting a service and was turned off at the time I got it, so how did they manage to send it on to everyone? I can't see how a virus would do this, so am I secure?

Are you certain it was you who originally got the virus? Could have been someone else that had your address in their address book and the virus sent the e-mails from their computer but with your address on them. You can send an e-mail from any computer with any "From" address.

Getting a service? Do you mean it was in a shop for repair somewhere at the time? In which case it would have almost certainly have been switched on at some point. Another alternative is possibly the engineer in the shop opened your email program and it automatically downloaded your latest messages.

Are you sure it didn't send it after you got your laptop back? Probably would have sent out all the viral spam messages within a couple of seconds of you downloading the mail with the virus.

As well as anti-virus advice, make sure you've got auto-updates on and regularly update your e-mail program to the latest version which will help prevent this kind of problem as this will help remove software bugs that viruses exploit. Obviously don't open attachments from people you don't know, even if they look innocent.

Money_Grabber13579

bonzer wrote: »

Are you certain it was you who originally got the virus? Could have been someone else that had your address in their address book and the virus sent the e-mails from their computer but with your address on them. You can send an e-mail from any computer with any "From" address.

Getting a service? Do you mean it was in a shop for repair somewhere at the time? In which case it would have almost certainly have been switched on at some point. Another alternative is possibly the engineer in the shop opened your email program and it automatically downloaded your latest messages.

Are you sure it didn't send it after you got your laptop back? Probably would have sent out all the viral spam messages within a couple of seconds of you downloading the mail with the virus.

As well as anti-virus advice, make sure you've got auto-updates on and regularly update your e-mail program to the latest version which will help prevent this kind of problem as this will help remove software bugs that viruses exploit. Obviously don't open attachments from people you don't know, even if they look innocent.

There was no attachment in the e-mail, only a link which I didn't click. I got the e-mail on the 28th August, and it is also in my sent box for the same date. I didn't get my laptop back until the 29th, upon which point I downloaded all the e-mails. None had been previously downloaded. So the e-mail is in both my inbox and sent box. The one in the sent box has the sent to details as everyone in my address book.

I changed the password on the account just in case.

Since my laptop was turned off at the time (It was serviced on the 24th August), would it be more likely that my e-mail account was hacked, instead of my computer? Or is it likely to be something else?

Browntoa

maybe spoofed from someone elses pc thats infected, just picked your email at random from the list ??

bonzer

What kind of e-mail account is it (e.g. Hotmail, Gmail? One that came with your internet provider?) and how do you access it? Do you only ever access it on the web or do you use an e-mail program like Outlook or Windows Mail?

Edit: I'm thinking now maybe your e-mail account has been hijacked. I've found a few reports of it on the web, particularly related to Hotmail with similar circumstances to what you describe:

http://windowslivehelp.com/community/p/84137/332358.aspx

Money_Grabber13579

Browntoa wrote: »

maybe spoofed from someone elses pc thats infected, just picked your email at random from the list ??

Now that you mention it, maybe the e-mail that I got was the one that was in my sent box, because it also had my address in the address line.

Money_Grabber13579

bonzer wrote: »

What kind of e-mail account is it (e.g. Hotmail, Gmail? One that came with your internet provider?) and how do you access it? Do you only ever access it on the web or do you use an e-mail program like Outlook or Windows Mail?

Edit: I'm thinking now maybe your e-mail account has been hijacked. I've found a few reports of it on the web, particularly related to Hotmail with similar circumstances to what you describe:

http://windowslivehelp.com/community/p/84137/332358.aspx

The link that you've provided is the exact same e-mail that was sent from mine. (about fastnewbuy) It says I might have a worm. Is the adware of filehippo anything to do with this?

bonzer

The thing which says it's probably not From address spoofing is that the message exists in your outbox, which is difficult to explain if spoofing is the cause.

I am assuming you are using web mail.

I've been doing a bit of Googling. I can't find an exact explanation anyone has come up with. However there are explanations that don't involve your computer being infected with anything such as having a weak password on your email account or a technique called click jacking:

http://en.wikipedia.org/wiki/Clickjacking

If you've run a couple of virus scanners and found nothing I'd probably assume it has been caused by something else. If you were not using the Internet on the day the message was sent, then possibly it's a weak e-mail account password that was the cause.

Money_Grabber13579

I actually use windows live mail. But From what everyone has said, I'm now starting to assume that my password was hacked (which was strong on the scale but hadn't been changed for a while) and that someone sent an e-mail from my account.

Would changing my password be enough, along with 4 virus scans that I'm doing?! And is filehippo really dangerous like Malwarebytes says it is? I've used it for a long while now!