We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
help email account hacked
bella165
Posts: 13,127 Forumite
in Techie Stuff
can anyone help ive had my msn emaid account hacked in to and someone has been sending emails with a virus in to my contact list .it also got rid of all my addresses on the account.
that was over 2 weeks ago i have no contacts on my list now and i dont use the account either but i have to leave it live for the time being as i enter competitions,Well this morning there was a email fro m a (no longer good freind) who has recived this from meDear friend,
We are a large wholesale company on internet. All products are
original famous manufacturers with complete warranty. the
price we can offer you is lower than any other retail dealers on Ebay.
website:
ive left the address out as no doubt it has a virus attached. the question is how do i find out whos doing this?,who do i report it to? and whats the best spywear going at the moment????
i have looked and i have no back doors ect.
i would really need some advice to get to the root of the problem asap
thanks in advance Bella
that was over 2 weeks ago i have no contacts on my list now and i dont use the account either but i have to leave it live for the time being as i enter competitions,Well this morning there was a email fro m a (no longer good freind) who has recived this from meDear friend,
We are a large wholesale company on internet. All products are
original famous manufacturers with complete warranty. the
price we can offer you is lower than any other retail dealers on Ebay.
website:
ive left the address out as no doubt it has a virus attached. the question is how do i find out whos doing this?,who do i report it to? and whats the best spywear going at the moment????
i have looked and i have no back doors ect.
i would really need some advice to get to the root of the problem asap
thanks in advance Bella
Replies to posts are always welcome, if they are done in the correct manner. If I have made a mistake in the post, I am human, tell me nicely and it will be corrected. If your reply cannot be nice, has an underlying issue, or you believe that you are God, please post in another forum. Thank you
0
Comments
-
Sorry to hear you have had this problem bella.
I don't use MSN so maybe someone else can help with specifics. Have you been using a secure password numbers + letters? Have you got anti-virus software running on your computer?0 -
Go through the removing malware sticky in this forum. I doubt it has been hacked as such, you've probably just got some malware that's doing it.It's my problem, it's my problem
If I feel the need to hide
And it's my problem if I have no friends
And feel I want to die0 -
Go through the malware removal guide first: http://forums.moneysavingexpert.com/showthread.html?t=133269
Then after your pc is clean, change all your passwords to something that won't be guessed or are actual words etc."She is quite the oddball. Did you notice how she didn't even get excited when she saw this original ZX-81?"
Moss0 -
ok brilliant thanks ill try that first all my password are diffrent on any site i use and i aint told anyone them,Replies to posts are always welcome, if they are done in the correct manner. If I have made a mistake in the post, I am human, tell me nicely and it will be corrected. If your reply cannot be nice, has an underlying issue, or you believe that you are God, please post in another forum. Thank you0
-
done every thing as said but it aint found nowt.i ran the hijack this and got this ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:44:25 PM, on 5/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Morpheus\Morpheus.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\bella\LOCALS~1\Temp\Temporary Directory 1 for HijackThis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.co.uk/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://try.bigsnapsearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://uk.search.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - !!02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: MorpheusToolbar BHO - !!3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Morpheus Toolbar - !!3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-21-1060284298-746137067-1957994488-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1060284298-746137067-1957994488-1004\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1060284298-746137067-1957994488-1004 Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe (User '?')
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?38b4432f7bdb4452b8db708cf58fea06
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?38b4432f7bdb4452b8db708cf58fea06
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: PokerStars - !!3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Microgaming\Poker\bet365MPP\MPPoker.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Microgaming\Poker\ladbrokesMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: The Sun Poker - {F8FF4499-48D4-4be0-B476-A575794A3010} - C:\Microgaming\Poker\SunMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: !!30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: !!406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: !!4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
--
End of file - 7997 bytesReplies to posts are always welcome, if they are done in the correct manner. If I have made a mistake in the post, I am human, tell me nicely and it will be corrected. If your reply cannot be nice, has an underlying issue, or you believe that you are God, please post in another forum. Thank you0 -
Do you log into the site to get and send emails? If so, all I can think is someone has managed to workout your password. You could go here http://help.uk.msn.com/
to contact their Technical Support. Unless some of the more knowledgeable folks here can think of something.
Hope you get it sorted.0 -
O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe is a possible source of your problems, as it is a trojan. I would install this FREEWARE, which will get rid of it. http://www.comodo.com/boclean/boclean.html0
-
This has just happened to me too! I've just checked my e-mails and I have loads of returned ones - e-mails seem to have been sent to every address that I have ever e-mailed and every address that has e-mailed me. I'm with aol, but using their free e-mail account. The e-mail that had been sent says that it is from an electrical company in China . I am so annoyed - will this be passing viruses on to everyone??
0 -
this is the same thing that happened to meveggieburger wrote: »This has just happened to me too! I've just checked my e-mails and I have loads of returned ones - e-mails seem to have been sent to every address that I have ever e-mailed and every address that has e-mailed me. I'm with aol, but using their free e-mail account. The e-mail that had been sent says that it is from an electrical company in China . I am so annoyed - will this be passing viruses on to everyone??Replies to posts are always welcome, if they are done in the correct manner. If I have made a mistake in the post, I am human, tell me nicely and it will be corrected. If your reply cannot be nice, has an underlying issue, or you believe that you are God, please post in another forum. Thank you0 -
brilliant it worked it also found another 2 on there,thankyou everyone for your help :beer:O4 - HKLM\..\Run: [avp] C:\WINDOWS\avp.exe is a possible source of your problems, as it is a trojan. I would install this FREEWARE, which will get rid of it. http://www.comodo.com/boclean/boclean.htmlReplies to posts are always welcome, if they are done in the correct manner. If I have made a mistake in the post, I am human, tell me nicely and it will be corrected. If your reply cannot be nice, has an underlying issue, or you believe that you are God, please post in another forum. Thank you0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards