Virus 85


A computer virus is sending out emails from me – don’t open if you get one.
I am puzzled how this happened, as I have not received or opened any suspicious emails today or visited any dubious websites. I have Norton on fully and it automatically both updated and scanned last night. As soon as I started getting back a rash of auto-replies, I started scan again and it has immediately detecting and started eliminating threats.
I am not the most technology savvy of people – does anyone know how this can happen without an apparent triggering event such as opening an infected email?


Allowed HTML - you can use: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

85 thoughts on “Virus

1 2 3
  • Lumpy Gravy

    > I am puzzled how this happened …

    … I’m not. The elephant in the room is of course MS Windows. As a proprietary, closed and partially undocumented OS, Windows is and always will be inherently unsafe. If you look around on the web pages of “Black Viper” or “The elder Geek” you’ll find that even competent people are racking their brains trying to figure out which Windows services do what, which Windows services establish network connections without asking and without giving any indication, which Windows services can be turned off and which can’t, etc. etc. Microsoft as well as Apple keep users deliberately in the dark about such matters because secretiveness is part of their business model. It is beyond me, why people are still using closed and inherently insecure operating systems like these. Standard GNU/Linux distributions have no dark corners because they are free, open and fully documented.

    Maybe there’s someone in your family or among your friends who can help you to get rid of MS Windows and install Linux Mint, Debian, Ubuntu or one of the many other GNU/Linux distributions on your computer? This is child’s play, really.

  • Sabrina

    Hi, this problems are very rare and happening to most of the people who are not much aware of systems and technology, i would say just change your password, this would help you, after that run a full scan with the security software you use for your system , if that don’t help then you can try Comodo Internet Security which is very powerful in detecting and protecting your PC from any kinds of malware internet attacks!
    Hope this helps you!

  • Defenestrator

    First step in securing your system is to backup your data and replace Windows with Linux. That is the only way to keep the infections from coming back. Otherwise, you’ll keep getting hit by each small variant and permutation of the same Windows Viruses and Worms. It hurts some people to hear that, but that’s how it is and has been for years and years.

    Debian is the best choice, but if you need hand-holding and extra polish on the installer, go with Linux Mint. If nothing else, at least give the Live CD a try. Linux passed Windows a long time ago in ease of use and has always been ahead in choice of applications and functionality.

  • Sam

    If you are on Windows these are common vectors:

    * Old version of Adobe Flash Player (http://www.adobe.com/software/flash/about/)
    * Old version of Adobe Reader (help – check for updated. Rinse. Repeat)
    * Old version of Java (goto oracle’s java site)
    * Old version of Internet Explorer – there is currently a zero day on IE8
    * Use Chrome etc instead.

    You can get infected by a drive-by download – from an infected advert

  • lwtc247

    Groan. Tony,
    sorry, but please, I don’t want to age any faster than I have to.

  • nevermind

    Without grudge and tip toeing, I agree with Defenestrator, linux is just so much better evolved. I’m still running on a Ubuntu 10.4, but 12.4 is coming along an d getting better, evolving.

    Windows OS are thrown at us half finished, with patches and updates required all the time, each and everyone offering an entry passway for a virus or other.

    Debian is the top system, according to many and I’m sure Clark, once he gets to read this will agree. Contemplate a wholesale move over to a linux based system.
    If I can work with it, so can you. Ask Clark.

  • Jesuit Atheist

    Everyone can protect themselves from viruses and malicious attacks but someone with a high public profile who may, say for example, attract the attention of the security services will have their online activity intercepted and monitored on a daily basis as a matter of routine and, if done correctly, will be none the wiser. It’s just a fact of life in this age of quasi-governmental companies like Google data farming the entire online population and selling the information to intelligence service around the world.

  • Breeks

    It’s happened to me. It is often a trojan type infection which hasn’t actually breached your security passwords and formally hijacked your account, but it resides on your pc and sends out emails when you’re on line.

    A second factor is your anti-virus protection. Often a virus or trojan can get around one layer of anti-virus protection, so it’s often a good idea to double up and have two.

    I’d recommend you download some new software; Malwarebytes was recommended to me, and Trojankiller too. I installed both and the problem stopped immediately.

    I’m not an expert, but as i say, it happened to my Hotmail account and I got good advice to correct it. It doesn’t matter about your AV cover, the ‘best’ is only the best until someone get’s around it. At the moment, I was told Malwarebytes is very well thought of.

    Couple of downloads and a couple of scans, and you’ll be good to go.

  • Jesuit Atheist

    Also, this talk about Linux and Mac being more secure is irrelevant. The more aware the user is the more secure they are. Has anyone seen the amount of security updates sent out for a standard Linux distro? The difference between Windoze and Linux is that Linux gets the Security Patches out in a matter of days whereas MS take months unless it is very critical.

    BTW Chrome is a disaster for personal privacy, instead use the opensource ‘Chromium’ which has had the Google spyware removed.

  • Breeks

    Oh, and just to add, I emailed all in my address book just to alert them and warn them my email had been attacked, – it gives them a ‘Don’t read me’ dilemma, but most people twigged there was something weird about the bogus emails anyway. I also told them the steps I’d taken to purge my PC, and asked to be warned if they received any more dodgy emails from me. Thankfully nobody did.

    http://www.malwarebytes.org/

    http://trojan-killer.net/

    Spybot was also recommended to me, but it took me a couple of downloads to find the correct source which wasn’t filtered through adverts and guff, which put me off it a little, but got there in the end and the true Spybot Search and Destroy is good too. And free for full version.

    Both Malwarebytes and Trojankiller have free trial versions which worked, but I registered them when the trial expired.

  • Michael Stephenson

    “Also, this talk about Linux and Mac being more secure is irrelevant. The more aware the user is the more secure they are. Has anyone seen the amount of security updates sent out for a standard Linux distro? The difference between Windoze and Linux is that Linux gets the Security Patches out in a matter of days whereas MS take months unless it is very critical.

    BTW Chrome is a disaster for personal privacy, instead use the opensource ‘Chromium’ which has had the Google spyware removed.”

    Using Linux is irrelevant apart from it is relevant, also use a browser that has no compiled binaries available for Windows or OSX… right OK.

  • April Showers

    O/T Thought that this would be of interest to Craig. The offshore oil boom in Ghana which doesn’t seem to have benefitted the local people directly so far. They appear to be very much disaffected. Sinopec seem be painted as the baddies for not using local labour.

    Boom time? Back to Takoradi, Ghana’s oil city
    http://www.bbc.co.uk/news/world-africa-22366150

  • Komodo

    Debian is the top system, according to many and I’m sure Clark, once he gets to read this will agree. Contemplate a wholesale move over to a linux based system.
    If I can work with it, so can you. Ask Clark.
    (Nevermind)

    Komodo approved this message…using Ubuntu 10.10 and have been since it came out. (Ubuntu = Debian variant, uses same repositories). Unfortunately I now have to use Windoze 7 at work, with pain-in-the-arse, ugly, counterintuitive Office 2010*. XP was much better, and I’m afraid it’s going to be downhill all the way for ‘Doze. But I digress, sorry.

    * and in particular, the Tellytubbies-oriented-everythings-in-pictures-but-nothing’s-in-its-logical-place-and-there’s-no-bloody-menus-to-give-you-a-clue-and help-is-several-clicks-away-on-an-external-site-ffs…Excel. Cure: Open Office.

  • Pete

    I agree with everyone who recomends you switch to Linux, having said that, there is a bit of a learning curve getting used to a new operating system though, if you know someone who can show you how it works and can help you through that initial learning phase you will not want to use anything else.
    Probably most, if not all of the programs you use now on Windows have an equivilent that is available for free on Linux. Also, even the programs you might want to buy seem to be rediculously cheap.
    “Libre Office” comes with a number of the Linux packages, its a free sophisticated word processor, spreadsheet package and power point style display system.
    On Linux I have yet to find a file that the system cannot deal with, it is also possible to set up the system to ”Duel Boot” so that Linux and Windows can co-exist on the same hard drive and you can choose which one you wish to use at start up, depending on your requirements….
    Best Wishes

  • lwtc247

    Komodo. Do you know if Open office have VBA capability? and is it Excel compatible?
    I’m thinking: dynamic data I/O using the serial/USB port, microcontroller and a spreadsheet.

  • Komodo

    Lwtc -I think the Windows version of OO does have VB capability, though the Linux version doesn’t.. And VB has, I think been ported to ‘nix platforms – look around. However, for a similar application to yours, I have an old box running XP with Office 97…lol…and Termite (freeware) terminal emulator for Windows is a handy download, too.

    In Linux, you’d probably find it easier and more robust to write a C++ program for your specific application. C++, Python, and other languages are well supported by Debian, and most Linuxes have a C compiler somewhere in the system. Or, as Unix/Linux was designed for this sort of thing, you might try using its own abilities to do the job. It would involve opening a terminal and doing a lot of typing, though…

  • strangetown

    @ Rich Horn OS X (the Mac operating system) has free BSD under the bonnet not Linux, but what they both have in common is that they are Unix variants and a great deal more secure than Windows.

    /pedant

    nothing to add to the good advice… 🙂

  • Anon

    Craig,

    What’s the virus/malware Norton is finding?

    Do you use Yahoo email as others have wondered?

    Are Flash and Java up to date (see links)?

    http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html

    https://www.java.com/en/download/installed.jsp?detect=jre

    Make sure both Flash and Java (if installed) are at latest version. Check Adobe Reader as well.

    If using Internet Explorer make sure on IE8 if ox XP. Or use Firefox.

    Make sure PC is set for auto Microsoft critical updates.

    Problems due to Flash, Java, old Internet Explorer and or un-patched XP and Yahoo email hacks are all too common at the moment.

    Also Yahoo admitted to losing some encrypted passwords last year and they seem to have ongoing problems with an attack or two so if you have Yahoo email make the password as complex as possible as you can’t have faith in Yahoo not “losing” the encrypted version.

    Bottom line is Yahoo has major problems (Google: Yahoo email hack). If you are not with Yahoo then that’s not the problem but even if you are you need to get the machine checked out.

  • Anon

    Jon,

    Just a minor correction. WIndows XP is still getting security updates and will do until April 8th 2014. The current Zero Day Vulnerability mentioned upthread in IE8 is addressed at http://support.microsoft.com/kb/2847140 – A full patch they say will come later but you should be able to apply the temp fix from that link.

  • crab

    LibreOffice is major fork of OpenOffice, which improves upon it by implementing fixes and improvements which the OO management neglected for little reason. Its a bit smaller, more portable, better looking, etc.

    Hitman Pro is one of the best “second opinion” rootkit and virus scanners and is very easy and quick to run with no registration necessary.

  • doug scorgie

    Craig, 55 posts giving advice from self-ordained “computer experts” but your virus problem has yet to be solved?

    Surely you have friends with connections to real experts that can sort out your computer virus.

    What is going on?

  • Clark

    Craig, let me guess; it’s your btinternet account, right? What you describe above has been happening to loads of people with BT and Yahoo! e-mail accounts, and people with accounts with other companies associated with AT&T. I reckon AT&T and/or Yahoo! got cracked, and probably tens of thousands of their customers’ e-mail accounts are occasionally being abused for sending these spam e-mails.

    The spams I’ve seen don’t do anything particularly bad; they are blank except for a link to a commercial website; most of the ones I saw linked to a US site called “Make Money at Home” or some such.

    You should probably change your e-mail password, but these spammers seem to have ranged freely within Yahoo!’s servers for several weeks now; if your e-mail provider is unable or unwilling to secure their system, your own password makes little difference, really.

    Craig, has Norton actually detected a virus on your machine? These Yahoo! spam e-mails are coming from Yahoo!’s system; the customer’s system does NOT need to be “infected” in order for these spams to be sent.

  • Sophie Habbercake

    Uncle Craig, you old Neanderthal! Just use Linux.

    Get some tech savy kid to show you how to partition you hard drive. Set aside a day, feed and water him/her and I guarantee you will get the bones of it inside 6hrs(generous), more likely 4. This will save you the weeks/months of life you will otherwise throw away on future Windows problems.

    Partition 1. Debian (minimalist and very functional) or Ubuntu Linux. Both free open source.
    Use this for everyday safe internet connections. For word-processing, music, photos and just about everything else there is good free open source software.

    Once installed this will be trouble-free.

    http://www.debian.org/

    Partition 2. Windows.
    Use this only when you have to. For example your printer may be hard to work with Linux. The contrast will have you wondering why you ever used it. Like the difference between driving an old 1960s Cadillac and a modern Porsche.

    You can use Clonezilla to copy an image of your new clean Operating System plus all the programmes you use and save it on your Data Drive. Then whenever it acts strange you can reboot with the Clonezilla disk and restore to your clean new OS and programmes in about 15 minutes. Magic!

    http://clonezilla.org/

    Partition 3. Data.
    Keep all your data on here, safe in the event of problem either operating system.

    Keep physical copy of most important data on disc, stick ot external HD, but be sure to keepit someplace else.

    You might also want to keep important data on Encrypted cloud storage. Take a look at SpiderOak. Data you keep here can be shared and synchronized with any computer you want to use, whether it uses Linux, Mac, or Windows. Free data storage up to 2GB then good rates for extra. You can share any data with whoever you please.

    Because all data is evcrypted your end even Spider\oak don’t know what it is. But don’t lose you password because they can’t decrypt that either!

    Good luck. And thanks for the best of blogs. You may be a fossil, but just the most inspiringest kind!

  • me in us

    @Sophie Habbercake — Except it happened to me too recently, twice, and I was using Linux to go online. E-mail account was Yahoo. I’ve changed my password and it hasn’t happened since. Still, what Clark said above is depressing, about it coming from Yahoo servers and they’ve got the password so it doesn’t matter what I do. Also, @Breeks, one of the times it spammed I wasn’t home, wasn’t on line. So that matches what Clark said. Miserable.

  • April Showers

    Sophie However did your silly daddy produce such a clever girl like you? I am in awe of you and full of admiration.

    Clark Good to hear from you. Glad you are OK. I had the BT Yahoo special treatment and all my e-mail contacts (in batches) got the spam messages. Some of them thought they were actually from me! To make matters worse, BT or Yahoo did not help and even disabled the password to my e-mail account as it had been ‘compromised’ (in their words) without even telling me. I was unable to get into my account or to change the password without a long and thankfully free 0800 call to the BT call centre in India where the staff are extremely patient and helpful. It must be a horrendous job and I bet they are paid peanuts.

    Thanks for assisting Nevermind in his council candidacy. I hope that his disappointment has been short lived and that he is looking forward to new ventures. I thought of him recently when I heard that there is a plan to transport the waste from six London boroughs to an incinerator in Bristol. Apart from the pollution from the incineration, think of the fossil fuel that will be consumed for the transport along the M4. What a world!

    Welcome back to the world for that brave girl Reshma rescued from the collapsed clothing factory after 17 days. 1,000 of her work colleagues have died. ‘May Allah have mercy on them’.

    Bangladesh survivor Reshma Begum: I never dreamed I’d see daylight again
    Rescue workers had given up hope of finding anyone else alive in the rubble of the Rana Plaza. Then they heard a faint tapping
    http://www.guardian.co.uk/world/2013/may/10/bangladesh-survivor-reshma-begum

  • April Showers

    [..]Windows 8, the new operating system introduced late last year to correct this state of affairs, looks like being a spectacular example of matching the wrong interface to the wrong screen. It is not too late to reverse course – though less easy to see how Microsoft can overcome the bigger strategic problem that Windows 8 was meant to solve.

    The company’s latest PC operating system was designed with tablets and other touchscreen gadgets in mind. This is a market in which it has been completely outflanked by Apple and Google, so using the ubiquitous Windows to fight back was an obvious move. And once people start to use the new system on tablets, so the Microsoft thinking goes, they are more likely to use the version of Windows designed for smartphones.

    There is just one small problem: the software is not so intuitive to use for people on traditional PCs. Sales of new machines have fallen hard since the latest operating system was launched, and anyone using the software with a keyboard and mouse has faced a steep learning curve, the company now admits. That is unfortunate, given that this encompasses the vast majority of Windows 8 users. Changes to the interface are now in the works.

    It is tempting to write Microsoft’s slip off as the last hurrah of a struggling former monopolist. But the blunder was not an isolated case of tech hubris. Far from it: most of the big names in consumer technology have shown a similar tendency. If they have been blind to the needs of their customers, it has often been because they choose to see the world in a way that reflects their own corporate biases.'[..]

    Microsoft’s broken Windows is lesson for Apple
    By Richard Waters
    Tech hubris comes from superinposing the new on top of the old http://www.ft.com/cms/s/0/5711eb04-b89c-11e2-869f-00144feabdc0.html#axzz2SxqBQpUD

  • Clark

    April Showers, 9 May, 6:30 pm; thanks for the links:

    “… the criminal sent an email containing a single web address to a handful of the victim’s contacts – seemingly chosen at random from emails they have sent or received.

    The links appear to lead to a legitimate website, but in fact, those legitimate websites have themselves been hacked. The spam link leads to a hidden page on the legitimate website, which immediately redirects to the hacker’s website – a get-rich-quick scheme which promises thousands of dollars of income before asking for a credit card payment.”

    Yes, this matches my own observations. I didn’t mention the redirect in order to keep my comment brief, and I wouldn’t have noticed any “trojan” as it is probably implemented through JavaScript and targeted at Windows, whereas I was using a GNU/Linux Knoppix system protected with a JavaScript blocker.

    Regarding computer security in general, the increasing popularity of smartphones is changing the way malware is targeted. More and more malware is being designed to exploit JavaScript, the Adobe Flash Player, Java, web browsers, etc; all application level software, rather than trying to exploit the underlying operating system.

    Currently, the best defence is to install a selective JavaScript blocker (such as the NoScript extension for Firefox), and learn how to use it. Sorry, this is a hassle, I know, but the best security comes from good understanding by the users. It’s much like the real world – it’s all very well paying for expensive locks and window catches, but you still have to know how and when to use them, and it’s no good handing out copies of the keys to everyone who claims to be trustworthy. You’re better off with basic locks and a decent understanding of when and why you should lock them.

1 2 3

Comments are closed.