Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Co-workers machine appears to be infected


  • Please log in to reply
1 reply to this topic

#1 supt

supt

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 15 July 2010 - 09:36 AM

A co-worker brought to my attention that her machine seems to be infected with something bad. I guess the simplest way to put this is like this:
What her machine does; it appears she has become some sort of bot. The unit tries to email mulitiple messages out at once. She has Symantec Email Proxy installed (part of their A/V free?), and that is throwing multiple popups on her screen saying that "your email to someone@gmail.com cannot be sent because your ISP recognizes this as spam". It will put literally 100 or so of these on her screen. After maybe 10-20 minutes it will stop and she is able to use task manager to shut them all down. For the most part the unit will run but slowly. She cannot use the quick launch icons to access the internet or the start tab either. Only a shortcut on her desktop. Outlook has not updated for 2 days now either. When she opens Outlook, the "spamming" starts again for another 10 minutes or so and she is able to shut down the popups using task manager again.

What we have done so far; ran adaware; 15 trojans quarentined, spy-bot; another 10 or so trojans found and "removed". After several scans with each service they say "nothing found" but when she re-starts the episodes start up again. She is able to use the computer although much slower that normal after getting through the popups and shutting them down with task manager. I know there is much more to do to get this machine "clean" but don't know where to go next. I think I have covered it all. Any assistance is appreciated.

BC AdBot (Login to Remove)

 


#2 supt

supt
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:29 PM

Posted 16 July 2010 - 07:32 AM

Update; We can no longer access IE by any means. The "spamming" is continuing although it appears SEP is stopping the messages from going out. The machine has slowed to a crawl. Outlook does update but if we send a message out it takes 4-5 minutes to send even the smallest of emails, and when it goes into send/receive it also takes 4-5 minutes to complete. She can work in Word and Excel, too, but even the curser is slow. When she types the curser is 20+ spaces behind her strokes. Would appear that things are getting worse but what we're really worried about now is whether this thing can infect the network of 4 other computers tied to it.

additional update; now the computer is throwing "you've been infected by a virus" messages posted by what appears to be fake a/v security. What a bleeping mess!

Edited by supt, 16 July 2010 - 09:55 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users