Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected by spam bot?


  • Please log in to reply
18 replies to this topic

#1 colours

colours

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 05 June 2012 - 03:35 PM

I regularly post in a forum which is infected by a spam bot for a while now. I'm just worried that my computer may have been infected by the same spam bot because I post on that infected site. I have avast free antivirus and it does not detect anything. Malware bytes doesn't either. The scan logs are clear. But I'm pretty sure the site that I visit everyday is infected by a spam bot.
Is it possible to get my computer infected just by logging into a site that is infected?

Thank you in advance for any advice and help.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 05 June 2012 - 07:46 PM

That is possible if the site has say an infected script running. Your AV should catch it.
Do Not post your email address.

Install BrightFort's SpywareBlaster•This excellent program blocks installation of many known malicious ActiveX objects. Run the program, download the latest updates, "Enable All Protection" and you're done. Although it won't protect you from every form of spyware known to man, it is a very potent extra layer of protection.

•Don't forget to check for updates every week or so.

Are you receiving spam emails now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 06 June 2012 - 02:54 PM

Thank you for replying. I will download Spyware Blaster.

The site is a forum, infected by some spam bot. They do not post any kind of links, its just spammers posting some nonsense like "umm bumm bumm" and stuff like that.
The admin and moderators say that its some person creating multiple accounts and just spamming but most people are suspecting its an infection. There suddenly cannot be hundreds of spam accounts just posting some nonsense like that, and even though they are banned, new accounts are created almost immediately and there are numerous such accounts.
I have a feeling the people who own that site do not want to say its infected so that they don't scare their members away.

I log in to the site with a user id, I have a separate e mail for that forum, its not my regular email so I haven't checked that email for a while.

Do you think it may have infected my computer and then possibly infect my regular emails and other important stuff?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 06 June 2012 - 03:02 PM

Hello, I don't think you are infected.. we can run a thorough scan tho..
you don't see any sysmptoms of infrction ,do you?...slowness ,popups.redirecting of pages??

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 06 June 2012 - 04:16 PM

I downloaded the Spyware Blaster and at first I forgot about the "enable all protection" option, then I looked at the protection status and it showed that my browsers were not protected, so I enabled each browser Internet explorer and mozilla firefox and the restricted sites(don't know what that is). I noticed that when I enable there are a few check boxes and options below, as I don't what they were I didn't uncheck any, the default is that they get checked as soon as we enable, so I let the default setting. But my problem is even thought I enabled protection in the status bar it shows that "0 items have protection"
I found the enable all option and enabled it again but it still shows the same.

It shows like this:
Protection Status
Internet explorer protection 0 items protection
Same thing for mozilla and that restricte sites(i don't know what that is)
I'm confused.
As for the updates, I think I checked automatic updates.

I will do the Eset scan and get back. btw, if Eset scan requires Java I might not be able to do the scan, I remember last time I was here in the malware removal section they asked me to do an F secure scan because the other scan was not possible on my computer. I don't remember if the other scan was E set.

Edited by colours, 06 June 2012 - 04:18 PM.


#6 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 06 June 2012 - 05:49 PM

I did the ESET Scan, there were no threats found.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 06 June 2012 - 07:03 PM

Goes it say 0 items have protection disabled?

You have to click Manual updates ,unless you buy it.


Click Protection Status
last on bottom Click
Down;oad latest protection Updates

ACtually we have atute(easier than me typing)
http://www.bleepingcomputer.com/tutorials/use-spywareblaster-to-protect-your-computer/
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 07 June 2012 - 01:07 PM

I checked the tutorial, I have done the same thing. I have enabled internet explorer, restricted sites and mozilla firefox but the problem with that tutorial is that there is no screen shot after enabling them, and that is where I have a problem.

After enabling all these when I go back to the protection status window, I can see this: (I don't know how to take a screen shot so I will try to write down how I see it)

Spyware blaster protection status:
All protection is enabled and validated. Your computer is being protected


Protection

Status


Internet Explorer protection

0 items have protection

Restricted sites protection

0 items have protection

Mozilla firefox protection

0 items have protection



Why does it say 0 items have protection when I just enabled all of them. For example, when I enable Mozilla firefox, it automaticllay checks all the boxes below, so all of that is checked and all should be protected. Or am I doing it wrong? should I uncheck all? It says I can uncheck the boxes, but I think checking them is proper protection.

Edited by colours, 07 June 2012 - 01:21 PM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 07 June 2012 - 01:44 PM

Can you click on eack of these And see if it chnges to 0 items have protectionDisabled

0 items have protection
0 items have protection
0 items have protection
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 07 June 2012 - 03:42 PM

Can you click on eack of these And see if it chnges to 0 items have protectionDisabled


No. When I click on that it takes me back to the configuring protection. That is, the cookie protection and customizing block list.


When I posted here, I am pretty sure I had Mozilla firefox enabled, but when I went back to click on that now, I saw it showed Mozilla as partly enabled. I am very sure I did not change that, don't know how it happened. Anyways, I just clicked on "Enable All" and now it shows enabled.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 07 June 2012 - 08:51 PM

Sometimes things just glitch..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 10 June 2012 - 03:39 PM

Sometimes things just glitch..


Alright, but what about the 0 protection?
Also, do you think its safe for me to log in to that forum and continue posting as always, because the spamming is still going on on that forum.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:46 PM

Posted 10 June 2012 - 03:47 PM

Perhaps I misunderstood,i thought it straigtened out.

Uninstall it then reinstall ,Choosing manual updating,unless you are buying the app/

Looks like you are OK, to visit,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 10 June 2012 - 04:44 PM

Or maybe that is how it looks? It would be so annoying if it looks the same after I uninstall and install again.

If you know someone who has this program installed on their computer, you could ask them how the protection status screen looks after everything is enabled or even better ask those people who made that tutorial to include a screen shot of the screen after enabling everything. Whats the point in making a tutorial that is incomplete.


Since you say its OK to post in that forum, I might continue posting, I was posting anyways. But can you please tell me, what are those spam posts? There are no links or images in those posts, maybe something is hidden.I'm sure the forum is infected, if they are not infecting the computer of the people who post there, then what could be the purpose of the spam infection? I'm just curious. I'm glad my computer is ok but there must be something malicious with those posts, what could that be?

#15 colours

colours
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:05:46 PM

Posted 10 June 2012 - 06:41 PM

Another question:
I have noticed that when I go to a certain site I see an add(advertisement) that says
"you have (1) message. click here to open". I never click on those things, I always assumed its something malicious but never really tried to figure what it was. Now I just googled and found out that its a "google search spyware" called acefsynqe virus. I found out that if we click on the message this virus gets downloaded on our computer.

My question is: If I see that on a particular site/forum, does that mean that the site/forum is infected?
or does it simply mean that its not infecting the site, but its part of google advertisements on that particular site?(most sites allow adds on their sites)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users