Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mass Emailing (virus?) Using Outlook


  • Please log in to reply
8 replies to this topic

#1 stevealmighty

stevealmighty

    Bleepin' WormBreath


  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:02:50 PM

Posted 09 March 2006 - 09:32 AM

I just got a call, and will be working on this problem later tonight...just figured I'd try to get a heads up with this one, hoping that if I post about it in advance, someone will recognize the problem from their past experiences and offer some (extremely) helpfull advice!

I got a call from a friend last night and she said that all of a sudden, she gets pop ups saying "symantec email proxy", and it seemed as if all the computer was doing was sending emails, and wouldn't let her do anything else. Bear in mind that all this was over the phone, so I haven't seen the actual error, but she said that "symantec email proxy" was exactly what it said. I talked her through some stuff and she said that it doesn't seem to have anything at all in the programs under "symantec client security" (which is a version of nortons anti virus), or anything under "Nortons". Not even a partial match.

Has anyone ever heard of anything like this before? Any advice on how to approach this one?

Thanks in advance for all your help!!!!! :thumbsup: :flowers:
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

BC AdBot (Login to Remove)

 


#2 River_Rat

River_Rat

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:02:50 PM

Posted 09 March 2006 - 12:47 PM

From this explanation it sounds as if she has been attacked. I will post the cleaning proceeders to possiblly get this under control. After running these cleaning programs & rebooting several times I would also recommend posting a HJT Log in the HJT Forum to have someone take a look and make sure everything is clean and not reinstalling upon reboot.

See this article:
Taking out the trash

See this article:
The Parasite Fight


Have you tried a complete cleaning to see if that helps?

Show all Files & Folders
http://www.bleepingcomputer.com/forums/ind...showtutorial=62

Run these free tools.

McAfee AVERT Stinger
http://vil.nai.com/vil/stinger/

Trendmicro (free virus scan only)
http://housecall.trendmicro.com/

Ewido (free Trojan Scan)
http://www.ewido.net/en/download/

Adware SE (update after installing)
http://www.lavasoftusa.com/software/adaware/

Spybot S&D (update after installing)
http://www.download.com/Spybot-Search-Dest...4-10122137.html


After doing this and the problems are not better feel free to post a HJT log.
Be sure to read the How to submit a HJT Log and submit it to the appropriate forum. HJT Forum links provided below.

How to submit a Hijackthis Log
http://www.bleepingcomputer.com/forums/How...s_Log-t956.html

HJT Forum
http://www.bleepingcomputer.com/forums/Hij...alysis-f22.html

#3 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:02:50 PM

Posted 09 March 2006 - 01:13 PM

Thanks for the help River_Rat, and BTW, those articles are jampacked with great (and helpful!) info....i'll end up printing them out when I get home!

I've yet to actually look at the computer, so I haven't cleaned it or done anything at all yet. I was just hoping that someone would say "Oh, ya, that happened to me a few months ago. Just click this and delete that and do this and this and it's fixed." LOL! I posted it because I've never run into a mass emailing program/virus before, so I was unsure of how to approach it!

Thanks!






















Man, I love this site!
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

#4 River_Rat

River_Rat

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:02:50 PM

Posted 09 March 2006 - 04:23 PM

Sounds great Steve let us know how things are progressing.

Man, I love this site!

Grinler puts a lot of work into this place and is packed with all kinds of information.
One can read for weeks and still not see it all.. :thumbsup:

Check all these too:
http://www.bleepingcomputer.com/tutorials/
http://www.bleepingcomputer.com/resources/
http://www.bleepingcomputer.com/glossary/

#5 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:02:50 PM

Posted 10 March 2006 - 07:26 AM

I've put a post in the HJT area. I'll have to go from there, because when I got there last night, OMG it was bad.....kinda. I didn't see ANYTHING to do with mass mailing of anything at all! I did notice that their symantec antivirus was uninstalled......weird thing is that it's removed from their computer completely, with the exception being the symantec live update. I know that when you uninstall symantec manually, it automatically removes the live update part of the program...but it was still there, and I couldn't find the folders for the symantec AV anywheres, only folders for the live update.

Despite the fact that there was no longer any AV on the comp, I couldn't get to the internet, and there were pop ups....blank because they couldn't get to the internet either (ha ha!). I had run a bunch of those programs that you recommended, and when I left I was able to get to the internet with only 1 or 2 pop ups....pretty good progress if I don't say so myself!

Well, I'll have to wait and see what comes out of that post in the HJT area.

Thanks for the help River_Rat! I appreciate it!
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image

#6 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:02:50 PM

Posted 10 March 2006 - 08:43 AM

By all means equip that computer with a resident anti-virus and a firewall as soon as possible. This will prevent any further infestation, and prevent any malware from contacting the web.
Regards,
John

Edited by jgweed, 10 March 2006 - 08:44 AM.

Whereof one cannot speak, thereof one should be silent.

#7 River_Rat

River_Rat

  • Members
  • 773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Oklahoma - USA
  • Local time:02:50 PM

Posted 10 March 2006 - 09:14 AM

You're Welcome Steve, sounds as if you are on the right track.

I personally am not a big fan of Norton or McAfee (resource hogs) JMO, there are several free Antivirus & Firewall programs that in my opinion work just as good as long as you practice Safe Hex... :thumbsup:

Safe Hex - Safe Computing Tips
http://www.claymania.com/safe-hex.html

#8 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:01:50 PM

Posted 10 March 2006 - 09:26 AM

Have you tried to access the internet thru Safe Mode with Networking? You could download your security software and the boot to windows for the install.

Good luck.
"2007 & 2008 Windows Shell/User Award"

#9 stevealmighty

stevealmighty

    Bleepin' WormBreath

  • Topic Starter

  • Members
  • 2,629 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY
  • Local time:02:50 PM

Posted 10 March 2006 - 10:56 AM

Their computer is running....just not as well as it should. I think that I'm going to switch them over to free AV as suggested. As far as resources, all they do on that computer is print checks (they own a business) and browse the internet. No gaming, photoshoping or anything of that sort that requires a lot from the cpu.

I ran it in safe mode to do the adaware and ewido scans. I tried to walk her through it on the phone, but she's computer illiterate :thumbsup: LOL!
War produces veterans, wounded both physically and mentally. They have sacrificed for us.....and it is now our job to help these veterans, as they have already helped us in ways we will never know, in ways that we cannot fathom, and in ways that we take granted every day.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users