Comments on: Weird e-mail “spam” problem

by: Kevin

Thu, 08 Sep 2005 16:18:17 +0000

go safe mode and start scanning i guess….

by: Administrator

Tue, 30 Aug 2005 13:26:02 +0000

She’s uncooperative, and I get more and more junk. LOADS of 411 letters, suddenly. Hadn’t gotten any of those for a long time. And many lists of various sorts, that bear an IP number from her ISP, and MY NAME!

And I think she deep down thinks it can’t be her.

She tried to run Spybot yesterday. It tried to update, then was sitting there for 20 minutes, doing who knows what, before she killed it.

I wish I’d known a geek in her neighborhood. Anyone in Arizona who’d be willing to help out an old granny? She’s feisty, but usually very sweet.

by: RichardP

Tue, 30 Aug 2005 10:23:05 +0000

Hmm, just a minute, I think I’ll have to reconsider. A worm like W32.Mytob isn’t sufficient to describe your symptoms - although I suppose it could be part of the problem. Any number of worms could have scraped your address from her address book and sent a forged e-mail containing your name as the “From” address to new potential victims, but that wouldn’t account for tafmaster.com appearing in the mail headers. Perhaps she was infected by a worm and it somehow sent a forged e-mail to the tafmaster.com “service” that it interpreted as you joining their list?

by: RichardP

Tue, 30 Aug 2005 10:07:39 +0000

From your description, if I had to guess, she likely has been infected with W32.mytob.HL or something similar.

by: Administrator

Mon, 29 Aug 2005 19:39:51 +0000

Thanks, I’ll let her know. But considering she’s struggling a bit, she’s totally lost right now. Hopefully that site tells it in baby steps enough for her.

by: Tuxedo Jack

Mon, 29 Aug 2005 18:15:14 +0000

I’d love to see a HijackThis log from that machine.

If you can guide her to tomcoyote.com/hjt and generate a log, we’ll see if there’s malware on it.