Email spamming virus

30 Aug 2006
It seems my computer contracted a nasty virus. I saw that avast! was scanning a lot of emails although i was sending none. I took a look at what it was scanning and found that the titles of the emails it was scanning were all like the spam you get into hotmail - These were 'outgoing' emails.

I decided to reinstall xp and the problem has gone.

Anyone seen this kind of virus? This is the first time i have had a virus in all the years i have been on the net, makes me think twice about having Avast! and Zone alarm as the only guards against this type of thing.
Your computer may have been infected by a virus or a trojan, or it could have been directly hacked, the payload was a program making your computer join a botnet. The owner of the botnet can then upload any program they want, generally these botnets are used to either search out unprotected computers, and thus infect and increase the size/power of the botnet, or deliver spam emails.

There's a lot of money to be made by spamming and botnets are one of the most efficient ways.

A stronger firewall may have shown up the issue sooner, as it should have blocked the botnet from making the outgoing connection to the internet, so it would never have been able to receive the commands to start mailing etc.

If your windows firewall is enabled, it should have popped up a warning that a new program was trying to access the internet, but if you clicked unblock then you have completed the chain, and the botnet is installed. If you rely on a routers firewall, virtually all routers default to allowing all outbound connections, so offer virtually zero protection from botnets.

Like the windows firewall, Zonealarm blocks outgoing connections by default, but its very easy to allow 'human' error to disable your firewall. Just 1 click 'Allow Program' and your on the botnet. Once thats done, the hacker can change your software firewall settings, allowing whatever he or she wishes, without any further popups.
Now ive read what you said - I DO remember clicking on a something that asked to let explorer access the internet, which i thought was weird as i had not updated anything and nothing had changed.

I just started to ebay so i have been looking at sites that i wouldnt have normally gone to.

Thanks for that info. Seems to be ok now i did a reformat.
Top Bottom