|
Dear Lockergnome, I wonder if someone would be able to help me with my very long winded question? I recently discovered that my mothers email was hacked and was sending spam emails containing viruses and tojans to people in her address book including herself. I thought that there was a potential keylogger/ RAT inside the computer. We have to computers in the house a Acer laptop (unknown model number) running windows 7 professional addition and a Acer desktop (x1920)runing windows 8 consumer preview, both of which have the latest version of Norton installed. I was unsure which computer had the potential RAT/keylogger as we access my mothers emails from both computers. So I ran a full norton system scan covering all my drives over both computers and to my supprise both computers had viruses and trojans but i did not know if it had any RATS or keyloggers. I then installed malwarebytes on both computers from the MalwareBytes website. I then a full system scan last night (Sunday 25th March 2012) covering all my drives. Also at the same time I ran another anti virus but I am unsure of its name (it may of been a virus itself but i do not think it was) but that crashed in the night (it was only running on the laptop no on the desktop and it has never been installed on the desktop). This morning (Monday 26th March 2012) I checked both computers and MalwareBytes and once again agreeing with Norton both computers have viruses but like I said i could not determing which ones they were. I tried to start a quarrentine on both computers but MalwareBytes slowed down my computer and did not allow me to do anything more, this meant that there was still a trojan on my computer. So I decided to run checks on both computers but once again there was a fault. On the laptop MalwareBytes was slowing down the laptop so much I was unable to load up MalwareBytes. I opened it up in windows 7 safe mode but I walked away and when I came back the computer had turned its self off. I have not yet had the chance to try it again. On my desktop when i logged in after about 3 minutes MalwareBytes logged in and told me that there was a potential virus trying to access my computer. When i clicked on one of the options it was giving me my computer froze and I had to crash my computer by holding down the power button. I tried this multiple times and the same thing happened. I then tried to ignore this message and once agian my computer froze and didn't allow me to do anything. I have recently found out how to access windows 8 safe mode so I am going to try that soon. I will update this post with the outcome. Something very strange seems to be happening to my computers. If anyone has a answer to my problem I will be very greatful. Regards Daniel Colthart |
|
MalwareBytes can be very touchy if there is a bad sector on the HD sound very much like what happened to me I ran a disk check on boot up and it found several bad sector it move info out of them ares and the computer ran better and MalwareBytes worked like it was supose to.. chances are the computers have n o problem but if you really expect a key logger why not down load (spybot S&D) its great and catching about any key logger trojan or spy... remember when you are trying to fix any virus torjan or such is to turn off any connection the computer has to the internet and network because as fast as you can clean it it will be reinfected in most cases if all else fails do a clean install of windows and chalk it all up- to learning and avoid the mail address where you think the mess started :) |
|
I assume that you changed the password to your mother's email account (from an uninfected PC)? In the long-term, it may be easiest to simply start a new email account & let that one go (after deleting her contacts list from it first)...She can use the same name but switch to a different free mail like gmail, hotmail, etc... You say that you ran an anti-virus- but aren't sure what it was or if it was even legit? It's not usually a good thing to install more than one anti-virus program. If you have a working Norton that is updated, that's enough. If you'd like to double-check the infection is clean- then try going to housecall.trendmicro.com (free, online scanner) and do a scan from there. They also have a lot of good, free malware tools for download. Generally speaking, I find that safe mode w/networking helps to get a scanner to complete & does the best job of cleaning. If you can, try to run msconfig & check the startup items- see if there's anything suspicious there that you can stop from running at a normal boot. You'll also want to shut down system restore & erase the likely-infected restore points until you get things clean again. BTW- if you can do a system clean-up/defrag, that also helps the scanners to run all the way through. Lastly, running the scan on the drives by hooking them to another Windows system, might allow it to complete, as well. HTH Thanks Geekomatic I have now changed the passwords and eeverything seems fine Regards Danil Colthart |
