HIJACKED

Moderator: MOD_nyhetsgrupper

Svar
Ralph Bailey

HIJACKED

Legg inn av Ralph Bailey » 23 des 2004 23:01:02

This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Have checked everything I can find on line about hijacking and have reported
same to the FCC. Many articles written explaining what it is, but only one
suggestion I could find as to what to do about it and it did not work.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the beginning
of the address book and would quit when the first address was invalid.

This did not work because the spammer had already captured my Email.

Some articles indicate the messages could be coming from another computer
where my address is in that computer's Address Book.

The messages do not show up in my Sent Messages folder.

Notified my ISP and they were not interested. Suggested a virus check.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

The only solution that comes to mind is to change my Email address, but I do
not want to do this if I can avoid it.

Keep expecting the F. B. I. to show up and arrest me as a child pornographer
and anticipate that eventually I may get kicked out of NG's, lists or boards
as a spammer.

Help !!!!!!!!!!!!

Ralph Bailey

Dave Hinz

Re: HIJACKED

Legg inn av Dave Hinz » 23 des 2004 23:05:59

On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey" <ralph-dianne@charter.net> wrote:
This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Every virus these days forges the from: header. The only thing you know for
sure, if messages look like they are from you, is that they are in fact
_not_ from you. Most likely an infected person's address book has you in it.

Have checked everything I can find on line about hijacking and have reported
same to the FCC. Many articles written explaining what it is, but only one
suggestion I could find as to what to do about it and it did not work.

Here's what I'd suggest. Download AdAware from http://www.lavasoftusa.com
and AVG antivirus from http://www.grisoft.com - install and run them
(AdAware first), clean up anything they suggest to. In years, I have
never been bit by either of these deleting something I needed, so I trust
both of them.

Go to windowsupdate.microsoft.com and make sure you're up to date there
as well. But, I don't think your system is the problem.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the beginning
of the address book and would quit when the first address was invalid.

That's an urban legend and never did have any effect other than to waste
the time of people and make them think they were doing something useful.
It's at least a benign example of bad advice, where the one that says
"go delete whatever.dll from your win32 directory" actively hosed systems.
I have a hard time understanding the motivation of some people to come
up with these hoaxes.

This did not work because the spammer had already captured my Email.

Chances that a spammer is using your system to send email is very low
indeed. Chances are high, however, that someone with you in their
address book has a virus, and that virus sends out spam with other
addresses in _their_ address book as the From: address.

Some articles indicate the messages could be coming from another computer
where my address is in that computer's Address Book.

There ya go.

The messages do not show up in my Sent Messages folder.

Not definative, but supporting the theory that you didn't send them. Good
sign.

Notified my ISP and they were not interested. Suggested a virus check.

Yeah, well... it's hard to keep good technical help at an ISPs help desk.
Thankless work, low pay, bad hours, and thankless work.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Sounds like you're clean.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

I saw an article today that the folks who brought us mozilla/firefox
have an email client to challenge Outlook, called Lightning. Haven't
tried it yet. If Firefox is any indication, it's worth a serious look.

The only solution that comes to mind is to change my Email address, but I do
not want to do this if I can avoid it.

That won't help - the new one will just be put into some other
virus-infested user's address book, and the cycle will repeat. Not worth
the inconvenience to you.

Keep expecting the F. B. I. to show up and arrest me as a child pornographer
and anticipate that eventually I may get kicked out of NG's, lists or boards
as a spammer.

Naah, the FBI knows how to read headers and will know it's not from you.
And any _decent_ sysadmin or moderator knows about from: headers being
forged, so you should be OK there as well.

No worries there.

Hang in there, Ralph.
Dave Hinz

Ralph Bailey

Re: HIJACKED

Legg inn av Ralph Bailey » 24 des 2004 03:11:01

----- Original Message -----
From: "Dave Hinz" <DaveHinz@spamcop.net>
To: <ALT-GENEALOGY-L@rootsweb.com>
Sent: Thursday, December 23, 2004 4:05 PM
Subject: Re: HIJACKED


On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey"
ralph-dianne@charter.net> wrote:
This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Every virus these days forges the from: header. The only thing you know
for
sure, if messages look like they are from you, is that they are in fact
_not_ from you. Most likely an infected person's address book has you in
it.

Have checked everything I can find on line about hijacking and have
reported
same to the FCC. Many articles written explaining what it is, but only
one
suggestion I could find as to what to do about it and it did not work.

Here's what I'd suggest. Download AdAware from http://www.lavasoftusa.com
and AVG antivirus from http://www.grisoft.com - install and run them
(AdAware first), clean up anything they suggest to. In years, I have
never been bit by either of these deleting something I needed, so I trust
both of them.

Go to windowsupdate.microsoft.com and make sure you're up to date there
as well. But, I don't think your system is the problem.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the
beginning
of the address book and would quit when the first address was invalid.

That's an urban legend and never did have any effect other than to waste
the time of people and make them think they were doing something useful.
It's at least a benign example of bad advice, where the one that says
"go delete whatever.dll from your win32 directory" actively hosed systems.
I have a hard time understanding the motivation of some people to come
up with these hoaxes.

This did not work because the spammer had already captured my Email.

Chances that a spammer is using your system to send email is very low
indeed. Chances are high, however, that someone with you in their
address book has a virus, and that virus sends out spam with other
addresses in _their_ address book as the From: address.

Some articles indicate the messages could be coming from another computer
where my address is in that computer's Address Book.

There ya go.

The messages do not show up in my Sent Messages folder.

Not definative, but supporting the theory that you didn't send them. Good
sign.

Notified my ISP and they were not interested. Suggested a virus check.

Yeah, well... it's hard to keep good technical help at an ISPs help desk.
Thankless work, low pay, bad hours, and thankless work.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Sounds like you're clean.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

I saw an article today that the folks who brought us mozilla/firefox
have an email client to challenge Outlook, called Lightning. Haven't
tried it yet. If Firefox is any indication, it's worth a serious look.

The only solution that comes to mind is to change my Email address, but I
do
not want to do this if I can avoid it.

That won't help - the new one will just be put into some other
virus-infested user's address book, and the cycle will repeat. Not worth
the inconvenience to you.

Keep expecting the F. B. I. to show up and arrest me as a child
pornographer
and anticipate that eventually I may get kicked out of NG's, lists or
boards
as a spammer.

Naah, the FBI knows how to read headers and will know it's not from you.
And any _decent_ sysadmin or moderator knows about from: headers being
forged, so you should be OK there as well.

No worries there.

Hang in there, Ralph.
Dave Hinz

Thanks, Dave, appreciate the response.

Since it appears I already did everything you suggest except use AVG
instead of Norton, do I just grin and bear it ?

Incidentally, since I sent the original message my computer locked up and I
had to unplug it and when I went back on line my newly installed Adware and
GodzillaFox had disappeared. Will reinstall.

Ralph

Alan Jones

Re: HIJACKED

Legg inn av Alan Jones » 24 des 2004 03:54:57

I agree with what Dave said. It does not sound like it is on your computer
at all.
But if faking messages to look like it came from you email.
You mentioned child pornography, do you mean it was sending porn pictures
or advertising some porn service? If so, I would think the FCC could track
it down and lock them up.

Tell you friends that bad emails that appear to be coming from you are not.

Alan


""Ralph Bailey"" <ralph-dianne@charter.net> wrote in message
news:000401c4e95c$b67c77d0$2302a8c0@S0029855668...
----- Original Message -----
From: "Dave Hinz" <DaveHinz@spamcop.net
To: <ALT-GENEALOGY-L@rootsweb.com
Sent: Thursday, December 23, 2004 4:05 PM
Subject: Re: HIJACKED


On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey"
ralph-dianne@charter.net> wrote:
This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Every virus these days forges the from: header. The only thing you know
for
sure, if messages look like they are from you, is that they are in fact
_not_ from you. Most likely an infected person's address book has you in
it.

Have checked everything I can find on line about hijacking and have
reported
same to the FCC. Many articles written explaining what it is, but only
one
suggestion I could find as to what to do about it and it did not work.

Here's what I'd suggest. Download AdAware from
http://www.lavasoftusa.com
and AVG antivirus from http://www.grisoft.com - install and run them
(AdAware first), clean up anything they suggest to. In years, I have
never been bit by either of these deleting something I needed, so I trust
both of them.

Go to windowsupdate.microsoft.com and make sure you're up to date there
as well. But, I don't think your system is the problem.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the
beginning
of the address book and would quit when the first address was invalid.

That's an urban legend and never did have any effect other than to waste
the time of people and make them think they were doing something useful.
It's at least a benign example of bad advice, where the one that says
"go delete whatever.dll from your win32 directory" actively hosed
systems.
I have a hard time understanding the motivation of some people to come
up with these hoaxes.

This did not work because the spammer had already captured my Email.

Chances that a spammer is using your system to send email is very low
indeed. Chances are high, however, that someone with you in their
address book has a virus, and that virus sends out spam with other
addresses in _their_ address book as the From: address.

Some articles indicate the messages could be coming from another
computer
where my address is in that computer's Address Book.

There ya go.

The messages do not show up in my Sent Messages folder.

Not definative, but supporting the theory that you didn't send them.
Good
sign.

Notified my ISP and they were not interested. Suggested a virus check.

Yeah, well... it's hard to keep good technical help at an ISPs help desk.
Thankless work, low pay, bad hours, and thankless work.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Sounds like you're clean.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

I saw an article today that the folks who brought us mozilla/firefox
have an email client to challenge Outlook, called Lightning. Haven't
tried it yet. If Firefox is any indication, it's worth a serious look.

The only solution that comes to mind is to change my Email address, but
I do
not want to do this if I can avoid it.

That won't help - the new one will just be put into some other
virus-infested user's address book, and the cycle will repeat. Not worth
the inconvenience to you.

Keep expecting the F. B. I. to show up and arrest me as a child
pornographer
and anticipate that eventually I may get kicked out of NG's, lists or
boards
as a spammer.

Naah, the FBI knows how to read headers and will know it's not from you.
And any _decent_ sysadmin or moderator knows about from: headers being
forged, so you should be OK there as well.

No worries there.

Hang in there, Ralph.
Dave Hinz

Thanks, Dave, appreciate the response.

Since it appears I already did everything you suggest except use AVG
instead of Norton, do I just grin and bear it ?

Incidentally, since I sent the original message my computer locked up and
I had to unplug it and when I went back on line my newly installed Adware
and GodzillaFox had disappeared. Will reinstall.

Ralph

George

Re: HIJACKED

Legg inn av George » 24 des 2004 05:17:22

ralph-dianne@charter.net ("Ralph Bailey") wrote in
news:000401c4e95c$b67c77d0$2302a8c0@S0029855668:

Since it appears I already did everything you suggest except use AVG
instead of Norton, do I just grin and bear it ?

Incidentally, since I sent the original message my computer locked up
and I had to unplug it and when I went back on line my newly installed
Adware and GodzillaFox had disappeared. Will reinstall.

Ralph, it sounds like you have more going on than originally thought. I
would suggest that you also open Internet Explorer and dump the cache and
dump the cookies. Then go to c:\windows\temp and dump everything in there.

Another really good program is Adware Spy (http://www.adwarespy.com). It's
payware, but after running Ad-Aware, AVG, and Spybot, Adware Spy found
***455*** more problems with my comp (mainly reg entries). Whew!

And do please consider using a different mail client. I've used Pegasus
for years (http://www.pmusa.com); the learning curve is low and fast, and most
spyware/viruses can't seem to figure it out.

Geo

Agnes L.

Re: HIJACKED

Legg inn av Agnes L. » 24 des 2004 07:21:32

Ralph, why don't you give a couple of the following online antivirus
scanners a try? Might help. And have you checked out any of the
computer newsgroups? alt. computer & 24hoursupport helpdesk
are excellent. They've resolved a lot of my computer problems.
Should you decide to post a question to either newsgroup, make
sure you munge your e-mail address. Aggie

http://housecall.trendmicro.com/houseca ... t_corp.asp
http://www.kaspersky.com/remoteviruschk.html
http://security.symantec.com/sscv6/default.asp
http://www.pandasoftware.com/activescan/activescan.asp
http://commandondemand.com/eval/index.cfm
http://www.bitdefender.com/scan/licence.php
http://www.pcpitstop.com/antivirus/default.asp
http://scan.sygatetech.com/prestealthscan.html



""Ralph Bailey"" <ralph-dianne@charter.net> wrote in message
news:010001c4e93a$290169f0$2302a8c0@S0029855668...
| This may be off-topic, but I do not know where else to turn.
|
| I have been hijacked by a child pornographer and am receiving bounced
| messages from people I do not know who are not in my address book.
|
| Have checked everything I can find on line about hijacking and have
reported
| same to the FCC. Many articles written explaining what it is, but
only one
| suggestion I could find as to what to do about it and it did not work.
|
| The suggestion was to put AAA in my address book and VIRUS ALERT as
the
| address with the hope that a potential spammer would start at the
beginning
| of the address book and would quit when the first address was invalid.
|
| This did not work because the spammer had already captured my Email.
|
| Some articles indicate the messages could be coming from another
computer
| where my address is in that computer's Address Book.
|
| The messages do not show up in my Sent Messages folder.
|
| Notified my ISP and they were not interested. Suggested a virus
check.
|
| Have run SpyBot and Adware several times as well as Norton Antivirus.
|
| Have changed from Internet Explore to Godzilla Fox, but still using
| OutlookExpress on XPHome. Still getting the bounced messages.
|
| The only solution that comes to mind is to change my Email address,
but I do
| not want to do this if I can avoid it.
|
| Keep expecting the F. B. I. to show up and arrest me as a child
pornographer
| and anticipate that eventually I may get kicked out of NG's, lists or
boards
| as a spammer.
|
| Help !!!!!!!!!!!!
|
| Ralph Bailey
|

Charani

Re: HIJACKED

Legg inn av Charani » 24 des 2004 10:58:28

On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey" wrote:

This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

First off, you haven't been hijacked unless your home page is now a
child porn page.

Second how do you know it's child porn?? Did you open the bounced
mails?? If you did you may well have an infected machine yourself and
the last thing you want or need is to have child porn on your PC!!
Never, ever open bounced mail notifications unless you are 200%
certain it's from your ISP and relates to a mail you've just sent.
Bounces happen immediately, not several days later.

You will keep getting bounced messages until the person with the
infected machine cleans it up.

You've been given some good advice about online scans, installing
Ad-Aware, etc. I would also add SpywareBlaster to that list
(available free from http://www.majorgeeks.com) and also run a port scan from

https://www.grc.com/x/ne.dll?bh0bkyd2

That will tell you if you need to beef up your firewall and internet
security.

For sound advice about protecting yourself from this sort of thing,
I'd suggest subbing to alt.privacy.spyware.

Rich Heimlich

Re: HIJACKED

Legg inn av Rich Heimlich » 24 des 2004 12:54:02

I have quite a list of family members and friends who call me to help
with their various computer problems. Most of these people are not
computer geeks in the least and most would not want to resort to
having to go through much of what has been outlined here as they'd
feel like they'd have to run all of these things every time they boot
their computer. They'd sooner give up the computer than go through all
of that.

Because of that I've adopted a couple strategies to help reduce or
eliminate the problems for them.

First, Internet Explorer is retired. I don't bother to uninstall it as
that can be tricky, but I do remove almost all references to it and
then install an alternate browser (currently Firefox). This cuts out a
ton of the spyware problems as IE is often a direct target. 95% of
websites work just fine with non-IE browsers. The few that don't
either aren't important or they can run IE to access them with the
warning that they should only do this for known-good and essential
sites (say like a bank's site).

Second, I remove Outlook and Outlook Express and install another
e-mail package. That too removes a slew of problems. Now, every few
months these people run the various checkers and find only a few
tracking cookies and little else. It's kept my phone from ringing
quite a bit so I believe in the approach.

Like it or not, Microsoft products are targets for this garbage so you
can either continually fight the battle or simply get out of the way.
For many people I interact with, the much saner solution is to just
get out of the way.

Dave Hinz

Re: HIJACKED

Legg inn av Dave Hinz » 27 des 2004 16:42:49

On Thu, 23 Dec 2004 22:17:22 -0600, George <boygeorgewGETRID@OFTHISyahoo.com> wrote:
Ralph, it sounds like you have more going on than originally thought. I
would suggest that you also open Internet Explorer and dump the cache and
dump the cookies. Then go to c:\windows\temp and dump everything in there.

Can you tell me what you think this helps please? One of us understands
more about it than the other, and I'm not sure if it's you, or me. Either
is likely; I'm not trying to be snotty here, I'm serious.

Another really good program is Adware Spy (http://www.adwarespy.com). It's
payware, but after running Ad-Aware, AVG, and Spybot, Adware Spy found
***455*** more problems with my comp (mainly reg entries). Whew!

Interesting. Hadn't tried that one. Have you tried it with Spybot Search&
Destroy?

And do please consider using a different mail client. I've used Pegasus
for years (http://www.pmusa.com); the learning curve is low and fast, and most
spyware/viruses can't seem to figure it out.

Yes, Outlook is the most popular target for virus writers, because
(a) It's everywhere, and (b) It's horribly insecure.

Dave Hinz

George

Re: HIJACKED

Legg inn av George » 27 des 2004 20:47:35

Dave Hinz <DaveHinz@spamcop.net> wrote in
news:33aorpF3sb1itU4@individual.net:

On Thu, 23 Dec 2004 22:17:22 -0600, George
boygeorgewGETRID@OFTHISyahoo.com> wrote:

Ralph, it sounds like you have more going on than originally thought.
I would suggest that you also open Internet Explorer and dump the
cache and dump the cookies. Then go to c:\windows\temp and dump
everything in there.

Can you tell me what you think this helps please? One of us
understands more about it than the other, and I'm not sure if it's
you, or me. Either is likely; I'm not trying to be snotty here, I'm
serious.

It's more precautionary than anything else. Some cookies are written to
track your web surfing and emailing, then report that info back to their
source. While that's not as common now as it used to be, it still does
happen. Those cookies can be considered a form of spyware, better to dump
them. Your cache can have javascript and active-x that may be triggered
every time you open your browser. C:\windows\temp is a repository for all
kinds of things, including stuff that downloaded in the background. One of
the most common things is start.exe, a sneaky spyware program. Plus, less
stuff in these locations means that programs/OS can run faster.

Another really good program is Adware Spy (http://www.adwarespy.com). It's
payware, but after running Ad-Aware, AVG, and Spybot, Adware Spy
found ***455*** more problems with my comp (mainly reg entries).
Whew!

Interesting. Hadn't tried that one. Have you tried it with Spybot
Search& Destroy?

To be honest, I hardly use Spybot anymore. About the only thing it catches
is the DSO Exploit (which, according to the FAQs is a bug in Spybot). Ad-
Aware, AVG and Adware Spy do a much better job.

And do please consider using a different mail client. I've used
Pegasus for years (http://www.pmusa.com); the learning curve is low and
fast, and most spyware/viruses can't seem to figure it out.

Yes, Outlook is the most popular target for virus writers, because
(a) It's everywhere, and (b) It's horribly insecure.

One of the nice things I like about Pegasus is that I can look at the mail
headers (To: From: Subject: etc) and delete anything that is suspect before
actually downloading my mail. An extra step, yes, but it really cuts down
on junk and potential hazards landing in my inbox. And once I download I
have better control over attachments.

Hope this helps.

Geo

Dave Hinz

Re: HIJACKED

Legg inn av Dave Hinz » 27 des 2004 21:02:59

On Mon, 27 Dec 2004 13:47:35 -0600, George <boygeorgewGETRID@OFTHISyahoo.com> wrote:
Dave Hinz <DaveHinz@spamcop.net> wrote in
news:33aorpF3sb1itU4@individual.net:

Can you tell me what you think this helps please?

It's more precautionary than anything else. Some cookies are written to
track your web surfing and emailing, then report that info back to their
source. While that's not as common now as it used to be, it still does
happen. Those cookies can be considered a form of spyware, better to dump
them.

Ah, but I've seen Adaware identify and wipe these regularly, are these other
cookies or the same ones that adaware would get?

Your cache can have javascript and active-x that may be triggered
every time you open your browser. C:\windows\temp is a repository for all
kinds of things, including stuff that downloaded in the background. One of
the most common things is start.exe, a sneaky spyware program. Plus, less
stuff in these locations means that programs/OS can run faster.

But again I think these would be cleaned out with a spyware and/or antivirus
scan, no? That way, the cached content which is clean doesn't have to be
re-fetched. Not a biggie with broadband, but can suck badly for dialup folks.

Another really good program is Adware Spy (http://www.adwarespy.com).

Interesting. Hadn't tried that one. Have you tried it with Spybot
Search& Destroy?

To be honest, I hardly use Spybot anymore. About the only thing it catches
is the DSO Exploit (which, according to the FAQs is a bug in Spybot). Ad-
Aware, AVG and Adware Spy do a much better job.

I'll give Adware Spy a shot, thanks. Spybot is hard to teach un-skilled
users to run anyway.

Yes, Outlook is the most popular target for virus writers, because
(a) It's everywhere, and (b) It's horribly insecure.

One of the nice things I like about Pegasus is that I can look at the mail
headers (To: From: Subject: etc) and delete anything that is suspect before
actually downloading my mail. An extra step, yes, but it really cuts down
on junk and potential hazards landing in my inbox. And once I download I
have better control over attachments.

I'm looking forward to trying Mozilla's Lightning mail client, they're making
it as a replacement for Outlook. I don't run 'doze any more, so I'm waiting
for a victim to try it on.

Dave Hinz

Hoosier Daddy

Re: HIJACKED

Legg inn av Hoosier Daddy » 11 jan 2005 22:59:10

On Fri, 24 Dec 2004 02:03:11 +0000 (UTC), "Ralph Bailey" wrote:

----- Original Message -----
From: "Dave Hinz" <DaveHinz@spamcop.net
To: <ALT-GENEALOGY-L@rootsweb.com
Sent: Thursday, December 23, 2004 4:05 PM
Subject: Re: HIJACKED


On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey"
ralph-dianne@charter.net> wrote:
This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Every virus these days forges the from: header. The only thing you know
for
sure, if messages look like they are from you, is that they are in fact
_not_ from you. Most likely an infected person's address book has you in
it.

Have checked everything I can find on line about hijacking and have
reported
same to the FCC. Many articles written explaining what it is, but only
one
suggestion I could find as to what to do about it and it did not work.

Here's what I'd suggest. Download AdAware from http://www.lavasoftusa.com
and AVG antivirus from http://www.grisoft.com - install and run them
(AdAware first), clean up anything they suggest to. In years, I have
never been bit by either of these deleting something I needed, so I trust
both of them.

Go to windowsupdate.microsoft.com and make sure you're up to date there
as well. But, I don't think your system is the problem.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the
beginning
of the address book and would quit when the first address was invalid.

That's an urban legend and never did have any effect other than to waste
the time of people and make them think they were doing something useful.
It's at least a benign example of bad advice, where the one that says
"go delete whatever.dll from your win32 directory" actively hosed systems.
I have a hard time understanding the motivation of some people to come
up with these hoaxes.

This did not work because the spammer had already captured my Email.

Chances that a spammer is using your system to send email is very low
indeed. Chances are high, however, that someone with you in their
address book has a virus, and that virus sends out spam with other
addresses in _their_ address book as the From: address.

Some articles indicate the messages could be coming from another computer
where my address is in that computer's Address Book.

There ya go.

The messages do not show up in my Sent Messages folder.

Not definative, but supporting the theory that you didn't send them. Good
sign.

Notified my ISP and they were not interested. Suggested a virus check.

Yeah, well... it's hard to keep good technical help at an ISPs help desk.
Thankless work, low pay, bad hours, and thankless work.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Sounds like you're clean.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

I saw an article today that the folks who brought us mozilla/firefox
have an email client to challenge Outlook, called Lightning. Haven't
tried it yet. If Firefox is any indication, it's worth a serious look.

The only solution that comes to mind is to change my Email address, but I
do
not want to do this if I can avoid it.

That won't help - the new one will just be put into some other
virus-infested user's address book, and the cycle will repeat. Not worth
the inconvenience to you.

Keep expecting the F. B. I. to show up and arrest me as a child
pornographer
and anticipate that eventually I may get kicked out of NG's, lists or
boards
as a spammer.

Naah, the FBI knows how to read headers and will know it's not from you.
And any _decent_ sysadmin or moderator knows about from: headers being
forged, so you should be OK there as well.

No worries there.

Hang in there, Ralph.
Dave Hinz

Thanks, Dave, appreciate the response.

Since it appears I already did everything you suggest except use AVG
instead of Norton, do I just grin and bear it ?

Incidentally, since I sent the original message my computer locked up and I
had to unplug it and when I went back on line my newly installed Adware and
GodzillaFox had disappeared. Will reinstall.

Ralph

Ralph, my advice is:
if you are that badly infected, format the hard drive after backing up
your important files. Restore the hard drive and drivers if you have a
Restore disk. If not, reinstall Windows, drivers, your antivirus and
spyware apps [I use AdAware, Spybot S&D, SpyWare Blaster and the new
Microsoft Adware Beta] and applications. SCAN YOUR SAVED DATA before
restoring it. It'll ultimately save time and insure you have a fresh, clean
start.
Then update update update scan scan scan after you're up and running

Dave Hinz

Re: HIJACKED

Legg inn av Dave Hinz » 11 jan 2005 23:08:26

On Tue, 11 Jan 2005 21:59:10 GMT, Hoosier Daddy <hoosier_daddynospam@frontiernet.net> wrote:

Ralph, my advice is:
if you are that badly infected, format the hard drive after backing up
your important files. Restore the hard drive and drivers if you have a
Restore disk.

That is astonishingly bad advice for someone whose email is showing up
as the "from:" in forged virus-sent emails. When his address is in the
"from:" header, the only thing that can be sure is that it's _not_ from
his system.

If not, reinstall Windows, drivers, your antivirus and
spyware apps [I use AdAware, Spybot S&D, SpyWare Blaster and the new
Microsoft Adware Beta] and applications. SCAN YOUR SAVED DATA before
restoring it. It'll ultimately save time and insure you have a fresh, clean
start.
Then update update update scan scan scan after you're up and running

No point in trashing his system when it's someone who has him in their
address book who has the virus.

Dave Hinz

Ralph Bailey

Re: HIJACKED

Legg inn av Ralph Bailey » 13 jan 2005 18:31:02

----- Original Message -----
From: "Hoosier Daddy" <hoosier_daddynospam@frontiernet.net>
To: <ALT-GENEALOGY-L@rootsweb.com>
Sent: Tuesday, January 11, 2005 3:59 PM
Subject: Re: HIJACKED


On Fri, 24 Dec 2004 02:03:11 +0000 (UTC), "Ralph Bailey" wrote:

----- Original Message -----
From: "Dave Hinz" <DaveHinz@spamcop.net
To: <ALT-GENEALOGY-L@rootsweb.com
Sent: Thursday, December 23, 2004 4:05 PM
Subject: Re: HIJACKED


On Thu, 23 Dec 2004 21:55:42 +0000 (UTC), "Ralph Bailey"
ralph-dianne@charter.net> wrote:
This may be off-topic, but I do not know where else to turn.

I have been hijacked by a child pornographer and am receiving bounced
messages from people I do not know who are not in my address book.

Every virus these days forges the from: header. The only thing you know
for
sure, if messages look like they are from you, is that they are in fact
_not_ from you. Most likely an infected person's address book has you
in
it.

Have checked everything I can find on line about hijacking and have
reported
same to the FCC. Many articles written explaining what it is, but only
one
suggestion I could find as to what to do about it and it did not work.

Here's what I'd suggest. Download AdAware from
http://www.lavasoftusa.com
and AVG antivirus from http://www.grisoft.com - install and run them
(AdAware first), clean up anything they suggest to. In years, I have
never been bit by either of these deleting something I needed, so I
trust
both of them.

Go to windowsupdate.microsoft.com and make sure you're up to date there
as well. But, I don't think your system is the problem.

The suggestion was to put AAA in my address book and VIRUS ALERT as the
address with the hope that a potential spammer would start at the
beginning
of the address book and would quit when the first address was invalid.

That's an urban legend and never did have any effect other than to waste
the time of people and make them think they were doing something useful.
It's at least a benign example of bad advice, where the one that says
"go delete whatever.dll from your win32 directory" actively hosed
systems.
I have a hard time understanding the motivation of some people to come
up with these hoaxes.

This did not work because the spammer had already captured my Email.

Chances that a spammer is using your system to send email is very low
indeed. Chances are high, however, that someone with you in their
address book has a virus, and that virus sends out spam with other
addresses in _their_ address book as the From: address.

Some articles indicate the messages could be coming from another
computer
where my address is in that computer's Address Book.

There ya go.

The messages do not show up in my Sent Messages folder.

Not definative, but supporting the theory that you didn't send them.
Good
sign.

Notified my ISP and they were not interested. Suggested a virus check.

Yeah, well... it's hard to keep good technical help at an ISPs help
desk.
Thankless work, low pay, bad hours, and thankless work.

Have run SpyBot and Adware several times as well as Norton Antivirus.

Sounds like you're clean.

Have changed from Internet Explore to Godzilla Fox, but still using
OutlookExpress on XPHome. Still getting the bounced messages.

I saw an article today that the folks who brought us mozilla/firefox
have an email client to challenge Outlook, called Lightning. Haven't
tried it yet. If Firefox is any indication, it's worth a serious look.

The only solution that comes to mind is to change my Email address, but
I
do
not want to do this if I can avoid it.

That won't help - the new one will just be put into some other
virus-infested user's address book, and the cycle will repeat. Not
worth
the inconvenience to you.

Keep expecting the F. B. I. to show up and arrest me as a child
pornographer
and anticipate that eventually I may get kicked out of NG's, lists or
boards
as a spammer.

Naah, the FBI knows how to read headers and will know it's not from you.
And any _decent_ sysadmin or moderator knows about from: headers being
forged, so you should be OK there as well.

No worries there.

Hang in there, Ralph.
Dave Hinz

Thanks, Dave, appreciate the response.

Since it appears I already did everything you suggest except use AVG
instead of Norton, do I just grin and bear it ?

Incidentally, since I sent the original message my computer locked up and
I
had to unplug it and when I went back on line my newly installed Adware
and
GodzillaFox had disappeared. Will reinstall.

Ralph

Ralph, my advice is:
if you are that badly infected, format the hard drive after backing up
your important files. Restore the hard drive and drivers if you have a
Restore disk. If not, reinstall Windows, drivers, your antivirus and
spyware apps [I use AdAware, Spybot S&D, SpyWare Blaster and the new
Microsoft Adware Beta] and applications. SCAN YOUR SAVED DATA before
restoring it. It'll ultimately save time and insure you have a fresh,
clean
start.
Then update update update scan scan scan after you're up and running


Thanks Daddy,

I am not competent to do what you suggest, but will try to get someone to do
it for me.

I checked my unread messages (240) and had only one bounced message today
and they seem to be getting smaller in number. May adopt the easy way out,
grin and bear it, and hope the problem goes away. Perhaps changing to
MozillaFirefox helped.

I also tried MozillaThunderbird for Email, but did not like it and found 135
messages at OutlookExpress that did not come through to Thunderbird so am
back to OE. Can you recommend a good Email provider I can use without
having to change my address?

Have also received notice that several messages from my address were
returned because they contained a worm or virus which leads me to believe
the messages are not coming from my computer because I regularly run spyware
and anti-virus programs. Will what you suggest eliminate the problem if the
messages are coming from another computuer?

Thanks again,

Ralph

Charani

Re: HIJACKED

Legg inn av Charani » 13 jan 2005 19:03:18

On Thu, 13 Jan 2005 17:20:50 +0000 (UTC), "Ralph Bailey" wrote:

Will what you suggest eliminate the problem if the
messages are coming from another computuer?

There's nothing you can do beyond keeping your own computer as secure
as possible, your AV and firewall up to date and running; because you
don't know who's computer is infected.

If you could identify that *and* convince the owner that they were
infected, you might be able to persuade them to install and run an
Anti Virus program and a firewall but the chances are very slim that
you'd ever find the computer responsible. I've heard more tales of
denial and refusal to do anything about the problem than machines
being cleaned up.

The scenario is something like this: A gets a virus. B's email
address is on A's computer. A's computer sends out the virus to all
the addresses it finds on the computer, that includes newsgroups as
well as address books. B opens the mail s/he thinks is from A, clicks
on the link in the mail and gets infected and so the process starts
again.

You most likely don't even know the person with the infected machine
at all.

You've already indicated that your system is clean so doing a complete
reinstall, which isn't actualy that hard, won't stop you getting the
mails.

Ralph Bailey

Re: HIJACKED

Legg inn av Ralph Bailey » 14 jan 2005 20:40:03

Thanks, Charanai.

Ralph
----- Original Message -----
From: "Charani" <me@privacy.net>
To: <ALT-GENEALOGY-L@rootsweb.com>
Sent: Thursday, January 13, 2005 12:03 PM
Subject: Re: HIJACKED


On Thu, 13 Jan 2005 17:20:50 +0000 (UTC), "Ralph Bailey" wrote:

Will what you suggest eliminate the problem if the
messages are coming from another computuer?

There's nothing you can do beyond keeping your own computer as secure
as possible, your AV and firewall up to date and running; because you
don't know who's computer is infected.

If you could identify that *and* convince the owner that they were
infected, you might be able to persuade them to install and run an
Anti Virus program and a firewall but the chances are very slim that
you'd ever find the computer responsible. I've heard more tales of
denial and refusal to do anything about the problem than machines
being cleaned up.

The scenario is something like this: A gets a virus. B's email
address is on A's computer. A's computer sends out the virus to all
the addresses it finds on the computer, that includes newsgroups as
well as address books. B opens the mail s/he thinks is from A, clicks
on the link in the mail and gets infected and so the process starts
again.

You most likely don't even know the person with the infected machine
at all.

You've already indicated that your system is clean so doing a complete
reinstall, which isn't actualy that hard, won't stop you getting the
mails.


Svar

Gå tilbake til «alt.genealogy»