I run Avast 4.8 and over the weekend “my” computer spammed my whole address book and it seems almost any email it could find lurking. Am I daft in thinking Avast runs all the time (in the background) or should I be setting the scanner manually? I have changed my pasword, done a full scan and searched for malware but nothing?
Any ideas from all you computer guys would be appreciated.
first what do you mean exactly by “spammed” your address book, what address book, in an email client (Windows Live Mail, Windows Mail ? )… were your address books entries modified, were some entries added, what did you notice exactly? A common practice by botnets is to harvest address books and send spam mails to all your contacts who will in turn infect other computers, but if you don’t give more details, there’s not much more I can say. Also, you should upgrade to Avast5
avast does run all the time in the background, but in this case there is either a hidden or undetected spambot, harvesting your email addresses to send the spam.
If you set the Internet Mail provider to High sensitivity, this bumps up your heuristic checks and that should detect multiple identical emails in a period of time.
Your firewall should also play a part by blocking unauthorised outbound connections, what is your firewall ?
To try and find what is hidden/undetected try these tools:
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. SUPERantispyware On-Demand only in free version.
Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.
I use hotmail and no addresses were modified just as you say my address book was harvested and spam emails were sent to everyone (from me) including myself. I’ll update to Avast 5 and scan again…
My poor friends think my spelling and grammer has deteriorated and that I have a shoe fetish now
OK this has happened to my wife on hotmail not that long ago. Only way out is to warn all your friends to dismiss all the “bad mails”, not add you as spammer, and on your side just find out who sent you the first spamming mail responsible for harvesting your address book. Don’t be surprised if it’s someone you know, who might him/her - self might not even be aware of it. Go to to your options for hotmail and make sure that junk mails are reported to Microsoft, then send what you find to the junk box.
So, this is important to make the difference. You got spammed in hotmail using the web interface (as oppposed to an email client). I don’t think your computer got infected by anything. Just in case, download and run a quick scan with Malware Byte >>> www.malwarebytes.org/ (update the program first, before scanning).
Well since you mention you use Hotmail it may be that that has been compromised as a) you don’t store your Hotmail contacts on your computer ? and b) I doubt that the emails could be generated from your system using Hotmail without you actually being logged on. So I would suggest that you change your Hotmail username and password.
Also the Internet Mail Shield won’t protect your Hotmail account if you view it through your browser or if using OE or windows live mail, etc. to download the email that users an MS Proprietary protocol.
The windows XP firewall provides zero outbound protection and the Vista firewall outbound protection is disabled by default.
However it is worth running both those applications to ensure there isn’t something on your system. If they and avast come up clean then it is more likely that your Hotmail account has been compromised.