Donate SIGN UP

Help, Ive got a "zombie" PC!

Avatar Image
Impret-Sir | 20:50 Fri 09th Dec 2005 | Technology
12 Answers
Thats the correct term I believe when your PC has been hacked to send out loads of spam, currently about 1000 emails a day! Neither Norton or F-secure antivirus packages can find anything amis, bot spy-bot or ad-aware.
Im not sure how this actually works, does my pc actually have an item of "mal-ware" present on it that I cant find, or is it more complicated than that? Its been driving me nuts as all these spam messages are being returned to me every day by other peoples antispam software! Plus the last thing I want to do is contribute to the mass of spam out there, but I am doing so and I hate it!
Gravatar

Answers

1 to 12 of 12rss feed

Best Answer

No best answer has yet been selected by Impret-Sir. Once a best answer has been selected, it will be shown here.

For more on marking an answer as the "Best Answer", please visit our FAQ.

I dont know much about it but i saw an answer on here the other day, they reckoned that if you search for and download 'hijack this' or 'hijackthis' on www.download.com it takes off just about anything - i havent had the need to try it myself yet, let us know how you get on.

HijackThis is a fixer of all things BUT it does require a bit of expertise to decipher the output from.

It's VERY simple to run and it'll give you a huge swathe of text output. You'll then need to post this output on a forum of brainy folks (one more technically minded than this) where someone will give you step by step instructions.

One other way of stopping this spam is to disable software such as Outlook/Outlook Express and use webmail instead however this still leaves your PC inherently insecure (albeit unable to send spam mail). Once you've unhijacked your PC, I'd advise you to recheck your firewall settings and to block (or set it to "ask" rather than "allow") t'internet access to various programs that you're not familiar with.
Also download updates for ALL antivirus, antispyware etc and ALL of Windows' Updates.
Impret-Sir, what makes you think that your machine is doing this?
Question Author
Thanks for the advice, I will give hijack this a go, jojash I know it is doing this because over night I went from getting about 20 emails a day to getting upwards of 1000, 99% of them saying "delivery to (some email address) failed, or "delivery report, delayed" or some such, and the body of the message is always some crap about cheap drugs or software that I definately did not send to anyone.

Hold fire on any action for a couple of days I went through this for two days last week on my BT Internet mailbox receiving hundreds of e mails for 2 days I sent all to the trash box and blocked anything coming in with the words "undeliverable etc " after two days everything went back to normal, dont know if the fault was with BT but all is good now,I am not saying this is the same for you but if you can maybe worth holding out. Best of Luck

Impret-Sir
That doesn't mean you are sending out e-mails, it just means that either somebody is faking your address or they are spamming you and faking the subject and sender address to make you open the e-mails.
I have one domain that is just used for forwarding - the email has not been configured on any machine ever, and still it receives messages like that (emails sent to that domain are automatically forwarded to one of my other accounts).
Question Author
rojash, thats interesting, Im not sure I completely understand what you mean, and what did you do about it?
I do know that when OE is downloading the last message I receive, if I click on the two little computers in the task bar and then on 'status' my PC is uploading a lot of info at the same time, and that last mesage takes a long time to download, so I have surmised that at that point my machine is sending out the spam. I have tried breaking the connection at this point to stop it, but that just results in the whole 1000 odd messages being still on my server next time I log on, plus a load more!
And KJN, unfortunately this has been going on for about three weeks so far....:-(
Sorry if I didn't make it clear. In my case, I know that the messages are not originating at my machine. Apart from the fact that my machine knows nothing of this address, checking my firewall logs shows that nothing was being sent. The "returned mail" messages are sent to an e-mail address which has never been used or published, on a domain that we just use for forwarding people to our true domain. To prevent the e-mail server getting clogged, and messages sent to that domain are forwarded to postmaster at our real domain, which is how I come to see them.
Just because a messages claims to be "returned" doesn't mean it IS. And just because a message is returned to your address, doesn't mean it originated at your address.

There is a program called QuickDel which will allow you to log into your account and delete the messages directly from the server without the need to download them.

The fact that if you interrupt your connection, the messages remain on the server just means that you never downloaded them, not that you were sending them!

If your ISP offers a spam filtering service, sign up to it, and that should permanently solve your problem.
Some of my friends have had difficulty in finding QuickDel, so I have made up an installer and posted it on my web site. The program is not mine, but I understand it's freeware. You can get it here:

www.osirissystems.co.uk/downloads/SetupQuickdel.exe

Question Author
thanks for that, I log on to www.mail2web.com as that allows me to delete all the messages in my inbox in one go, sadly, tomorrow they (or, more accurately, others like them) will all be back again!
Question Author
forgot to mention, I tried hijack this, and didnt see anything on the result that didnt look totally legit.

1 to 12 of 12rss feed

Do you know the answer?

Help, Ive got a "zombie" PC!

Answer Question >>

Related Questions

Sorry, we can't find any related questions. Try using the search bar at the top of the page to search for some keywords, or choose a topic and submit your own question.