Winstep

Software Technologies


 Winstep Forums


Print view
Board index : Winstep Forums : Off Topic  [ 15 posts ]
Author Message
 Post subject: is this email i received from this forum legit?
PostPosted: Fri Mar 12, 2010 9:06 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
this is the message i received:

From: JamesCutter
To: whatthe
Posted: Fri Mar 12, 2010 7:57 pm
Subject: Take measures immediately!
Dear, whatthe!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately: http://remove-malware.servebbs.org/onli ... er/whatthe
If you do not pass this test we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).

----------------------------------------------------
Forum Administration forums.winstep.net

i'm running ZoneAlarm, AVG, and AD-Aware with no problems


Back to top
 Profile  
 
 Post subject:
PostPosted: Fri Mar 12, 2010 9:40 pm 
Offline

Joined: Fri Jan 22, 2010 2:33 pm
Posts: 3
Location: Spain
Yeah, I have received the same email.

What about it?????

I think that it is a dangerous Spam.


Back to top
 Profile WWWYIM 
 
 Post subject:
PostPosted: Fri Mar 12, 2010 9:48 pm 
Offline

Joined: Thu Mar 04, 2010 3:18 pm
Posts: 7
I got the same one and just posted in general discussion. Another forum admin found out it was a rogue installer. More info below:

Yes it is a spammed social engineered attack and the URL is now rendering a live fake alert scanner page.

Our IP blocking intercepted that target URL smile.gif

CODE
01:19:05 User IP-BLOCK 195.5.161.117
01:19:07 User IP-BLOCK 195.5.161.117


However after switching it off and fetching the file at the bottom of the rabbit hole we have a new morph on a known rogue installer.

CODE
http://scan1.specialwebhelp3.info/downl ... up_453.exe


Back to top
 Profile  
 
 Post subject:
PostPosted: Fri Mar 12, 2010 10:46 pm 
Offline

Joined: Sun Sep 13, 2009 9:16 am
Posts: 1
Code:
Dear, chibchakan!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately: http://remove-malware.servebbs.org/online-scanner/chibchakan
If you do not pass this test  we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).


I got the same email. Thank god I wasn't stupid enough to click that link. :lol:


Back to top
 Profile  
 
 Post subject: Re: is this email i received from this forum legit?
PostPosted: Sat Mar 13, 2010 7:21 pm 
Offline

Joined: Wed Dec 17, 2008 9:46 pm
Posts: 6
Location: Montreal, Canada
whatthe wrote:
this is the message i received:

From: JamesCutter
To: whatthe
Posted: Fri Mar 12, 2010 7:57 pm
Subject: Take measures immediately!
Dear, whatthe!

Spam sending from your computer was detected.
We highly recommend you to check your computer and perform online virus check at our site immediately: http://remove-malware.servebbs.org/onli ... er/whatthe
If you do not pass this test we will have to delete your account and forward a complaint to your ISP with attached log file (your IP address, etc.).


----------------------------------------------------
Forum Administration forums.winstep.net

i'm running ZoneAlarm, AVG, and AD-Aware with no problems




NO IT IS NOT LEGIT AND BE VERY CAREFUL OF THE LINK. IT IS A PHISHING SCAM. VERIFIED BY JORGE COELHO, SITE OWNER

_________________
Every story paints a picture and every picture is a story.


Back to top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 22, 2010 7:19 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
for the people who've receive this email... is anybody having problems with browsing the net???
when i received that email my email took a long time to DL that message, and ever since my browser stalls, pages sometimes doesn't want to fully DL. i got to repeatedly click refresh. my browser is sending requests but my browser is not receiving back, i know this because when i registered at dslreport.com and clicked the submit button, the page stayed on that page waiting for a response yet i received my comformation email... noone at dell's forum can figure this out.
i've scanned for viruses, spy,mal,adware, not finding anything. i've reinstall zonealarm, avg, ad-aware. i've ran WinsockFix. i 've ran CCleaner.
i've tried to uninstall ie8 and reinstall but the option to remove/repair/change is missing, but that's due to ie8 being installed before service pack 3...


Back to top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 22, 2010 8:53 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
The message itself is harmless... but did you click the link in it?

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Mon Mar 22, 2010 11:08 pm 
Offline
Global Moderator
Global Moderator

Joined: Tue Oct 13, 2009 3:19 pm
Posts: 266
whatthe wrote:
for the people who've receive this email... is anybody having problems with browsing the net???
when i received that email my email took a long time to DL that message, and ever since my browser stalls, pages sometimes doesn't want to fully DL. i got to repeatedly click refresh. my browser is sending requests but my browser is not receiving back, i know this because when i registered at dslreport.com and clicked the submit button, the page stayed on that page waiting for a response yet i received my comformation email... noone at dell's forum can figure this out.
i've scanned for viruses, spy,mal,adware, not finding anything. i've reinstall zonealarm, avg, ad-aware. i've ran WinsockFix. i 've ran CCleaner.
i've tried to uninstall ie8 and reinstall but the option to remove/repair/change is missing, but that's due to ie8 being installed before service pack 3...

Have you tried using a different browser (firefox for example)?


Back to top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 22, 2010 11:35 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
yes, i've tried firefox, opera, chrome. they all do the same thing. in fact i think it started when i was trying firefox. i've since removed them all...


Back to top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 22, 2010 11:37 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
winstep wrote:
The message itself is harmless... but did you click the link in it?

of cause not...


Back to top
 Profile  
 
 Post subject:
PostPosted: Tue Mar 23, 2010 11:37 am 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
Try (if you haven't already) turning off your cable or DSL modem, waiting a handful of seconds, and turning it back on again.

Also, is your PC connected to a router or straight to the modem?

You could also open a Command Prompt window and typing tracert www.microsoft.com to see which node is taking a long time to respond. Could be something local or the responsability of your ISP (mine had DNS troubles the other day, opening pages took a very long time, although they loaded pretty fast once they got started).

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Tue Mar 23, 2010 12:38 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
i had a problem with my modem before(kept losing connection) and shutting it down for the recommended 5mins didn't work but shutting it down over night did fix it. so now i'm in the habit of turning off the power strip overnight... i've taking my modem to another user and it worked fine...
modem is straight to pc.
i typed tracert and a command window popped up and out in a flash...
i'm now trying to get help at removing malware at dell's forum.
i know i'm gonna have to reformat my pc but i want to figure this out before first.
none of my anti's are detecting anything. i'm thinking some crapware tried to install and failed either through bad coding or 1 of my anti's blocking to late... i've noticed that ZA is getting a little tarty when it comes to blocking. it'll ask for permission after the program already connected...


Back to top
 Profile  
 
 Post subject:
PostPosted: Tue Mar 23, 2010 1:13 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Thu Feb 26, 2004 8:30 pm
Posts: 11930
If you got somehow infected by a rootkit that might explain it. Problem with rootkits is that, unlike regular viruses, they are able to hook into the OS at very low level and thus quite effectivelly hide from anti-virus scanners.

Solution is a complete reformat or a full file system scan from a boot CD.

On the other hand, that message alone would NOT have infected your system.

The Zone Alarm firewall could also be responsible for the delays, but since you are not behind a router's hardware firewall I do not recommend turning it off. Did you check ZA's event log files?

As for tracert, you have to open the Command Window first (cmd.exe) and THEN type tracert.

_________________
Jorge Coelho
Winstep Xtreme - Xtreme Power!
http://www.winstep.net - Winstep Software Technologies


Back to top
 Profile WWW 
 
 Post subject:
PostPosted: Tue Mar 23, 2010 11:33 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
i just ran tracert and zonealarm did not alert me about command prompt connecting... its listed in the programs with"?"(ask) but it didn't... so ZA is not doing its job... and it's been uninstalled and reinstalled a couple of days ago, so it should have clean uncorrupted files...
i'll wait to see what dell's Malware Removal forum can do. whether they figure it out or not i'll still reformat in the end.


Back to top
 Profile  
 
 Post subject: i've should have added this sooner...
PostPosted: Tue Apr 13, 2010 1:15 pm 
Offline

Joined: Sat Feb 20, 2010 1:46 pm
Posts: 17
i installed avast! antivirus and uninstalled AVG antivirus(in that order, i thought avast! would have told me to uninstall AVG 1st, but it didn't) and my browser stalling is a thing of the past... not 1 time after has my browser stalled(YIPPY)... i don't know why, out of nowhere, avg developed a conflict with my pc... it work prior to the start of the problem. so AVG was my problem. good thing it was free...


Back to top
 Profile  
 
Post new topic Reply to topic Board index : Winstep Forums : Off Topic  [ 15 posts ]
Display posts from previous:  Sort by  

Who is online

Users browsing this forum: No registered users and 12 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron