Results 1 to 6 of 6

Thread: returned mail spyware infection

  1. #1
    Junior Member
    Join Date
    Jan 2004

    Angry returned mail spyware infection

    I opened an email addressed from "returned mail". What a mistake. It has taken over my browser homepage and locked me out from being able to access school web sites to write lesson plans. It defaults to and has put porn onto my computer. what can I do?

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Run a spyware/adware cleaner like spybot of adaware, also make sure your antivirus is up-to-date.
    The above sentences are produced by the propaganda and indoctrination of people manipulating my mind since 1987, hence, I cannot be held responsible for this post\'s content - me

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Also: ....."Swatit 2.1"

    also get ...."WinPatrol" and take a look at what is starting up and the IE add-ons (BHO.........browser helper objects)

    If you need links just do a google search for AdAware 6.0 and SpyBot Search & Destroy.

    Post back when you have run all these.

    Please remember to update them all, and your antivirus (AV) then reboot into safe mode before running them.

    After that go to:

    Get "Hijack This!", "CWShredder" and "Startuplist" You can run "CWShredder", but make sure you have no other browser windows open

    Also go to and get "Host Administrator"

    You will now need to post back here and we can check the results. You do need to do this so we can advise you how to build your second and third level defences to prevent this sort of thing happening again?

    I seem to be repeating myself, so perhaps I should sit down, lay of the beer and write a comprehensive tutorial, rather than the over elevated "advisories" I have done so far? does anyone think that would be useful? I realise I would have to keep it up to date, but that is would be less effort than re-typing over and over

    Thoughts please

    Good luck skboughton, and please get back to us


  4. #4
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Just out of curiosity, did the email immediately do a browser redirect, or was it an attachment?

    Go for it, nihil. There can never be too many tuts...especially ones related to security. I'm trying to do some myself....WinXP hardening and the like. There are quite a few, but none that I've seen that explain why you should do this (such as how blocking 135-139 helps stop null sessions, etc.) You know...hardening for the extreme newb complete with explinations of the exploit, etc. (kinda like H.E. Lite or something)

    Browser hijacks suck!

  5. #5
    I agree with that number guy.. 5768.. etc.. " Go for it nihil" it's a bitch repeating oneself over and over again for everyone that comes in here.. much easier to point them to a tut than retyping it again.

  6. #6
    Senior Member
    Join Date
    Aug 2003
    It's either that, nihil, or put together a bunch of posts in wordpad to answer the common questions so that all you need to do is cut and paste....been considering that myself

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts