Results 1 to 6 of 6

Thread: Possible virus or trojan?

  1. #1
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    633
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre

    Possible virus or trojan?

    Hi all,

    Noticed funny things tonight when I signed into my Yahoo Mail (the new-style Ajax one). First I got an out of office reply from one of my friends who I didn't remember emailing lately. Second, got two delivery failure notifications that said a message I sent couldn't be delivered. The original email of each simply had a URL to two different LiveJournal pages (seen these types of messages filtered as spam before). Both had a number of recipients, all addresses I know or are in my address book on Yahoo mail.

    The other funny thing is that the entire contents of my Sent Items folder in Yahoo mail is now gone, i.e. it's totally empty. I certainly don't remember doing that...!

    This all looks a bit like trojans or viruses type activity but the thing is, I don't use a mail client like Outlook or Thunderbird, are there viruses etc. which can now spread via web-based mail clients like Yahoo? I'm doing a full windows defender scan right now and will do a full boot-time virus scan right after. Could this happen if I signed into my mail from another PC which is infected with something like this?

    Cheers in advance,
    8bit
    "shiro" - Windows 10 Home x64 :: Intel i7-6700K :: Corsair Hydro H90 :: MSI Z170A-G43 Plus :: 2x 8GB Kingston HyperX :: NVidia 3070 FE :: Corsair Force MP600 (1TB) :: Crucial MX100 (512GB) :: WD Caviar Black (1TB) :: Lite-On BD-ROM :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Logitech M500 :: Cherry KC6000 Slim ::

  2. #2
    Banhammer in peace PeterB kalniel's Avatar
    Join Date
    Aug 2005
    Posts
    30,748
    Thanks
    1,787
    Thanked
    3,286 times in 2,647 posts
    • kalniel's system
      • Motherboard:
      • Gigabyte Z390 Aorus Ultra
      • CPU:
      • Intel i9 9900k
      • Memory:
      • 32GB DDR4 3200 CL16
      • Storage:
      • 1TB Samsung 970Evo+ NVMe
      • Graphics card(s):
      • nVidia GTX 1060 6GB
      • PSU:
      • Seasonic 600W
      • Case:
      • Cooler Master HAF 912
      • Operating System:
      • Win 10 Pro x64
      • Monitor(s):
      • Dell S2721DGF
      • Internet:
      • rubbish

    Re: Possible virus or trojan?

    Viruses can be spread via just about any method you can conceive of and then some. But I think more likely in this case someone or something managed to hack your yahoo mail account and then used it to send out spam or something - I've had both yahoo and ebay accounts compromised in the past through hacking at the server end. Change password ASAP.

  3. #3
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    633
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre

    Re: Possible virus or trojan?

    Sorry, should have said - that was the first thing I did but thanks for the reply and advice. Windows Defender has gotten through almost the whole C drive and still nothing. Wonder if I've signed in on a machine that has a keylogger or something...
    "shiro" - Windows 10 Home x64 :: Intel i7-6700K :: Corsair Hydro H90 :: MSI Z170A-G43 Plus :: 2x 8GB Kingston HyperX :: NVidia 3070 FE :: Corsair Force MP600 (1TB) :: Crucial MX100 (512GB) :: WD Caviar Black (1TB) :: Lite-On BD-ROM :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Logitech M500 :: Cherry KC6000 Slim ::

  4. #4
    Senior Member
    Join Date
    Feb 2008
    Posts
    914
    Thanks
    4
    Thanked
    155 times in 143 posts
    • smargh's system
      • Motherboard:
      • Gigabyte GA-EP45-UD3P
      • CPU:
      • Xeon E5450 with 775-to-771 Mod
      • Memory:
      • 16GB Crucial
      • Storage:
      • Intel X25-M G2 80GB/Adaptec 3405 4x 2TB Ultrastar RAID1 / 1x 6TB Hitachi He6 / Dying 2TB Samsung
      • Graphics card(s):
      • GTX 750 Ti
      • PSU:
      • Seasonic X-560
      • Case:
      • Lian-Li PC-A71
      • Operating System:
      • Windows 7 Ultimate 64bit
      • Monitor(s):
      • BenQ G2400WD
      • Internet:
      • Really Crap ADSL2 <3Mbit

    Re: Possible virus or trojan?

    Malwarebytes, autoruns, tcpview, rootrepeal, rootalyzer, G-Data AV, Sunbelt Viper AV, BitDefender online scan. All useful for checking for malware.

    You will probably never know how the password was acquired by someone else. All you can do is not log on to personal accounts on any other PC, and change every web account which uses the same password. I just assume that every single PC I sit at is infected with password stealing malware, unless I've done very extensive checks.
    Last edited by smargh; 06-07-2009 at 08:57 PM.

  5. #5
    Banhammer in peace PeterB kalniel's Avatar
    Join Date
    Aug 2005
    Posts
    30,748
    Thanks
    1,787
    Thanked
    3,286 times in 2,647 posts
    • kalniel's system
      • Motherboard:
      • Gigabyte Z390 Aorus Ultra
      • CPU:
      • Intel i9 9900k
      • Memory:
      • 32GB DDR4 3200 CL16
      • Storage:
      • 1TB Samsung 970Evo+ NVMe
      • Graphics card(s):
      • nVidia GTX 1060 6GB
      • PSU:
      • Seasonic 600W
      • Case:
      • Cooler Master HAF 912
      • Operating System:
      • Win 10 Pro x64
      • Monitor(s):
      • Dell S2721DGF
      • Internet:
      • rubbish

    Re: Possible virus or trojan?

    Quote Originally Posted by 8bit View Post
    Sorry, should have said - that was the first thing I did but thanks for the reply and advice. Windows Defender has gotten through almost the whole C drive and still nothing. Wonder if I've signed in on a machine that has a keylogger or something...
    Well my point was it's probably nothing you did - I think it's probable a server owned by yahoo mail or connected to them in some way was hacked/compromised.

  6. #6
    Throbbing Member
    Join Date
    Aug 2004
    Location
    Scotlandshire
    Posts
    633
    Thanks
    15
    Thanked
    9 times in 8 posts
    • 8bit's system
      • Motherboard:
      • MSI Z170A-G43 PLUS
      • CPU:
      • Intel i7-6700K
      • Memory:
      • 2x Kingston HyperX Fury Black (8GB)
      • Storage:
      • 1x Crucial MX100 512GB, 1x Western Digital Caviar Black 1TB (WD1001FALS)
      • Graphics card(s):
      • Sapphire AMD R9 390 Nitro
      • PSU:
      • Corsair RM650x
      • Case:
      • Corsair Carbide Air 540
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • LG 29UM67 29", 21:9, 2560x1080
      • Internet:
      • PlusNet Fibre

    Re: Possible virus or trojan?

    Quote Originally Posted by kalniel View Post
    Well my point was it's probably nothing you did - I think it's probable a server owned by yahoo mail or connected to them in some way was hacked/compromised.
    Nice. Maybe I'll look into another provider, not been that happy with Yahoo lately anyway. Guess if it was a local virus on my PC then the Sent Items wouldn't likely have gotten deleted. Thanks.

    Quote Originally Posted by smargh View Post
    Malwarebytes, autoruns, tcpview, rootrepeal, rootalyzer, G-Data AV, Sunbelt Viper AV, BitDefender online scan. All useful for checking for malware.

    You will probably never know how the password was acquired by someone else. All you can do is not log on to personal accounts on any other PC, and change every web account which uses the same password. I just assume that every single PC I sit at is infected with password stealing malware, unless I've done very extensive checks.
    Can only think of two other machines I've signed in from in the past few months, i tend not to bother if I'm not at home but I'll get their respective owners to fully scan them. Wouldn't imagine either machine would be likely candidates for nasties, their owners are pretty careful but can never be too careful i guess... Thanks also.
    "shiro" - Windows 10 Home x64 :: Intel i7-6700K :: Corsair Hydro H90 :: MSI Z170A-G43 Plus :: 2x 8GB Kingston HyperX :: NVidia 3070 FE :: Corsair Force MP600 (1TB) :: Crucial MX100 (512GB) :: WD Caviar Black (1TB) :: Lite-On BD-ROM :: Corsair Carbide Air 540 (white) :: LG 32QK500 2560x1440 :: Logitech M500 :: Cherry KC6000 Slim ::

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Possible virus, trojan?
    By Stephen C in forum Help! Quick Relief From Tech Headaches
    Replies: 11
    Last Post: 16-08-2007, 02:09 AM
  2. Can't kill process. Trojan virus.
    By Jonny in forum Help! Quick Relief From Tech Headaches
    Replies: 4
    Last Post: 16-04-2006, 11:19 AM
  3. The lowest virus ever?
    By Trippledence in forum General Discussion
    Replies: 15
    Last Post: 11-07-2005, 01:36 AM
  4. strange worm
    By klarrix in forum Software
    Replies: 5
    Last Post: 29-04-2004, 08:27 AM
  5. The AOL virus :D
    By Alex in forum General Discussion
    Replies: 2
    Last Post: 07-02-2004, 04:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •