[SOLVED] Infected outgoing email--help!!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

BearMom

Thread Starter
Joined
Apr 23, 2001
Messages
366
Please help! The Gibe worm that I fell for has "stamped" our email (outgoing) and they bounce off everyone anti-virus. How can I find the files and get rid of them????? I have run our anti virus and I thought it found everything but evidently not. Our email is completely shut down until there is a thorough cleaning. We do not have Symantec or Norton. We have Win 98.
 
Joined
May 28, 2003
Messages
2,366
How did you determine that your e-mail was as you put it "stamped"? If you are getting those 'undeliverable' e-mails, it could very well be you are not the infected one.

What antivirus program do you use?
 
Joined
May 28, 2003
Messages
2,366
Forgive me if I'm slow, but is it your antivirus program that is telling you there is a virus present or did you reach this conclusion because of the "returns" in your e-mail?
 

BearMom

Thread Starter
Joined
Apr 23, 2001
Messages
366
the returned email. Here's what it said--

Failed to deliver to '[email protected]'
SMTP module(domain lycos.com) reports:
mx.mail.lycos.com: Bad SMTP prompt at the host




--------------------------------------------------------------------------------


Received: from [66.190.159.231] (HELO oemcomputer)
by remt21.cluster1.charter.net (CommuniGate Pro SMTP 4.0.6)
with SMTP id 165315425 for [email protected]; Sat, 20 Sep 2003 16:47:58 -0400
Message-ID: <[email protected]>
From: "LW Gregory" <[email protected]>
To: <[email protected]>
References: <[email protected]>
Subject: Re: the computer ate my first email to you
Date: Sat, 20 Sep 2003 16:46:56 -0400
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0009_01C37F96.CD700B40"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
Disposition-Notification-To: "LW Gregory" <[email protected]>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
 
Joined
May 28, 2003
Messages
2,366
Next question, I assume you did try to send an e-mail to '[email protected]' ? It looks to me like a server problem may be causing this and not a virus on your computer.

Can you send mail to others?
 

BearMom

Thread Starter
Joined
Apr 23, 2001
Messages
366
I will try to. This computer is so slow, even after I ran the virus scan and supposedly got rid of the worm. One "removal" site said that the Gibe worm lodges files on the computer. Wouldn't the virus scan have found those???
 

~Candy~

Retired Administrator
Joined
Jan 27, 2001
Messages
103,706
Can you download the hijack this that I posted above????? Please.....
 
Joined
May 28, 2003
Messages
2,366
I'm not familiar with the antivirus software you are using but in general, the answer is yes. I've looked at the return again and it sure looks to me like "cliffhanger's" mail server is the problem. It says "SMTP module(domain lycos.com) reports:mx.mail.lycos.com: Bad SMTP prompt at the host" and my read is that you are using Charter as your ISP. It is his Lycos that is the problem. At least that is how I see things.

If your computer is slow, you may have some unwanted adware or spyware junk on your machine. Two programs, Spybot Search & Destroy and Ad-Aware will help get rid of the junk. They are freeware.
 

BearMom

Thread Starter
Joined
Apr 23, 2001
Messages
366
I will--I'm running the Housecall thingy right now. What exactly does Hijack this do? ( I do appreciate you help!!)
 
Joined
May 28, 2003
Messages
2,366
That is what Candy suggested to use. HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents. These are areas which are used by both legitimate programmers and hijackers

There are skilled folks on this forum that can look at your log of HJT and tell you if you have adware, spyware, viruses, and other bad stuff. I'd encourage you follow AcaCandy's suggestion on that. It too is free.
 

~Candy~

Retired Administrator
Joined
Jan 27, 2001
Messages
103,706
It'll tell you everything running on the computer that may be bad and slowing it down......


not me, but the gurus that know those logs :D
 

BearMom

Thread Starter
Joined
Apr 23, 2001
Messages
366
I just now downloaded Hijackthis and there are files that begin the lineup with either R0 or R1 and they have the word "Obfuscated" in parenthesis. I had to look that one up...
When I check the box and get the information, it says that the file is not a part of windows. The file names contain "true-counter".
One file says this:
HKCU/Software/Microsoft/Windows/Current Version/Policies/System, Disable Regedit=1

I cannot figure out how to highlight the scan results and post it here.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top