Posssible email virus - need advice

paulsmFebruary 9, 2011

I have a friend who I believe has had a virus in her email for a long time now. Unfortunately my guard was down and I just clicked on a link she provided. The email from her was certainly a virus as she sent a second email saying don't open the first email.

Am I now infected... will my friends be getting scam emails using my email address.

Is there an anti virus program I should be using to correct this. I just ran adware which found nothing... however there were no updates to adware when I checked... perhaps I am a bit behind in keeping up with the anti virus programs.


Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

run malwarebytes install it update then run full scan
Malwarebytes' Anti-Malware (Win) - Detecting and Removing Malware

let us know the results

adaware is not that great these days instead use malwarebytes and or superantispyware both are free.

what is your antivirus program on the pc? most have an auto scan on the emails as they come in and also when opened.

    Bookmark   February 9, 2011 at 9:22PM
Thank you for reporting this comment. Undo

You should have an Anti Virus installed on your computer. Do you?

Run a Malwarebytes scan see what turns up

Please download Malwarebytes' Anti-Malware to your desktop. Click here The Free Version.
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

    Bookmark   February 9, 2011 at 9:30PM
Thank you for reporting this comment. Undo

I downloaded and ran a full scan... here are the results

Malwarebytes' Anti-Malware

Database version: 5363

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

2/10/2011 2:53:20 AM
mbam-log-2011-02-10 (02-53-04).txt

Scan type: Full scan (C:\:)
Objects scanned: 177581
Time elapsed: 54 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I did get an error message when I installed the program but it may have been due to my data base being 58 days behind. I will update the data base today and rerun a full scan.

I have a dell Pentium desktop running firefox and thunderbird. Earthlink is my internet link. The system came with the Mckeefe security system which I have never updated or used. I just let it do it's thing whatever that might be.

How difficult is it to set up two email accounts. How do you use one or the other at a given time.


    Bookmark   February 10, 2011 at 4:16AM
Thank you for reporting this comment. Undo

Mckeefe security system? Did you mean to say McAfee? If this is what you have, I urge you to get rid of it. There are many antivirus programs available, some of them are free and several of them are much better than McAfee. Do some research-choose one-and learn to use it.You'll be much better off than you are now. When McAfee failed me, I chose Avira Antivir (free version)--it has been great.

    Bookmark   February 10, 2011 at 5:37AM
Thank you for reporting this comment. Undo

Does much matter if she has McAfee or not, she's not using any AV software. Which is why she has a virus now.

    Bookmark   February 10, 2011 at 6:32AM
Thank you for reporting this comment. Undo

Windows 5.1.2600 Service Pack 2

Windows XP PRO service Pack2!

Windows XP is currently running at Service pack 3. Your currently not receiving any Microsoft updates either. Why have you not kept your computer up to date?

I would not worry so much about E-Mail. I would focus on bringing the computer up to date. IE 6 is also way out of date. I would venture to guess other programs are also out of date. Without seeing additional report logs really hard to say where to start. I really don't want to offer any advice without seeing more detailed logs. I strongly suggest you visit a forum where you can get 1 on 1 help and get a clear set of instructions on how to proceed. Those instructions will be outlined after more thorough log review. If your doing any financial transactions on this pc you could be at risk being it so out dated. Get some 1 on 1 help, where the steps are outlined for you in a systematic fashion. I can get a link for a forum we send users to. I'll post it

    Bookmark   February 10, 2011 at 8:33AM
Thank you for reporting this comment. Undo

Hi Paulsm.

Here is a link to a forum we send users to. The link is going to give you a detailed set of instructions to follow to scan for Malware, and more. Malwarebytes doesn't tell the whole story. Please follow those directions there and post the required logs and get a good thorough check of the computer.

Here is a link that might be useful: Instructions to follow here,

    Bookmark   February 10, 2011 at 8:41AM
Thank you for reporting this comment. Undo

Thanks for the comments. I do appreciate your response and I do understand your position.

However, I will take a different path insofar as to how you look at a computer. If a computer consistently performs a number of functions that I need to have then I am completely satisfied. How many functions... pick a number... say 10 to 20 perhaps. I don't need to have the latest and the greatest features and the thrills that come with the upgrades. I do update certain programs like thunderbird and firefox etc. I did not bother to remove McAfee(aka McKaeefe) as the comments that I read indicated that it was a pain to remove programs like norton and this one. I did take a quick look at the site recommended and there is no way I am going to get involved with that scenario... way too complicated.

No one commented on the errors on the log I posted so I will assume they were not a problem. I also assume that the Malware program is not able to catch my type of problem. I did update the data base and ran a second complete scan. The same two items showed up on the log even though I had selected and deleted them on the first run.

Also there was no comment as to how a virus on the email function is generally used to create problems other than infecting others and causing a few headaches in the process. Would changing email account headings get rid of the problem... Would I lose emails that I do not want to lose from a historical perspective...


    Bookmark   February 10, 2011 at 9:54AM
Thank you for reporting this comment. Undo

I only suggested. My suggestion is a logical approach. It's your machine and your decision.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

The log shows "No action Taken" That usually means that you did not click remove selected. Or you did it before posting.

Those entries are not really a concern. Malwarebytes is telling you that windows notify is turned off. McAfee turned it off when it was installed because your monitoring your own AntiVirus program. When you fix those using malwarebytes it simply turns on windows notify.

At least remove McAfee and install a free Anti Virus. All you need to do is run the McAfee removal tool and install a free Anti virus like Microsoft Security Essentials.

I am unable to answer the E-Mail question.

    Bookmark   February 10, 2011 at 10:22AM
Thank you for reporting this comment. Undo

Well everyone, can I get on my soapbox now?

Here we have a user that clearly has no interest protecting himself against infection or working too hard to learn how to use his computer but when something goes wrong a bunch of volunteers are supposed to give up their time to help him. Ignoring for the moment the stunning degree of arrogance displayed, the important part to remember that this user's computer is connected to the Internet we all use. Perhaps the next infection turns his computer into some spam bot or is used for a denial of service attack. No problem, as long as the user's computer works most of the time. Who cares if my ISP has to invest in anti-spam software or buy more servers and bandwidth to handle the incoming flood of emails. Who cares if some company's website goes down or a bunch of IT guys have to get out of bed at 3 a.m. to deal with a DoS. What's really important is that the user isn't inconvenienced too much.

My position is that if you're unwilling to help yourself then I'm unwilling to help you (unless you'd like to pay me for my time).

    Bookmark   February 10, 2011 at 11:19AM
Thank you for reporting this comment. Undo

Mike, Mike, Mike

Don't go off the deep end with a number of wrong conclusions. Your analysis is faulty to say the least.

First, if I didn't give a hoot about my computer and others that I come into contact with I would not be wasting my time here. Second, I would be willing to pay you if I thought you were worth the money... Third, there is a school of thought that differs from you (I know... that may be difficult for you to handle)in terms of how much protection or busy work needs to be in place to protect a computer operation.

I have not had a problem or at the most, a couple of problems in perhaps the last 20 years or so. What I am saying is that bells and whistles are not important to me. Functionality is.

How much time did you really spend on this post... 10 minutes at the most...

It is apparent that you don't really have an answer to my problem so I will say thanks and leave it at that. I guess I will see if I have a problem.

BTW, my question on a new email account was a simple possible solution. Too bad you could not address that while you were up on your soapbox.

    Bookmark   February 10, 2011 at 12:19PM
Thank you for reporting this comment. Undo
ravencajun Zone 8b TX

I think we are all done here this is a help forum and you simply do not want our help so we will be happy to go on and help someone else. You no doubt are going to do exactly what you have been doing and want to do till the day your computer crashes and dies from being so corrupted that it no longer functions then of course you will go buy another and keep on your lovely tradition.
Bye bye

Helpers can only help those that want to be helped!

    Bookmark   February 10, 2011 at 1:12PM
Thank you for reporting this comment. Undo

I think Paulsm has a twisted way of looking at things. What he/she refers to as "bells and whistles" are no more than common sense protection. Your line of thought may have been acceptable years ago, but you fail to consider that you may be putting others at risk with your cavalier attitude. Of course, it is your computer, but when you use the Internet this way, you are affecting not only yourself but others if your computer is infected and becomes a "bot", spewing out spam and all sorts of malware. For shame!

    Bookmark   February 10, 2011 at 4:48PM
Thank you for reporting this comment. Undo

While some updates may include "bells and whistles" many are designed to improve stability and others increase security. That may not be readily apparent unless one reads the "fine print". The unfortunate reality is that folks out there who want to do harm and today a computer owner has to exercise due diligence because in this age of always on/always connected computers your mistakes can impact others. To some degree it's like a car, you have an obligation to maintain the vehicle so that when you step on the brake pedal, the car stops.

For the most part a computer virus isn't going to have catastrophic consequences of hitting, say, a pedestrian with a car but there are real costs associated with these things. 80% of all email is spam. Spam that we all are paying for because the hardware and associated costs of the increased traffic; costs that are passed to us in the form of higher fees for Internet access.

At the very least:

  • Use anti-virus/anti-malware software.

  • Use a firewall. Even better is to have a physical firewall like a router in additional to a software firewall.

  • Keep your computer updated. The more popular the software, the more likely someone is trying to find flaw they can exploit.

  • Use common sense. Because emails are generally scanned several times, they are an unlikely source of infection BUT any links they contain are NOT scanned. So if your dear friend sends you a message, "Hey, check out this video of a three headed baby." Before you click, think about using Google instead. If there really was a three headed baby, it's probably going to make the evening news. Or before you click on a link in an email from Aunt Millie wonder if you 87-year-old aunt really has a Facebook page.

  • Beware of phishing schemes. Your bank, investment broker, electric company, ISP, etc. is NEVER EVER going to send you an email saying they need information from you. If you are really concerned, call them using a phone number from the phone book or a statement.

  • Think before you click. If you're not sure why you're clicking ok, spend a couple of minutes and look up your problem. Generally somebody, somewhere has asked the same question before.

    Bookmark   February 10, 2011 at 5:54PM
Thank you for reporting this comment. Undo

Ok... It was not my intent to raise the hackles on anybody's neck. We can debate the different ways of looking at a computer all day long so lets see if we can actually produce a result here that I am looking for.

I will reduce this down to a simple question. I want to set up two email accounts using thunderbird. I want to be able to toggle between the two of them when sending and receiving messages. Is this possible using thunderbird.


    Bookmark   February 11, 2011 at 5:26AM
Thank you for reporting this comment. Undo

See link for possible solution.

Here is a link that might be useful: mozilla-thunderbird-3-multiple-email

    Bookmark   February 11, 2011 at 10:57AM
Thank you for reporting this comment. Undo


Thanks for the link. I found another similar to yours. Sorry to take so long to respond but I have been really busy.

As it turns out I really did not need to make any changes to Thunderbird or at the most one or two. Most of what I needed to do was in Earthlink. After 3 worthless phone calls to someone in India and a couple of also worthless chat sessions I found the solution myself.

For those interested here is the virus or situation I got caught up in.

Here is the problem that I brought to the table where we got sidetracked on the health of my computer. If you want to learn
about this type of email virus then click on the link below...


As to the advise I was given by the tech people about not being able to access an inactive or rather a main email address that was completely wrong. It is quite easy to do so. I changed my password, deleted my address book and set up another email address. I then warned everyone who had been in my address book not to click on any email from me using the old address. That was a lot of work. I am keeping the infected address around for a number of months to catch any straggle emails.

This should have been a simple job but it took a lot of effort and that is why I do not do upgrades unless absolutely necessary. It looks like I did everything quick enough as no problems have been forthcoming.

Anyway, on to bigger and more worthwhile things.


    Bookmark   March 23, 2011 at 6:21AM
Thank you for reporting this comment. Undo


This is the first time I've visited this forum in many years. Back in 1998 and 1999 and into the early 21st century I came here every day. I learned a great deal and eventually was able to help others.

I've recently encountered a problem with emails from friends that have links, but I knew better than click on them, thanks to this forum in my early days of computing. I was actually surprised to find that my user name and password still worked.

My computer is fine, but I have one friend that I started getting emails from yesterday with links that she did not send. I ran a full anti-virus scan with AVG and did not find any thing. I also ran a Ad Aware scan and did not find any thing. I don't think her computer has a virus, but I will use the program Malwarebytes program to check again. Thank you.

I'm planning on going back to school next spring to study computer science. I may be visiting here often again.

Everyone be well and happy!

    Bookmark   September 30, 2011 at 2:32AM
Thank you for reporting this comment. Undo

Hey Gene! It is good to see you. Long time no read my friend. Stick around whenever you have the time. My e-mail address is still the same.


    Bookmark   September 30, 2011 at 10:38AM
Thank you for reporting this comment. Undo

Seems to me as if your friend's e-mail has been hacked. She would do well to cancel that account and set up another one with a new password and notify all her contacts of the new e-mail address. Really that is about all she can do. The same thing happened to my granddaughter's hotmail account, and I received "e-mails" from her hotmail account for months afterward, even though she had notified hotmail about what had happened. She changed to a g-mail account, and so far everything has been okay with that one.

    Bookmark   September 30, 2011 at 2:39PM
Sign Up to comment
More Discussions
OK, turned my back, and the kids are playing with
backgrounds, and making the viewing easier on the eyes....
Internet Explorer keeps shutting down
I have just ignored this problem for the past 3 months...
Lea Grabb
Helping a elderly friend with their computer remotely
She is in her 90's, lives alone and needs help with...
Basic Video Help Needed
I know almost nothing about getting videos from video...
Linkedin - Friend's Attempt to Subscribe me to it.
I know nothing of social media outfits and don't want...
People viewed this after searching for:
© 2015 Houzz Inc. Houzz® The new way to design your home™