Even though my NIS is up to date and run constant scans, my PC seems to be infected. My system is EXTREMELY slow and I get daily bogus emails from certain people in my address book, wanting my to go to a link to "nude pictures of my neighbor!" Ever since I've been getting these emails, my system is super slow! What should I do?
Thanks!
Gordo
Even though my NIS is up to date and run constant scans, my PC seems to be infected. My system is EXTREMELY slow and I get daily bogus emails from certain people in my address book, wanting my to go to a link to "nude pictures of my neighbor!" Ever since I've been getting these emails, my system is super slow! What should I do?
Thanks!
Gordo
Hi GordoB,
No one security program will protect you all of the time from every threat that is created and turned loose on the Internet. The detection techniques are improving but so are the skills of the 'nasty' creators. The Malwarebytes recommendation is a good one. The FREE product is Norton compatible and kept on the desktop will give you a way to get a second opinion quickly. A weekly full scan doesn't take all that long and the comfort factor of seeing that nothing was found can get great.
We'll keep the light on for when you need us again. Til then
Stay well and surf safe
Hi GordoB:
If the MBAM scan doesn't detect any serious threats, one of the best malware removal experts in the forum, Quads, often recommends that users install the portable SUPERAntiSpyware scanner (available for download here) on a USB drive and try a remote scan.
Norton has a utility called Norton Power Eraser (available here) that is an extremely aggressive scanner and targets threats like rootkits that may go undetected by traditional anti-virus scans, but NPE often detects false positives and can remove important system files if used incorrectly (see delphinium's comments here in the Norton Protection Blog). It should be safe to run this tool in diagnostic mode (see RichD's instructions here) but I wouldn't allow this tool to "fix" any files unless you can confirm that you are infected with a virus that cannot be removed by any other method. I may revise my opinion of this tool once Symantec has completed the beta testing of NPE v. 2.x (see here for more info) but in the mean time I would use the NPE with extreme caution..
I'm not a malware removal expert, but if you're receiving bogus e-mails and all your scans with NIS, MBAM and SUPERAntiSpyware are clean then it's always possible that the people in your address book are the ones who are actually infected. You may just be one of the unfortunate souls receiving spam e-mail from their computers, and you should be able to set up a rule in your e-mail program to have these incoming e-mails moved immediately to your trash folder so that you don't accidently click on the link in these e-mails and infect your own compter. In my Windows Mail program I can do this at Message | Create Rule From Message.
It's also possible that your poor system performance has nothing to do with these e-mails, so if you can't find any malware on your system you may find some of the troubleshooting tips here in Patrick McCabe's thread Is Norton Slowing Down My Computer? helpful in diagnosing the problem. The Idle Time Optimizer (a disk defragger that comes with NIS) and Norton Community Watch are two resource-intensive NIS tasks mentioned in that post that can be disabled without decreasing your system protection.
If your can't find any malware on your system, post back with some information about your Windows OS, whether you recently installed or upgraded NIS, and your current NIS version (go to Support | About - the latest NIS 2012 is currently v. 19.2.0.10). It would also be helpful to have some information about your system hardware (e.g., amount of RAM, CPU speed - go to Start | All Programs | Accessories | System Tools | System Information), the speed of your Internet connection, and your default web browser (e.g., IE, Firefox, Chrome, etc.). You can check to see if your PC meets the minimum system requirements for running NIS here - just click on the System Requirements tab.
Edit:
And please let us know if you've ever had other security software from another manufacturer (e.g., McAfee, AVG, etc) running in real-time protectiion mode on your PC. Residual registry entries and files from old security programs can sometimes conflict with NIS and other Norton software and slow your system down - see lowries4 thread here titled Help! Computer Running Very Slow and Affecting Internet Speeds for one example.
-------
Windows Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6.0.29 * IE 9.0 * Firefox 9.0.1
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
GordoB wrote:I get daily bogus emails from certain people in my address book, wanting my to go to a link to "nude pictures of my neighbor!
Contact your ISP. Contact your email server. Contact the 'certain people in your address book'.
Your email account may have been compromised or the account of someone in your address book may have been compromised.
Thanks for all your help! I did download Malwarebytes and ran it. Found 10 malware/adware. Speed is back to normal, haven't recieved any bogus emails yet, but, if I do, will be contacting Comcast!
Thanks again! Great site!
Gordo
Hi GordoB:
Glad to hear the MBAM scan improved your system performance.
Per bjm_'s advice, I would still contact the "certain" people from your address book who have been sending these bogus e-mails to you. If their computers are infected they'll continue to to send these e-mail messages to you (or infect other people in their address book) until the malware is removed from their system.
------
Windows Vista Home Premium 32-bit SP2 * NIS 2011 v. 18.6.0.29 * IE 9.0 * Firefox 9.0.1
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS
Ok! Question: If I've been getting the same emails from the same 4 or 5 people in my address book, does that mean they all have the same infection? Or is it my system that sending these out? What's been interesting, the names on the sent emails are my 4-5 friends, however, the email addresses have never been their real email address, they just use the names. Meaning, a virus/malware has gotten into my system, stealing names from my address book, not their actual email accounts, and sending me these bogus emails wanting me to go to some site.
Does that make sense?
Hello GordoB
Take a look at the Full Header of the suspect or any email before opening ... ie: View Full Header
Most of the info is gobilygook....but, you may be able to discern faux from legit emails.
Send yourself an email and review the Full Header.
Compare to suspect mail Full Header.
Obvious spam is easy to discern via viewing the Full Header.
Do you use Comcast proprietary email server or other ie: Yahoo / Hotmail / etc.
If I recall correctly. Comcast email requires Java which is infamous for security issues .
Do you use client based account (Outlook) or web based account to access your email.
Does the suspect mail go to your inbox. Mark the mail as spam to train spam filter.
Considering the subject matter of the mail. Does it go to your spam box.
Within the email client environment. There are tools to block mail / add addresses to spam filter.
Contact Comcast or your email server for help.
You may copy/paste/save Full Header info for your ISP and or email client.
Maybe this and/or this will help.
This comment has been moved to its own thread.