E-MAIL WARNING

[Suninfrance]

Sorry - but I am hopeless at this. I have set up my account, but notification of your message still came through to my inbox dispite the France Forum not being in my friends list yet?   Does that make sense?  If I turn my inbox off and check mail through washer - is that the way it works.

Pop-ups- browser is IE6.  My Pop Up Blocker is ON and so is my Phishing Filter.

Jan

[Clair]

[quote user="Suninfrance"]Sorry - but I am hopeless at this. I have set up my account, but notification of your message still came through to my inbox dispite the France Forum not being in my friends list yet?   Does that make sense?  If I turn my inbox off and check mail through washer - is that the way it works.

Pop-ups- browser is IE6.  My Pop Up Blocker is ON and so is my Phishing Filter.Jan[/quote]

The messages will come through unless they're deleted through Mailwasher.

First, check if Outlook is set to check for messages automatically.

If so, unclick to cancel automatic checks.

Then go to Mailwasher, go tools/options and set it 'to perform mail check' at whatever interval suits you.

See what else you could set it at to work with minimal input from you (play sound is useful for instance).

Then, whenever you want to download your emails, go to Mailwasher first to filter the messages in your inbox before downloading them with Outlook Express.

Do not get discouraged, nothing bad is going to happen! [:)] Just keep trying several settings until you find what you're happy with. I've been using Mailwasher for years and I only get the mail I choose to receive because I filter it before downloading it.

Re popups: sorry, I have IE7 and I cannot help in much detail. Your popup settings probably need tweaking a bit. My other browsers allow me to set 'never allow popups' with a filter list of the websites I do want popups from...

[Suninfrance]

Hi Clair

Thanks - I've done all that, so lets see what happens now.  I got my browser wrong - I'm on IE7 too.  I've set my pop-up blocker to block all pop-ups now.  Fingers crossed.  The last thing I wanted to do was a full system recovery.  I have, however, backed up all my important documents and printed off all important e-mails.  Mind you the Advent Manual for system recovery makes it all look very easy and I've got my start up disk safe and sound.

Can't thank you all enough for all your help. 

Just waiting for Dago to come back and help me sort out my virtual memory so I can put PhotoShop back on the PC.  In the meantime, I shall be putting some photos on the photo section.

Byeee for now.

Jan [B]

[Clair]

You will need to allow popups for some sites and if you do, you can also filter them out later...

[Will]

The way that Mailwasher works is that you use it first to look at your mail, then when you have deleted the messages you don't want, using Mailwasher's 'Process Mail' button, you click on Mailwasher's 'Mail Program' Icon and that will open Outlook Express or whatever you use. You have to set Mailwasher up first, Clair's instructions tell you what to do, and there are very good, more complete, instructions in Mailwasher's 'Help' menu (on the top menu bar or press F1). I too use IE7 and have the Google toolbar which has a very good, and free, pop-up blocker. It works with older versions of IE too, and is recommended.

[Loiseau]

You click on Mailwasher FIRST. 
It then presents you with a list of the emails waiting on your server (i.e. out in space, as I like to think of it).  You can even see the addresses of the email senders, so this helps you to identify unwanted ones (if they are gobbledegook things like [email protected])

To start with, MW obviously doesn't know which are friend and which are foe for you - unless it already recognises some nasty addresses from its own previous experience.

You can double-click on a message to view the first 20 lines or so, if you are doubtful about whether it is genuine (but you haven;t got it on your computer at this point; it's still in space).
You can right-click on any one in the list and mark individually as "friend", or the whole domain as a "friend", or ditto for "blacklist".

Check the box for deletion against any that you know you don't want.
Then click on Process mail, and it will throw out the ones you wanted deleted, and also will open your Outlook Express program for you, ready for you to hit "Receive".  As a belt&braces operation, I usually go back to the Mailwasher window and do "check mail" one more time, as if you have taken some time to consider the status of the first batch of items, a few other dodgy emails might have got onto your ISP server in the meantime. I quickly delete these, as above, and THEN click "receive" on Outlook Exp.

Hope that has spelt it out!

Angela

 

EDIT  While I was writing all that, Will snuck in with a much more succinct version!

[Suninfrance]

Just to say thank you.  MailWasher working a treat so far.

Still getting the odd pop-up, mainly French when I log into my ISP, Wanadoo.  Reporting them as Phishing sites as I go along.

Had to try and educate OH in using MailWasher 2nite.  He's a bit of a technophobe so not easy.  Say's he's going to leave e-mails up to me.

Anyway - hopefully, everything crossed - problem sorted.

Jan

[Pancake]

Should you find you have any problems with  MailWasher (Firetrust),it does have its own help forum:

http://www.castlecops.com/modules.php?name=Forums

 

 

[Danny]

[quote user="Suninfrance"]

Still getting the odd pop-up, mainly French when I log into my ISP, Wanadoo.  Reporting them as Phishing sites as I go along

Jan

[/quote]

Online phishing (pronounced "fishing") is a method of identity theft that tricks you into revealing personal or financial information online. Phishers use phony Web sites or deceptive e-mail messages that mimic trusted businesses and brands in order to steal personally identifiable information such as usernames, passwords, credit card numbers, and Social Security numbers.

Jan
Is this what you mean by phishing? if they are not fake bank websites etcthat you are seeing, there is not much point in reporting them

Danny

[AnOther]

For the technophobes there is a useful website which basically does what Mailwasher does but without having to install anything on the actual PC.

Go to http://www.mail2web.com and just enter your email address and PW and it will bring up a list of all the mail on your ISP's server and you can delete anything you don't like the look of.

There is only one GUARANTEED way to totally eliminate all spam and that is with a challenge response system such as Spambully (and others) offer http://www.spambully.com

This type system basically bounces all emails back to source where the originator has to enter a code to authenticate themselves, obviously as 99.9% of spam is automatically generated, often from spoofed addresses, the spammers are not going to do this.

It does mean that genuine senders may have to go through the same hoop but once they have done it once you can add them to a "white list" so future mail comes through unchallenged.

Most of these programmes also have a learning ability which will gradually filter out and reject spam outright.

Challenge response systems are not without their own drawbacks though so some thought has to be given before commiting to one:

http://www.timeatlas.com/mos/Email/General/Fighting_Spam_with_Challenge_Response_Systems/

[Suninfrance]

Mailwasher doing it's job. 

I've not (yet) had any fake bank sites.  The adds I'm getting are Jardin et Maison, Ski Rental, Horoscopes, Flights, La Redoute.  I guess they all could be legitimate sites, but I just don't want them popping up while I'm in the middle of something.  Annoying.  I guess then they are not really phishing sites, but most are asking you to purchase something and then I guess if you think, "yeah, I'll go for that" the b's have then got your details and who know what happens then. 

Apart from that, everything seems to be fine (touch wood).

 

[Clair]

If you have not yet done so, go to tools/pop-up blocker/turn ON.

Also check tools/pop-up blockers/settings to see what, if anything, is listed and if you don't want to allow it, highlight it in the list and click 'remove'.

[Loiseau]

They're just pop-ups then, Jan.  Some websites that you visit fling loads of them at you. 
Definitely not "phishing", which is people pretending to be Barclays Bank etc and asking you to enter your PIN on their website so they can drain your bank account...

I always imagined that they were perhaps the sites of people who use free service-providers, but that the downside is that the service-providers themselves sell advertising space to La Redoute etc, and cause the pop-ups to appear whenever somebody visits one of their clients' sites.  Or perhaps the website-owner can opt to sell publicity in this way, and pocket the money him/herself.

I am sure you can suppress the pop-ups using the advice given.

Glad Mailwasher is doing its stuff.  I sent money off to them with a light heart, as I really feel it's my best friend!

Angela

[Will]

I had a good phishing one this morning, saying that Barclays would give a £200 cash bonus for switching your existing current account. It was all very convincing - I only looked in Mailwasher, but there were graphics (no doubt the Barclays logo) and links to the real Barclays web site. However, the link that you click on for the particular 'offer' would take you to a site in Canada. No doubt, had I followed it, it would have asked for personal details to set up the 'new' account and all the details of the existing account so that it could be switched, not to Barclays but to a botttomless pit.

A rather smarter than the average bit of phishing. It let itself down though by sending the message, in English and with all sums mentioned in sterling, to a French e-mail address. 

[Jc]

I trust you forwarded it to Barclays.

[Suninfrance]

Just had that WinAntiVirusPro2007 pop up my screen again.  Loads of flashing warning signs with the words your computer, location - Ukraine, browser - Mozilla.

They are so having a laugh.

Checked out the list of baddies on Spybot yesterday and that is one of the blacklisted sites.

[Pancake]

[quote user="Suninfrance"]

Just had that WinAntiVirusPro2007 pop up my screen again.  Loads of flashing warning signs with the words your computer, location - Ukraine, browser - Mozilla.

They are so having a laugh.

Checked out the list of baddies on Spybot yesterday and that is one of the blacklisted sites.

[/quote]

 

If you are setting a warning saying your computer is infected with WinAntiVirusPro2007 it may be a genuine infection...As a computer security analyst,this is my field of expertise and to be on the safe side I think we should check it out just to be on the safe side...

Download [url=http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe] HijackThis [/url].  It will create a directory folder for you in C\Program files. Run a scan and save the log file.  Post the whole log file here.  Do not fix anything since most of them listed there are harmless (some are system required).  This program will help  determine what,if any, spyware/malware is on your computer.

 

[Suninfrance]

Today, I thought I'd "bite the bullet" and go for a System Recovery - big mistake.  Completed the Recovery but could not get into any of my favourites, use the search bar etc.  Also discovered that the System Recovey CD that was made before the PC was used for the first time doesn't work  Ended up doing a System Restore back to yesterday and I can now get into things, but still have the pop-ups.  So, Pancake, I will set a System Restore Point and then look at HiJackThis.

I am soooooo fed up with all this.  There's always some b****** out to get you [:@].

I have actually started to see a pattern when I visit particular sites.

AVG and Symantec Website and even this thread in this forum = AntiVirus ads and "your PC is sending private information - your location Ukraine, Kiev (derrrr)

Wanadoo Meteo site - Ski Rental

RHS site & Ikea - Jardin et Maison (well Spring is coming and I'm planning a trip to Bordeaux [:)])

Diet thread on this site = Diet ads

Jan

[AnOther]

You seem to be in a right pickle and understandably perhaps a bit wary of installing anything else but if you can't cure the disease you might at least try to suppress the symptoms so might I suggest you give the Maxthon browser a go ?

 http://www.maxthon.com

This is free and has very good and customisable Popup and Ad blockers and I think it is the latter that IE6 is unable to deal with.

Maxthon is simply an overlay for IE and installing it in no way interferes with it and  if you didn't like it simply don't use it and just go back to IE, nothing to uninstall and nothing changed in IE.

[Suninfrance]

Hi ErnieY - you have no idea what just happened.  I have got into the habit of deleting my browsing history to stop things lurking in it and that includes all my passwords.  I got your message, logged into the site and it wouldn't accept my password. I set up a new one and now am on the site.  As soon as I logged into this thread up pops WinAntiVirusPro 2007 telling me I have 269 infected files.  I know I don't, because I daily run AVG (paid for licence), Windows Defender, Spybot, etc and still the ********* come up.

There seem to be so many things to try.  I have asked my friends who are in England at the moment to bring me back the latest version of Norton Internet Security.  I dumped it last year because the subscription renewal caused me so many problems, but at least my PC was free from "crap".

Jan

[AnOther]

Sorry to hear that, I can imagine how frustrating this rubbish can be. I'm not sure buying Norton will solve your problems though and it's fallen quite out of favour recently for its resource hogging behaviour and I dumped it quite some time ago in favour of AVG.

I digress:

I found this site: http://remove-winantivirus.info/?gclid=CLCbyILkrooCFQ0WEAod_BSOqA

which recommends: http://www.paretologic.com/xoftspy/se/newlp/xray/?uid=8vlw7

It seems to be perfecly genuine so why not give it a try ?

EDIT

Just tried that myself and despite what it says on the site it only does a free scan but won't remove anything until paid for so forget it.

I did however find something else which suggests the problem is closely related to another malware product called Vundo or Winfixer and I have copied below the instructions for getting rid of this. I have run this in the past on a friends PC and is perfectly safe and won't harm your PC any more than it is already.

This is the site it came from http://www.bleepingcomputer.com/forums/topic18610.html

If you have any problems downloading the fixes please PM with an email address and I'll forward them on to you directly.

Removal Steps:

1. Please print these instructions as they will be needed later when Internet access is not available.
   
   

2. Save these instructions in word or notepad to the desktop where they can be easily found.
   
   

3. Download Vundo Fix and save it to your desktop.
   
   

4. When it has completed downloading, double-click VundoFix.exe to run it.
   
   

5. Click the Scan for Vundo button.
   
   

6. Once it's done scanning, click the Remove Vundo button.
   
   

7. You will now receive a prompt asking if you want to remove the files, click the YES button. Once you click yes, your desktop will go blank as it starts removing Vundo.
   
   

8. When completed, it will prompt that it will shutdown your computer, click the OK button.
   
   

9. When the computer has shutdown, turn your computer back on.

The WinFixer and Vundo infection should now be removed from your computer.

If you are still having a problem then please perform the following steps.

This step should only be used if the instructions in the previous steps did not remove the infection:

1. Download VirtumundoBegone and save it to your desktop.
   
   

2. Now reboot into Safe Mode.
   
   

   1. This can be done tapping the F8 key as soon as you start your computer
      
      

   2. You will be brought to a menu where you can choose to boot into safe mode.
      
      

   3. Select safe mode with networking using your arrow keys on the keyboard and then press enter.
      
      

   4. When you computer reaches the desktop make sure you log in as the same user which you had performed the previous steps,
      
      

3. Once you are logged into safe mode, double-click VirtumundoBeGone.exe file you just downloaded and follow the instructions.
   
   

4. Exit when it has finished, and reboot back to normal mode.

[Pancake]

[quote user="Suninfrance"]

AVG and Symantec Website and even this thread in this forum = AntiVirus ads and "your PC is sending private information - your location Ukraine, Kiev (derrrr)

Jan

[/quote]

 

This has given me more info and I now know what the infection is so I still need that HJT log so I can help you with the cleaning...

[Danny]

Jan, have a look HERE for some pertinent information about your PC and do as pancake suggests and post the Hijack the log here

Danny

[Suninfrance]

Hi Pancake & Jane & Danny - sorry - I've not been ignoring you.  The weather has been so good the last couple of days that knocking down our "spooky" house has taken priority over the PC.  It's due to rain again tomorrow, so I shall try and sort out that log for you and send it over. 

Jan

[Suninfrance]

Hi Pancake - any luck with the file I sent you.  I've since changed to a new browser and no pop-ups (yet) - I am so happy.  I think the issue is with IE7.

Look forward to hearing from you though with your thoughts on the HJT log.

Jan