Months ago my gf was stupid and clicked on a suspicious link. Even if FF auto downloads, you don't run anything unless you double click it.
Well her AIM started spamming people with some photo album link which was just a download link.
I got her Kaspersky, ESET NOD32, Super Anti Spyware, EVERYTHING. I had a spyware infection once like 2 years ago and someone here gave me a link of resources and I had her run like 20 different things from Adaware to 3 different AV programs and a bunch of Malware stuff like Malware Bytes.
We cleaned everything out but her spam messages kept coming through. In the end I told her to change her password using another computer and then reinstall AIM. No more problems.
Recently I've gotten this addiction of finding out how things work, so are these things really taking your AIM password and then employing it in spyware/virus distribution?
I'm asking because my gf got another spam message from her friend and was stupid enough to click on yet another stupid link. It's some fake Youtube site that asks for your phone # to continue and she got a bunch of spam texts. She said it was a ringtone service subscription and she managed to fix it by going onto the AT&T website before I could do a /facepalm because I wasn't about to spend another 48 hours helping her fix her computer remotely.
Now her friend is rather ditzy too so I thought maybe she forwarded a link to my gf. Turns out I got it today at work. I texted the friend ASAP asking about the spam messages, and she's like "I'm at home, I left my computer at school and it's off." Well that does it. It's obviously a BOT. But I ask how?
So it's not really a service that runs on your computer apparently? It's like a one time stealing of your password then sends it to some Botnet?
Sorry I'm a security newb, but I'm trying to understand because with traditional infections I'm used to combing my system (provided I would rather not reformat ... although I reformat so often anyway that most of the time I would just go for it) until there's no more anti virus programs to install that I'm confident it's cleaned out. But if this isn't a product of the attacked computer, then I should really just do a simple sweep, change password, and the rest should be taken care of?
Well her AIM started spamming people with some photo album link which was just a download link.
I got her Kaspersky, ESET NOD32, Super Anti Spyware, EVERYTHING. I had a spyware infection once like 2 years ago and someone here gave me a link of resources and I had her run like 20 different things from Adaware to 3 different AV programs and a bunch of Malware stuff like Malware Bytes.
We cleaned everything out but her spam messages kept coming through. In the end I told her to change her password using another computer and then reinstall AIM. No more problems.
Recently I've gotten this addiction of finding out how things work, so are these things really taking your AIM password and then employing it in spyware/virus distribution?
I'm asking because my gf got another spam message from her friend and was stupid enough to click on yet another stupid link. It's some fake Youtube site that asks for your phone # to continue and she got a bunch of spam texts. She said it was a ringtone service subscription and she managed to fix it by going onto the AT&T website before I could do a /facepalm because I wasn't about to spend another 48 hours helping her fix her computer remotely.
Now her friend is rather ditzy too so I thought maybe she forwarded a link to my gf. Turns out I got it today at work. I texted the friend ASAP asking about the spam messages, and she's like "I'm at home, I left my computer at school and it's off." Well that does it. It's obviously a BOT. But I ask how?
So it's not really a service that runs on your computer apparently? It's like a one time stealing of your password then sends it to some Botnet?
Sorry I'm a security newb, but I'm trying to understand because with traditional infections I'm used to combing my system (provided I would rather not reformat ... although I reformat so often anyway that most of the time I would just go for it) until there's no more anti virus programs to install that I'm confident it's cleaned out. But if this isn't a product of the attacked computer, then I should really just do a simple sweep, change password, and the rest should be taken care of?
Facebook
Twitter