Hotmail account Hi-Jacked - BEWARE of trojan

[Cache-man]

I have just returned from a week holiday in Northern Cyprus, and checked my hotmail account to find that someone has hacked into my account and sent a e-mail containing a trojan to all of my contacts nearly 200 unhappy people ). I'm fairly sure the e-mail itself does not contain a virus, but there is a link which when clicked takes you to a website, and then prompts you to download a codec, which contains the virus/trojan. The email is titled "Help" and contains the following content (I have removed the '.com' from the end of the link and replaced it with '.xxx' so nobody here accidentally clicks it!)

Hi! How are you?
You know I've created my own website!
Can you check how it works?
It's http://cretionx.xinwen365.xxx
Can you see video?
Bye!

_________________________________________________________________
Be the first to hear what's new at MSN - sign up to our free newsletters! http://www.msn.co.uk/newsletters

I know for sure, that some of my contacts donloaded it, and they are not happy with it.

Also, unfortunately I have infected my own PC with it too (I really should know better, but my tiredness from a full days travelling back to UK got the better of me).

The virus/trojan seems similar to a problem a few others have had here for the last few weeks, escept I have a flashing warning triangle with a black exclamation mark in the centre flashing in my taskbar, which pops up a windows type system alert bubble warning of a spyware infection. Please see attached picture.
I also get Internet Explorer popups occasionally which are irritating (I use Firefox).

Has anyone experienced this e-mail, and/or trojan variant, and how can I get rid?

 

[Adywebb]

I doubt if your hotmail account has been hacked, it is more likely that you have picked up a worm/virus which has mass mailed itself via your account.

This appears similar to the current spyfalcon/spyware quake/spyaxe etc variant that is currently doing the rounds.

If you click on the alert, what does it try to get you to download to 'help' you 'remove' the spyware?

Have a look at the removal instructions HERE and give it a go

 

[Cache-man]

I know the possibility of my account being hijacked is not very high, but it must have been done as I have been away all week, with no access to a computer (so havent connected to my account from anywhere), and nobody else had access to my main PC at home. I just got home and saw it had been done

I will look at the link you posted when I have finished all my virus/spyware checks here.

 

[muckshifter]

80,000 Web-based email accounts get hijacked every month ... and you nor the ISP can do anything about it.

If you have been "hijacked" you will not have access to your account as the hijacker will have changed it. Follow Adys instructions ...

These are reasons that I am a promoter of Google's Gmail program ... the fact that every page served is through a secure SSL connection is a big winner in my book!

Would you like an invitation to receive a Gmail account?

 

[leey2ki]

ive been wanting to use gmail for an absolute age but not had an invitation yet lol

 

[muckshifter]

ive been wanting to use gmail for an absolute age but not had an invitation yet lol

Send an email to me, using the one in my sig, with a name you wish to use and a genuine email address and away you go.

 

[leey2ki]

thanks alot mate extremelyyyyyyyyyyyyyyyy appreciated, ive sent it via my hotmail email which is * edited again 'cos you left a bit in that showed your email ... mucks * subject title "hey there"

thanks a million

 

[Adywebb]

Oooops - try to avoid posting your email addy in forums dude, there are alot of email grabbing robots out there hovering them up to spam you to death

I suggest you edit it out, although Mucks or another of our Super Mods will come and remove it anyway

 

[leey2ki]

cheers, only put it in so he knew which was my email.

 

[muckshifter]

Oooops - try to avoid posting your email addy in forums dude, there are alot of email grabbing robots out there hovering them up to spam you to death

I suggest you edit it out, although Mucks or another of our Super Mods will come and remove it anyway

Sorted ...

Lee, don't go posting email address in forums ... as Ady said, you'll be pestered with spam, and some of that spam will contain links to other nasties ...


The email address in my sig is a picture, you can't click it, it cannot be harvested by bots.

 

[Adywebb]

No problem - don't worry Mucks has an all-seeing eye

.....just the one

 

[muckshifter]

No problem - don't worry Mucks has an all-seeing eye

.....just the one

Yep,

 

[Adywebb]

Yep,

Is that your dodgy one Mucks, or are you really winking

 

[itsme]

No problem - don't worry Mucks has an all-seeing eye

.....just the one

No good saying Eye! Eye! mucks then just say Hi

 

[Cache-man]

I think I have now managed to clean out the nasties by double checking with ALL of the following:
Spybot S&D
Ad-Aware SE
Spyware Blaster
CCleaner
McAfee Antivirus
McAfee Anti Spyware
Ewido
and the SmitFraudFix

I think Ewido cleaned it out in the end.

I couldn't believe it when I got back from my hols and saw the state of my hotmail inbox (I can currently still acces it). I also cant believ I was silly enough to go ahead and download the flaming codec nasty, I think it has something to do with not having slept for about 36 hours though. Thanks for the help though guys.

As for the hotmail account, I'm just going to export my contacts, and close the account alltogether - I only used it as a spam box really, but it was the same address I used for MSN messenger so all my friends and colleagues were in the contact list - probabally not a good idea, thinking about it now.

Thanks for the G-mail offer Mucks, but I already have a account and have just never used it. I'm gonna register a new personal domain no though and get that set up as my mail box.

 

[muckshifter]

Well, pleased to see you back & sorted ... just do yourself another favour, pop along to HouseCall and get another opinion. I'm afraid I don't trust McAfee rubbish.