May I ask if your Windows has the patches/updates from Windows Update when the attacked happened? I ask because I didn't see you mention that you have the Windows updates in place which is one of the defense from such attacks.
"My question is this: I read in your forum about keystrokes and clipboard contents captured by spyware. Can you give me objective advice of what to do? Windows Defender did not find it, nor McAfee virus scan. Reformatting does not seem like the answer until I can find out how the "connect the computers" found out the new email address. Obviously I am still being watched.. each spyware company touts its own horn about their spyware products and ends with the disclaimer that no product is perfect.
How do I proceed?? Help!"
I will first consider the advise by your ISP to (3) It's just spam - ignore it.
Some users fall into opening anything out of curiosity. Email is one of the major method in use to spread malware.
Next, I would change the Internet account's password (with a strong password). Change your email address' password too with strong password.
Re-install the system, use the system with 'logon password' instead of using it without user's account password, enable the firewall software, install antivirus, antispyware with real-time protection and patch the system by visiting Microsoft Update website.
Safehex - http://www.sophos.com/security/best-practice/
There's a lot to do but using that guide and by not opening anything from stranger is something that might save a user.
In addition, no security tool is effective if scanning is not done regularly. Scan often and get a 2nd opinion by scanning again using online scanners.
Intro: I am all new to message boards. I must have posted it in the wrong place b/c someone responded that this should be a new discussion. Many thanks for teaching me the ropes! Now the dilemma:
Short version: while symantec spent five days (4 1/2 hours via remote access on one of the days) trying to get rid of the continuous alert Bloodhound.Exploit 13,my computer was hacked and everything was taken. Symantec tried to do a files recovery that maybe things were just scrambled around. "Sorry, everything is gone. There is nothing to recover." I was fortunate enough in an echat with the tech support for my computer (emachine T5086 / Vista Home Premium) to be able to send it to Gateway for reformatting. Serious damage had been done such that it could only be fixed by sending it to Gateway. I thank them for all their assistance. My computer was reformatted and factory installed software reinstalled under the warranty.
The hacker also diverted all my email. A first level tech at the ISP made a fatal mistake making it impossible for the higher level to find a footprint of where the mail went. A new user name and password were established at the ISP. 3 days later I ordered a replacement CD to install drivers for the usb cable connecting my computers when I could not find the original CD. Being afraid to contaminate anyone else's computer, I have not given the new address to anyone except when I placed the CD order on a secure website (Laplink)
Deciding it was time to put this experience behind me, I went into email to re-enter all the email addresses of my friends. Imagine my absolute shock when I find that there are 2 emails. The latter being a confirmation of my CD order, and the other was from some unknown being "Ken Sheffler" w/ the subject "PC Upgrade." Afraid to open it (who knows the address that I have not given anyone??),I contacted the ISP to open it.
They did and put it onto the screen within the echat. The suspicious email mentioned my full name in a cordial letter (paraphrased) "I can be of service to you with a product to connect your computers." It ends with a polite and closing statement. Such as Cordially yours, and then the writer's name, Ken.
I don't believe this sole email was just a coincidence that the subject was connecting computers.
The ISP supervisor was of no help. The explanation: (1) You MUST have given someone your address (2) Someone else had the email address before you and that is their mail (3) It's just spam - ignore it.
Contacting Gateway, the answer was that I need to reformat again.
My question is this: I read in your forum about keystrokes and clipboard contents captured by spyware. Can you give me objective advice of what to do? Windows Defender did not find it, nor McAfee virus scan. Reformatting does not seem like the answer until I can find out how the "connect the computers" found out the new email address. Obviously I am still being watched.. each spyware company touts its own horn about their spyware products and ends with the disclaimer that no product is perfect.
How do I proceed?? Help!