Reading mode: Light Dark

Email compromised?

Go to last post
B

BlueRay2

Forum Pro
Messages
14,816
Solutions
4
Reaction score
4,804
Location
CA, US
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.

--
Who are you gonna believe, me, or your lying eyes? Groucho Marx.
 
Last edited:
Probably a phishing attempt. As a precaution, change all relevant passwords, to be safe.
 
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.
Click to expand...
I think the likely scenario could be...

The email was fake/spam, and it probably contained a link that opens a fake, malicious web page that hosts and attempts to download malware to your PC.

If MS Defender failed to block the malware then your PC may be infected.

If MS blocked [all] the malware then you might be OK.

Your email itself may not [yet] be compromised per se - but if your PC was compromised then this in turn could compromise your email along with anything/everything else you use your PC for or connect to.

Suggestion...

1. Open the MS Defender utility and look for any logs of events/detections.

2. Run a full scan using MS Defender.

3. Download a better quality anti-malware product such as Avira Free Antivirus and run a full scan.

N.B. Avira can be installed as a 'scan on demand only' installation via its advanced installation setting - alternatively you could just 'un-install' it after you have run a thorough scan (although personally I would keep it in place of MS Defender).

If you are really concerned/paranoid then you might want to run a scan from a bootable 'rescue disc' - so that the system can be scanned without the OS booting/running because very clever/nasty malware can occasionally hide itself while a system is running. Avira used to provide such a 'rescue CD' download, but unfortunately I just found they no longer do - no doubt other people may have alternative 'bootable off-line scanner' suggestions.
 
Last edited:
Mark H said:
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.
Click to expand...
I think the likely scenario could be...

The email was fake/spam, and it probably contained a link that opens a fake, malicious web page that hosts and attempts to download malware to your PC.

If MS Defender failed to block the malware then your PC may be infected.

If MS blocked [all] the malware then you might be OK.

Your email itself may not [yet] be compromised per se - but if your PC was compromised then this in turn could compromise your email along with anything/everything else you use your PC for or connect to.

Suggestion...

1. Open the MS Defender utility and look for any logs of events/detections.

2. Run a full scan using MS Defender.

3. Download a better quality anti-malware product such as Avira Free Antivirus and run a full scan.

N.B. Avira can be installed as a 'scan on demand only' installation via its advanced installation setting - alternatively you could just 'un-install' it after you have run a thorough scan (although personally I would keep it in place of MS Defender).

If you are really concerned/paranoid then you might want to run a scan from a bootable 'rescue disc' - so that the system can be scanned without the OS booting/running because very clever/nasty malware can occasionally hide itself while a system is running. Avira used to provide such a 'rescue CD' download, but unfortunately I just found they no longer do - no doubt other people may have alternative 'bootable off-line scanner' suggestions.
Click to expand...
Mark, i thank you for your response and advice, i'll try some of them to see if i see any change or result! one of my question was: if my desktop is compromised, how would that affect my laptop in any way when i check on my email? thanks.
 
1Dx4me said:
I thank you for your response and advice, i'll try some of them to see if i see any change or result! one of my question was: if my desktop is compromised, how would that affect my laptop in any way when i check on my email? thanks.
Click to expand...
If the computers aren't networked, I see no reason why the laptop should be compromised.
 
1Dx4me said:
Mark H said:
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.
Click to expand...
I think the likely scenario could be...

The email was fake/spam, and it probably contained a link that opens a fake, malicious web page that hosts and attempts to download malware to your PC.

If MS Defender failed to block the malware then your PC may be infected.

If MS blocked [all] the malware then you might be OK.

Your email itself may not [yet] be compromised per se - but if your PC was compromised then this in turn could compromise your email along with anything/everything else you use your PC for or connect to.

Suggestion...

1. Open the MS Defender utility and look for any logs of events/detections.

2. Run a full scan using MS Defender.

3. Download a better quality anti-malware product such as Avira Free Antivirus and run a full scan.

N.B. Avira can be installed as a 'scan on demand only' installation via its advanced installation setting - alternatively you could just 'un-install' it after you have run a thorough scan (although personally I would keep it in place of MS Defender).

If you are really concerned/paranoid then you might want to run a scan from a bootable 'rescue disc' - so that the system can be scanned without the OS booting/running because very clever/nasty malware can occasionally hide itself while a system is running. Avira used to provide such a 'rescue CD' download, but unfortunately I just found they no longer do - no doubt other people may have alternative 'bootable off-line scanner' suggestions.
Click to expand...
Mark, i thank you for your response and advice, i'll try some of them to see if i see any change or result! one of my question was: if my desktop is compromised, how would that affect my laptop in any way when i check on my email? thanks.
Click to expand...
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.

Also follow the advice of the FTC at:


Good luck and ready EVERYTHING in the future,

Morris
 
Morris0 said:
1Dx4me said:
Mark H said:
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.
Click to expand...
I think the likely scenario could be...

The email was fake/spam, and it probably contained a link that opens a fake, malicious web page that hosts and attempts to download malware to your PC.

If MS Defender failed to block the malware then your PC may be infected.

If MS blocked [all] the malware then you might be OK.

Your email itself may not [yet] be compromised per se - but if your PC was compromised then this in turn could compromise your email along with anything/everything else you use your PC for or connect to.

Suggestion...

1. Open the MS Defender utility and look for any logs of events/detections.

2. Run a full scan using MS Defender.

3. Download a better quality anti-malware product such as Avira Free Antivirus and run a full scan.

N.B. Avira can be installed as a 'scan on demand only' installation via its advanced installation setting - alternatively you could just 'un-install' it after you have run a thorough scan (although personally I would keep it in place of MS Defender).

If you are really concerned/paranoid then you might want to run a scan from a bootable 'rescue disc' - so that the system can be scanned without the OS booting/running because very clever/nasty malware can occasionally hide itself while a system is running. Avira used to provide such a 'rescue CD' download, but unfortunately I just found they no longer do - no doubt other people may have alternative 'bootable off-line scanner' suggestions.
Click to expand...
Mark, i thank you for your response and advice, i'll try some of them to see if i see any change or result! one of my question was: if my desktop is compromised, how would that affect my laptop in any way when i check on my email? thanks.
Click to expand...
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.

Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Morris, i thank you for your great advice and common sense! but here is another question: would it be better id i change my passwords on my laptop or it doersn't make that much difference if i do it on my desktop! i stopped using my desktop as soon as i found out my email on my desktop is hosed, i stopped even going online on my desktop! thanks for your response!
 
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.

--
Who are you gonna believe, me, or your lying eyes? Groucho Marx.
Click to expand...
You were using your desktop PC to view your email right, and you login to your email using the Firefox browser?

After Windows Defender alerted you with a quick message, did you go into the program to see what it was about?

Disconnect that PC from the internet and have a look at Windows Defender, use it to run a scan of the PC.

Your laptop should be fine as long as you didn't visit the same malicious link on there as well. It's unlikely that your email password has been compromised but you might want to change it anyway.
 
1Dx4me said:
Morris0 said:
1Dx4me said:
Mark H said:
1Dx4me said:
3 nights ago, i received an email from UPS and everything looked very authentic! so i opened it to see what is being delivered, to see that info, i have click on that long delivery code, so i did but i noticed the new page was saying something irrelevant, but before i click the code, my MS defender came on with a quick message that i didn't have time to read what it was saying! the reason why i opened this message was that i had some cigar on order and haven't received in a long time so i thought it was being delivered. all of a sudden, it dawned on me that desktop email just got compromised! the UPS message was so authentic that i never thought of foul play!

so here is my question: was it my desktop that just got compromised, or my email, or can i open my email from my laptop without being compromised, or it doesn't matter where i ope my email form, my email is completely hosed? if it is only my desktop, i can live with that and i can always use my laptop for emails from now on! to those who know the answer, i would like to hear your opinion and much appreciated!

P.S. i use Firefox browser, BTW.
Click to expand...
I think the likely scenario could be...

The email was fake/spam, and it probably contained a link that opens a fake, malicious web page that hosts and attempts to download malware to your PC.

If MS Defender failed to block the malware then your PC may be infected.

If MS blocked [all] the malware then you might be OK.

Your email itself may not [yet] be compromised per se - but if your PC was compromised then this in turn could compromise your email along with anything/everything else you use your PC for or connect to.

Suggestion...

1. Open the MS Defender utility and look for any logs of events/detections.

2. Run a full scan using MS Defender.

3. Download a better quality anti-malware product such as Avira Free Antivirus and run a full scan.

N.B. Avira can be installed as a 'scan on demand only' installation via its advanced installation setting - alternatively you could just 'un-install' it after you have run a thorough scan (although personally I would keep it in place of MS Defender).

If you are really concerned/paranoid then you might want to run a scan from a bootable 'rescue disc' - so that the system can be scanned without the OS booting/running because very clever/nasty malware can occasionally hide itself while a system is running. Avira used to provide such a 'rescue CD' download, but unfortunately I just found they no longer do - no doubt other people may have alternative 'bootable off-line scanner' suggestions.
Click to expand...
Mark, i thank you for your response and advice, i'll try some of them to see if i see any change or result! one of my question was: if my desktop is compromised, how would that affect my laptop in any way when i check on my email? thanks.
Click to expand...
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.

Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Morris, i thank you for your great advice and common sense! but here is another question: would it be better id i change my passwords on my laptop or it doersn't make that much difference if i do it on my desktop! i stopped using my desktop as soon as i found out my email on my desktop is hosed, i stopped even going online on my desktop! thanks for your response!
Click to expand...
I used to work in IT security and have seen this many times. There are two concerns.

- The passwords for you online accounts (web sites)

- The computer you used at the time of the compromise which I think was your desktop. That computer may have malware on it. The only guaranteed way to get rid of that would be to reinstall windows from power on and then reinstall everything else and this is quite time consuming. Our helpdesk liked the combination of:

This one gets rid of rootkits which are persistent and hard to detect

www.malwarebytes.com

Rootkit Scanner

Rootkits are one of the most malevolent and hardest types of malware to detect and remove from your device. Learn how Malwarebytes removes rootkits before they cause damage.
www.malwarebytes.com www.malwarebytes.com

After using that use there general AV program which is a free download in the upper right corner

www.malwarebytes.com

Official Site | Malwarebytes: Antivirus, Anti-Malware & Privacy

Malwarebytes offers advanced antivirus, anti-malware, privacy and scam protection for all your devices. Protect your digital life today.
www.malwarebytes.com www.malwarebytes.com

This is not a good real time scanner yet it's great at finding infections.

My favorite free AV are:

Bitdefender free

www.bitdefender.com

Bitdefender Free Antivirus Software

Bitdefender Antivirus Free offers powerful antivirus protection that is light on any device's resources. The only free antivirus that you'll ever need!
www.bitdefender.com www.bitdefender.com

AVAST free

www.avast.com

Download Free Antivirus Software | Avast 2025 PC Protection

Download free virus protection for Windows PC. Avast offers modern antivirus for today’s complex threats. Fast, simple, and 100% free. Try it today!
www.avast.com www.avast.com

Both will throw acastional adds to upgrade. You will see less of them with Bitdefender

Good luck,

Morris
 
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Morris0 said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
 
Last edited:
Morris0 said:
I used to work in IT security and have seen this many times. There are two concerns.

- The passwords for you online accounts (web sites)

- The computer you used at the time of the compromise which I think was your desktop. That computer may have malware on it. The only guaranteed way to get rid of that would be to reinstall windows from power on and then reinstall everything else and this is quite time consuming. Our helpdesk liked the combination of:

This one gets rid of rootkits which are persistent and hard to detect

https://www.malwarebytes.com/antirootkit/

After using that use there general AV program which is a free download in the upper right corner

https://www.malwarebytes.com/

This is not a good real time scanner yet it's great at finding infections.
Click to expand...
Re Malwarebytes - it really is not 'great' at all.

These people know far more about the effectiveness of anti-malware protection/scanners than any of us here do...

https://www.mrg-effitas.com/wp-content/uploads/2018/05/MRG-Effitas-2018Q1-360-Assessment.pdf

...Malwarebytes is one of the poorest solutions - it's effectiveness is little more than outdated (if it were ever true) Internet myth.

What little real evidence there is - and there is very little evidence available for one obvious reason - shows Malwarebytes to be really quite/very poor by comparison to almost all of its peers.
Morris0 said:
My favorite free AV are:

Bitdefender free

https://www.bitdefender.com/solutions/free.html
Click to expand...
Bitdefender is up there with the best in terms of protection/detection.

However - I had a lot of problems with it's user interface and big problems cleanly uninstalling it, when I tried it several years ago - so I've not been tempted to use it ever since.
Morris0 said:
AVAST free

https://www.avast.com/en-us/free-antivirus-download

Both will throw acastional adds to upgrade. You will see less of them with Bitdefender
Click to expand...
Avast is good (and free) - but the independent test labs generally show it to be a shade less effective than the likes of Avira, Bitdefender (and some others that you have to pay for).

Personally - after taking account of all the quality lab tests - I use and recommend Avira (free).
 
Last edited:
Mark H said:
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Mark H said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,mn ,,m

Morris
Click to expand...
Click to expand...
thanks everyone for your thoughtful answers! i have decided not to use my desktop for email or any important online work, only for windows10 updates--the rest of time i'd use my desktop for post processing my photos and possibly if there is an update available for my other applications. in other words, i won't use my desktop for my payments or using my credit cards, for using it for email! i did attempt to find the Defender log but there was no log to be found so i don't know what that message was about. needless to say i am very upset about this whole thing.

re-installation of windows OS is out of question for me because i have installed windows 7 professional, originally, and then i took advantage to MS free offer of windows 10 and now all the way up to 1803 update, plus all of my software, including my Adobe suite and other important processing apps. so when i thought of re-installing, it seemed like a daunting task at this time. i'll do some serious thinking about it and hopefully come to logical answer to it. I HOPE PEOPLE THAT READ THIS THREAD, MAY LEARN FROM MY EXPERIENCE AND not TO TAKE THE BAIT OF PLUNGING THEMSELVES INTO THIS SITUATION!!! I KNEW ALL ABOUT THIS SCAM BEFORE HAND, BEFORE I "CLICKED" ON THE BLOODY links on the email ;-)
 
Mark H said:
Morris0 said:
I used to work in IT security and have seen this many times. There are two concerns.

- The passwords for you online accounts (web sites)

- The computer you used at the time of the compromise which I think was your desktop. That computer may have malware on it. The only guaranteed way to get rid of that would be to reinstall windows from power on and then reinstall everything else and this is quite time consuming. Our helpdesk liked the combination of:

This one gets rid of rootkits which are persistent and hard to detect

https://www.malwarebytes.com/antirootkit/

After using that use there general AV program which is a free download in the upper right corner

https://www.malwarebytes.com/

This is not a good real time scanner yet it's great at finding infections.
Click to expand...
Re Malwarebytes - it really is not 'great' at all.

These people know far more about the effectiveness of anti-malware protection/scanners than any of us here do...

https://www.mrg-effitas.com/wp-content/uploads/2018/05/MRG-Effitas-2018Q1-360-Assessment.pdf

...Malwarebytes is one of the poorest solutions - it's effectiveness is little more than outdated (if it were ever true) Internet myth.

What little real evidence there is - and there is very little evidence available for one obvious reason - shows Malwarebytes to be really quite/very poor by comparison to almost all of its peers.
Mark H said:
My favorite free AV are:

Bitdefender free

https://www.bitdefender.com/solutions/free.html
Click to expand...
Bitdefender is up there with the best in terms of protection/detection.

However - I had a lot of problems with it's user interface and big problems cleanly uninstalling it, when I tried it several years ago - so I've not been tempted to use it ever since.
Mark H said:
AVAST free

https://www.avast.com/en-us/free-antivirus-download

Both will throw acastional adds to upgrade. You will see less of them with Bitdefender
Click to expand...
Avast is good (and free) - but the independent test labs generally show it to be a shade less effective than the likes of Avira, Bitdefender (and some others that you have to pay for).

Personally - after taking account of all the quality lab tests - I use and recommend Avira (free).
Click to expand...
Malwarebytes is a terrible real time detector. If does a great job once the computer is infected. There is no real good AV, one's best bet is to scan with more than one product and this is what I've recommended.
 
Mark H said:
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Mark H said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Click to expand...
He stated he gave up his password.

Once that happens, an alert goes to the perp who can grab all his email in a matter of minutes. All bets are off after this. I've seen it happened to way to many people and the damages can be devastating.
 
Morris0 said:
Mark H said:
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Morris0 said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Click to expand...
He stated he gave up his password.

Once that happens, an alert goes to the perp who can grab all his email in a matter of minutes. All bets are off after this. I've seen it happened to way to many people and the damages can be devastating.
Click to expand...
yes, Morris, i understand the consequences so i stopped using my desktop for checking my email or going online until i find a viable way to resolve this issue! in the meantime, i'll be using my laptop for paying my bills and other communications!
 
The system backup you made two weeks ago, reload it. After saving any files created on present system, e.g. email. Now you have a clean system - I hope.

Tom
 
Morris0 said:
Mark H said:
Morris0 said:
I used to work in IT security .../... Our helpdesk liked the combination of:

This one gets rid of rootkits which are persistent and hard to detect

https://www.malwarebytes.com/antirootkit/

After using that use there general AV program which is a free download in the upper right corner

https://www.malwarebytes.com/

This is not a good real time scanner yet it's great at finding infections.
Click to expand...
Re Malwarebytes - it really is not 'great' at all.

These people know far more about the effectiveness of anti-malware protection/scanners than any of us here do...

https://www.mrg-effitas.com/wp-content/uploads/2018/05/MRG-Effitas-2018Q1-360-Assessment.pdf

...Malwarebytes is one of the poorest solutions - it's effectiveness is little more than outdated (if it were ever true) Internet myth.

What little real evidence there is - and there is very little evidence available for one obvious reason - shows Malwarebytes to be really quite/very poor by comparison to almost all of its peers.
Click to expand...
Malwarebytes is a terrible real time detector. If does a great job once the computer is infected.
Click to expand...
Says who?

Can you support your claim/ belief with some credible evidence?

What reputable, independent third party testing organisation?

Let me help you out...

https://www.av-comparatives.org/wp-content/uploads/2017/03/avc_sp_pcpitstop_201702_en.pdf

https://www.av-comparatives.org/wp-content/uploads/2016/11/avc_sp_pcpitstop_2016_en.pdf

https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf

https://www.mrg-effitas.com/wp-content/uploads/2017/02/MRG-Effitas-360-Assessment-Q4-2016.pdf

http://uk.pcmag.com/malwarebytes-anti-malware-premium-20/3773/review/malwarebytes-30-premium

...by almost any comparison, it is a very poor product.
Morris0 said:
There is no real good AV,...
Click to expand...
That is a ridiculous statement.

There are numerous AV products available - free, and paid for - which are capable of blocking well over 99% of prevalent malware, some within a gnat's whisker of 100%...



...plenty of 'real good AV'.
Morris0 said:
...one's best bet is to scan with more than one product and this is what I've recommended.
Click to expand...
Indeed - however, expecting a product with Malwarebytes' dismal 70-80% detection capabilities (as per MRG Effitas's testing) to find that <<1% that other products might occasionally miss, is wishful thinking in the extreme.
 
Mark H said:
Morris0 said:
Mark H said:
Morris0 said:
I used to work in IT security .../... Our helpdesk liked the combination of:

This one gets rid of rootkits which are persistent and hard to detect

https://www.malwarebytes.com/antirootkit/

After using that use there general AV program which is a free download in the upper right corner

https://www.malwarebytes.com/

This is not a good real time scanner yet it's great at finding infections.
Click to expand...
Re Malwarebytes - it really is not 'great' at all.

These people know far more about the effectiveness of anti-malware protection/scanners than any of us here do...

https://www.mrg-effitas.com/wp-content/uploads/2018/05/MRG-Effitas-2018Q1-360-Assessment.pdf

...Malwarebytes is one of the poorest solutions - it's effectiveness is little more than outdated (if it were ever true) Internet myth.

What little real evidence there is - and there is very little evidence available for one obvious reason - shows Malwarebytes to be really quite/very poor by comparison to almost all of its peers.
Click to expand...
Malwarebytes is a terrible real time detector. If does a great job once the computer is infected.
Click to expand...
Says who?

Can you support your claim/ belief with some credible evidence?

What reputable, independent third party testing organisation?

Let me help you out...

https://www.av-comparatives.org/wp-content/uploads/2017/03/avc_sp_pcpitstop_201702_en.pdf

https://www.av-comparatives.org/wp-content/uploads/2016/11/avc_sp_pcpitstop_2016_en.pdf

https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf

https://www.mrg-effitas.com/wp-content/uploads/2017/02/MRG-Effitas-360-Assessment-Q4-2016.pdf

http://uk.pcmag.com/malwarebytes-anti-malware-premium-20/3773/review/malwarebytes-30-premium

...by almost any comparison, it is a very poor product.
Mark H said:
There is no real good AV,...
Click to expand...
That is a ridiculous statement.

There are numerous AV products available - free, and paid for - which are capable of blocking well over 99% of prevalent malware, some within a gnat's whisker of 100%...

https://www.av-comparatives.org/wp-content/uploads/2018/07/avc_prot_2018a_en.pdf

https://www.av-comparatives.org/wp-content/uploads/2018/04/avc_mpt_201803_en.pdf

...plenty of 'real good AV'.
Mark H said:
...one's best bet is to scan with more than one product and this is what I've recommended.
Click to expand...
Indeed - however, expecting a product with Malwarebytes' dismal 70-80% detection capabilities (as per MRG Effitas's testing) to find that <<1% that other products might occasionally miss, is wishful thinking in the extreme.
Click to expand...
Exactly, 99% effective guarantees you will be infected by one of the hundreds of thousands of viruses. What is 1% of one hundred thousand?

Most of the independent testing labs are hardly independent and PCMag relies on advertising.

have a great evening
 
Morris0 said:
Mark H said:
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Morris0 said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Click to expand...
He stated he gave up his password.
Click to expand...
Where?

All I can see is a couple of statements along the lines of... 'email on my PC is hosed?' ...which isn't even clear whether it is a question or a statement.

They haven't stated whether they are using a mail client (like 'Microsoft Mail' etc) or are using webmail in a browser.

I would guess webmail access, based on access across different machines - but that doesn't explain how/why email might be 'hosed' on one machine, but not on another.

And what exactly do they mean by 'hosed' - what symptoms.
Morris0 said:
Once that happens, an alert goes to the perp who can grab all his email in a matter of minutes. All bets are off after this.
Click to expand...
Emails themselves, don't give you access to accounts - the email account itself would generally need to be under the control of the hacker.

Change the email account password - then, in future, the hacker can't access the account.

That said - if the PC was compromised/infected then the hacker might still be able to get/use any new/changed password, so it is important to ensure the PC is clean/not compromised.
Morris0 said:
I've seen it happened to way to many people and the damages can be devastating.
Click to expand...
I dare say - but it's really not at all clear what the situation is in this case.

Whether the OP might be overreacting to a detection/blocking of malware - or whether the email account, or PC, or both, is actually compromised/'hosed'.
 
Mark H said:
Morris0 said:
Mark H said:
Morris0 said:
You need to change your password on everything you use, particular Banking, ecommerce and anything else financial or that would have identity theft risk.

The reason is once they own your email, they follow the trail in your email everywhere else. As they own your email, they can use the forgot password functions of other sites to change your password. They may also have added filters so that you don't get email notices after they take over.
Click to expand...
Well - maybe.

I'm not sure whether/what evidence the OP has seen that the email account itself has been compromised.

Nevertheless - in a situation where only the email account/email account password was compromised (not the PC itself) - and where the OP still has access to that email account, then just changing the email account password would block further unauthorised access to the email.

However - if the PC itself was infected/compromised then of course the malware/hackers could continue to monitor and log any passwords/changes ad infinitum, possibly making any password changes futile.

I think the right approach would be to...

1. First thoroughly scan/disinfect (if infected) the machine firstly with the currently installed MS Defender, and then - importantly - also perform a 'second opinion' scan with a more effective anti-malware product (better than MS Defender - e.g. Avira Free Antivirus) - ideally scan from a bootable 'rescue' CD/USB scanner, without booting Windows.

2. Then, depending on any scanner findings, change the email password, along with any other important accounts, banks, credit cards, Amazon, Paypal, etc.

...if the email password is changed before detecting/removing malware - then one would need to change all these passwords over again ().

Personally - if scans with both MS defender and Avira in particular come up clean, then I myself wouldn't be overly concerned - it may simply be that MS defender blocked something and the OP wasn't quick enough to read the popup notifier (but I would expect to see a record somewhere in MS Defender application logs).
Mark H said:
Also follow the advice of the FTC at:

https://www.identitytheft.gov/

Good luck and ready EVERYTHING in the future,

Morris
Click to expand...
Click to expand...
He stated he gave up his password.
Click to expand...
Where?

All I can see is a couple of statements along the lines of... 'email on my PC is hosed?' ...which isn't even clear whether it is a question or a statement.

They haven't stated whether they are using a mail client (like 'Microsoft Mail' etc) or are using webmail in a browser.

I would guess webmail access, based on access across different machines - but that doesn't explain how/why email might be 'hosed' on one machine, but not on another.

And what exactly do they mean by 'hosed' - what symptoms.
Mark H said:
Once that happens, an alert goes to the perp who can grab all his email in a matter of minutes. All bets are off after this.
Click to expand...
Emails themselves, don't give you access to accounts - the email account itself would generally need to be under the control of the hacker.

Change the email account password - then, in future, the hacker can't access the account.

That said - if the PC was compromised/infected then the hacker might still be able to get/use any new/changed password, so it is important to ensure the PC is clean/not compromised.
Mark H said:
I've seen it happened to way to many people and the damages can be devastating.
Click to expand...
I dare say - but it's really not at all clear what the situation is in this case.

Whether the OP might be overreacting to a detection/blocking of malware - or whether the email account, or PC, or both, is actually compromised/'hosed'.
Click to expand...
He stated he followed the link to a fake site and entered credentials.

Once that happens the hacker's get allerted and move quickly. By the time someone asks and gets advice, it's frequently too late as the hackers use tools to find sites to try the passwords on. With the control of the email account, they use forgot my password and take over financial sites, e commerce, etc. They also place rules on the email account so new emails don't come in or only ones they don't want to have come in. They are professionals!
 
You must log in or register to reply here.

Similar threads

C
Updated Windows 11 today and Outlook stopped working
Replies
4
Views
55K
Carol Darby
C
Dick Dastardly
Someone hacked my Microsoft email account
Replies
7
Views
3K
kelpdiver
K
J
Raspberry Pi 5 tethering platform
Replies
1
Views
2K
New Wrycuda
N
DMKAlex
  • Question Question
MS Outlook 2010 link issues
Replies
9
Views
3K
DMKAlex
DMKAlex
K
Thunderbird and Hotmail
Replies
12
Views
578
BobKnDP
B

Keyboard shortcuts

f
Forum
m
My threads
Mobile site
About
Editorial content
Cameras & Lenses
Community
All content, design, and layout are Copyright © 1998–2025 Digital Photography Review All Rights Reserved.
Reproduction in whole or part in any form or medium without specific written permission is prohibited.
When you use DPReview links to buy products, the site may earn a commission.
©GPS Media - Guides, Products, Services.
Back
Top