We are writing to inform you...

Discussion in 'malware problems & news' started by drhu22, Dec 21, 2010.

Thread Status:
Not open for further replies.
  1. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Recent EMail...

    We are writing to inform you that TELUS has received complaints alleging that your TELUS Internet Services account has been used to scan, flood or attempt to gain unauthorized access to another computer, (please see the details of the incident(s) at the end of this e-mail). If you are unaware of this type of activity coming from your account, your computer may be infected with a virus or your computer may have some other security problem which could account for this activity originating on your system. You may wish to inquire with others who may have access to your account and/or change the password to your account to ensure that only authorized users have access to it.

    Later they they mention that Storm Worm is suspected...

    Time stamps coincide with attempts i made to play re-volt (great racing game) online via rvhouse (fan made software)

    "Confidence of infection and source port: confidence 1 legacy srcport 2304/udp"

    Port 2304 i understand to be online gaming related...

    WHAT THE .......?!?!?!?
     
    Last edited: Dec 21, 2010
  2. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Oh...im running (on windows 7)...mse, panda cloud pro, geswall, comodo fw only
    On demand scanners mbam, sas, emsisoft e kit, hitman p
    Also...hardenit, emet, hijackthis
    Hmmm...

    I also ran sophos anti-rootkit...no detections
     
    Last edited: Dec 21, 2010
  3. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    When they mention account, which account are they talking about? Windows account or the ISP account? Basically the question is: Which password do they want you to modify? If the ISP's password, how would that be done?

    Isn't it just some phishing e-mail, or is it the real deal?
     
  4. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Account?, password?, modify?... No its real, i phoned telus and verified.
     
    Last edited: Dec 21, 2010
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Then, it could be a scenario that your system is, in fact, infected; or was infected.

    Have you updated your antimalware applications and verified your system for any possible infections? If so, then you could try and download rescue CDs from Kaspersky, BitDefender, Avira, etc and see what they dig.

    Try GMER as well.

    You should also get in touch with a security forum that specializes cleaning infections and see what they dig.

    There's a list here: https://www.wilderssecurity.com/showthread.php?t=42148
     
  6. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    343
    Now im wondering if you might have something about phishing.
    Im calling telus to re verify the email

    busy...

    Im thinking a rescue cd might be a good idea...

    Which do you think is best?
    Are there any that detect storm worm?

    Maybe its time for paragon br.
     
    Last edited: Dec 21, 2010
Loading...
Thread Status:
Not open for further replies.