AnsweredAssumed Answered

Issue with possible BOT

Question asked by mcole on Nov 3, 2014
Latest reply on Nov 3, 2014 by shaw-phil

Hi There,

 

so this morning I came to work to find the emails not being rec'd by our office (we use thunderbird) .We both get the same emails on each of the work computers. So I contacted Shaw, long story short http error 400, and the fellow helped me fix it(it seems the email address was locked), so that portion is ok.

 

Next thing that happened being I was able to log in on my computer (running windows 8) my thunderbird rec'd around 50 emails of 'failure to deliver' and it looks like the email sent out what appears to be a scam w/ attachment 'i need your assistance' to a bunch of random email addresses (not any of the ones in my contact list) thing is, on shaw webmail and my boss' computer these did not show up. other then the delivery failure emails in my inbox, there is nothing in my outbox showing they were sent.

 

I ran a scan (as the fellow said the 400 error possibly could have been caused by a virus) using windows defender, and came up with the following thing (which the computer has since deleted)

 

PWS:Win32/Zbot.GOV

 

I take the regular security precautions, don't click on pop-ups, dont go to unknown websites etc. My question is, does anyone know where I might have picked up a virus/bot like this and how in future I can work to prevent it from happening again?

Outcomes