EMail Hijacked by Welecp.com

  thegreypanther 11:33 17 Apr 2008
Locked

I recently received an email purporting to be from from a friend of mine, copies to everybody in his address book. The email, however, is just a spam message from an electronic wholesaler with the web address of Welecp.com (don't worry, I wouldn't even think about looking at this site).

Clearly, this pal of mine has had his computer hijacked. He tells me that he runs McAfee Antivirus, and has a firewall.
Any tips as to
a) how he can get rid of whatever infection / Trojan has taken over his computer
b) how to make sure that it doesn't happen again.

Has anybody else come across this outfit, Welecp.com (from their email address it appears to be Canadian)?

  rawprawn 11:49 17 Apr 2008

Try running SuperAntispyware
click here

  slimk 12:03 17 Apr 2008

Hiya,
McAfee recently failed it's Virus Bulletin test. Check that your friend updates his Mcafee and that his firewall is set correctly. If so, run a Kaspersky online scan. It'll show you what and where. From there he can find out how to get rid and clean his system. I'd recommend Spybot. Welecp are known fraudsters based in Shanghai and any trojan could well pose a serious risk to his security. He should change his passwords immediately from a clean PC.

  thegreypanther 13:43 17 Apr 2008

Thank you rawprawn and slimk. I shall pass the advice on.
Very worryingly, the next question - of course - is how does Welecp manage to hijack the computer? How can one prevent it happening again (or another dodgy outfit gaining access)?
Although a virus checker and firewall were in use, am I correct in thinking that you can acquire infection by a Trojan simply by visiting a disreputable website? No need even to open an nknown e-mail attachment.
If the golden rules are followed of having an up-to-date virus checker, a firewall, and regularly scanning with a anti-malware program, then is there any other way of protecting oneself from this difficulty?

  Terry Brown 13:54 17 Apr 2008

It is not Canadian but from Shanghai-- Type the name in google for more details.
Terry

  rawprawn 14:07 17 Apr 2008

Yes you are correct, trojans can easily bypass firewalls and AV's. Perhaps the best defence is "Real Time" protection. First I would suggest installing Spyware Blaster click here
I run SuperAnispyware Professional which has real time protection, but Spyware Terminator is free and is often recommended on this forum which also has real time protection.
You cannot fully protect, and many times these Trojans are installed on your computer simply by clicking a link in an email.

  rawprawn 14:09 17 Apr 2008

Sorry Spyware Terminator link click here

  slimk 17:48 17 Apr 2008

I disagree with rawprawn. Trojans can't easily bypass firewalls and AV. THe majority will be picked up by a good AV. Two-way firewalls like Comodo, ZoneLabs and Kaspersky stop the Trojan having easy access to 'call home'.
Current trends show that 'disreputable sites' aren't necessarily the problem. Never open an attachment that hasn't been scanned. Don't download any programs without researching them on Google/Yahoo etc. The latest Trojans will change your registry and can invite 'remote control' by very shady characters. At the same time, without a good firewall, they can keylog and screenshot you when you open fields that require passwords (banks, email, Paypal etc). This information is then sent to the controller and can be used in ID fraud.
It's imperative that your friend changes his passwords immediately and doesn't use his PC for anything more than browsing until it is definitely clean.

  thegreypanther 20:19 17 Apr 2008

Many thanks to everyone for their advice. As usual, the PC Advisor Forum has been of great help.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

InVision Studio takes on Adobe XD and Sketch

iPhone X news: Release date, price, new features & specs

Comment transformer un iPhone en borne Wi-Fi ?