blush Posted December 4, 2006 Share Posted December 4, 2006 My parents received a pretty shocking letter in the mail and gave it to me, as I'm the more tech-savvy one. It's from Oceanic Time Warner Cable's Road Runner service, and they said: 5th Incident ? FINAL WARNINGDear Customer: Another report of an open proxy/relay has been received on November 23, 2006 at 20:57 pm HST. Please follow the instructions below to close the open proxy/relay and/or remove the virus/Trojan from your computer. If additional reports are received, we may be forced to temporarily suspend your Road Runner service to stem the spread of these viruses/Trojans. Your prompt attention to this matter is appreciated and will most likely prevent the need to interrupt your service. Please keep the infected computer turned off until it can be cleaned by a computer repair shop or until the hard drive on the computer can be reformatted. If additional complaints are received, your internet service will be placed on temporary suspension until the infected computer can be cleaned. I don't even know what the hell an open proxy/relay is. The letter included some SpamCop logs and the "offending e-mail messages," or whatever they are. First off, I haven't used/checked the Road Runner e-mail address they've given us in almost over a year. All my e-mail purposes are conducted via Web-based services, such as Hotmail. I'm not the only one using the connection -- my sisters and I share a router, but after confirming that the IP address they listed in the letter matches the IP address of my computer... well, that narrowed it down. Other details: I do not have any firewalls enabled and I am running avast! Antivirus Home Edition (which sure didn't catch this spam trojan that's supposedly in my system). How do I "close" this open proxy and get rid of this spam trojan before Time Warner decides to suspend our service:unsure:e: Link to comment Share on other sites More sharing options...
Chad.C Posted December 4, 2006 Share Posted December 4, 2006 I'm guessing the computer is being used as a relay to relay spam email or has become part of a zombie botnet .. Link to comment Share on other sites More sharing options...
blush Posted December 5, 2006 Author Share Posted December 5, 2006 Bump. :( Is there an extremely good firewall I should install to prevent this kind of thing from happening again? Should I ditch avast!? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 5, 2006 MVC Share Posted December 5, 2006 What the hell does using your ISPs email address have to do with anything, and where in that letter did it say anything about a spam trojan?? And how exactly did you track it down to your machine vs your sisters? They gave you a private IP to check with? Your behind a router, all machines behind the router will share a public IP. Do you have your machine in the DMZ? As to what a open proxy is http://en.wikipedia.org/wiki/Open_proxy As to what a open relay is http://en.wikipedia.org/wiki/Open_relay As to what a trojan is http://en.wikipedia.org/wiki/Trojan_horse_%28computing%29 What do you mean from happening again - you have not given any indication that you have fixed anything. Link to comment Share on other sites More sharing options...
Pierce28 Posted December 5, 2006 Share Posted December 5, 2006 If I were you, I would call up RR and ask them exactly what is going on. If it were me personally, I'd just wipe my hard drive. However, if you are not willing to do that, I'd bring it to a computer shop and give them a copy of the letter (with personal information blacked out of course) and ask them to fix it. MAKE SURE though that you find a place that actually knows how to fix a computer. You'd be surprised how many repair shops don't even know how to repair correctly. Link to comment Share on other sites More sharing options...
Recommended Posts