??abuse/mchsi

wilnis · Apr 24, 2009

Hi-I received an email from Mediacom, my ISP, saying I've been accused of sending unsolicited commercial or bulk email, and suggesting I have an open port that is being exploited or I'm infected with a spam propagating worm or virus. The email suggested I install a fire wall and virus protection and fix it or I'd have my account suspended.
I called the tech support line and said I had the latest edition of AVG, it updated and scanned each nite, and I ran superantispyware, ccleaner and adaware weekly and other than low grade types of findings, I was pretty sure my system was clean. I also have the windows fire wall up and running. She suggested I change my password for their system, which I did as she said my password could have been "spoofed".
My router, Netgear that is 2 years old, is WPA-PSK encrypted, I have a 3 year old Gateway,with MCE 2005 that I did a clean install 3 months ago, I don't surf porn or any other sites that I've read could be treacherous that I know of.
My question-Is there something else I should do, any ideas for this long term user of computers who is modestly computer savvy, but no engineer??
Thanks. Bill

aquariuscsm · Apr 24, 2009

Sounds like spam to me. Delete and ignore.

wilnis · Apr 24, 2009

Aquariuscsm-That was my initial thought but when I called the tech line of Mediacom they said they had this "abuse" department, run by AT&T, etc, and this was one of their jobs. Bill

shanneba · Apr 24, 2009

Have you applied all the Windows updates?
Can you configure your wireless to not broadcast the SSID?
Can you limit acces to your wireless to a specific set of mac addresses on the router config?

disable the smtp service, not just manual startup?

Basic Wireless security info-
http://h20239.www2.hp.com/techcenter/Wireless/wireless_security.htm
More info from MS:-
http://support.microsoft.com/default.aspx?scid=kb;en-us;309369

OVERKILL · Apr 24, 2009

Run a scan with Avira and see if it finds anything. I find it is a lot more effective than AVG, as is NOD32, but it's not free.

uc50ic4more · Apr 24, 2009

The Windows firewall, *if I recall correctly*, does not prevent outgoing traffic, so it may very well be useless to prevent a spambot from infecting your system.

I would try every virus and spyware scan I could get my hands on to find out if the offending spambot resides *on your system*. It may be that someone who has gotten your password is sending spam from another machine, but with your credentials. To that end, I would ask the rep at your ISP if the offending traffic has originated from the IP address they have assigned you.

OVERKILL · Apr 24, 2009

Originally Posted By: uc50ic4more
The Windows firewall, *if I recall correctly*, does not prevent outgoing traffic, so it may very well be useless to prevent a spambot from infecting your system.

I would try every virus and spyware scan I could get my hands on to find out if the offending spambot resides *on your system*. It may be that someone who has gotten your password is sending spam from another machine, but with your credentials. To that end, I would ask the rep at your ISP if the offending traffic has originated from the IP address they have assigned you.

You are 100% correct on the Windows firewall.

You could also block outgoing port 25 on your router and see if it stops (call them and see).

wilnis · Apr 24, 2009

Thanks all for your observations and suggestions. For the simple ones, I have all updates installed, I'm now doing Malwarebytes in addition to the ones I have, I've tried Avira and Avast, but I didn't care for the nag screens and they seemed less intuitive to me than AVG but I'll try them again. Some of the other suggestions are going to take a while for me to do (learning curve) and I did review the microsoft article.
I did find on some websites that if someone reports an email you sent them as spam, it could trigger this letter as another person I found by googling "abuse/mediacom" had that experience.
Thanks again. Bill

unDummy · Apr 24, 2009

Add opendns to the router and your computer.

Are there any other users on the pc?

uc50ic4more · Apr 24, 2009

Originally Posted By: unDummy
Add opendns to the router and your computer.

Are there any other users on the pc?

To follow that up: http://www.opendns.com/ is an alternative DNS provider. Usually, your ISP provides you with DNS services, which resolve things like http://www.bobistheoilguy.com to an IP address of the server. OpenDNS is handy because it seems a bit faster than many ISP's, features content blocking and much more.

All you need to do to use OpenDNS is change the DNS servers on your router. The OpenDNS server info is right on their home page (lower right corner - Just punch those two IP addresses into the primary and secondary DNS server fields in your router or computer). Their extra features - and there are lots - are accessible when you sign up (for free).

wilnis · Apr 25, 2009

I am looking at the opendns site and will see if that is something I can do. Thanks for your replies. Bill

??abuse/mchsi

wilnis

aquariuscsm

wilnis

shanneba

OVERKILL

$100 Site Donor 2021

uc50ic4more

OVERKILL

$100 Site Donor 2021

wilnis

unDummy

uc50ic4more

wilnis

Similar threads