Thanks. Is there a way to determine the actual origin of these spam mails without turning my account in as the spamming e-mail account (report as junk, etc...)? Also, is there anything I can look at on my machine to determine whether or not it's been corrupted?
I had a trojan downloader try to install stuff on my computer last week, but managed to successfully ward it off. Zone Alarm was no help here. I clicked on a link in a Jeep forum that was supposedly to a parts supplier. Things just started down-loading.
Zone Alarm ignored it, I had to stop everything. Ran spy-bot search and destroy, zone alarm anti-virus/anti-spyware and will run ad-aware tonight. Spy-Bot Search and Destroy found the trojan and dealt with it. I'm just surprised Zone Alarm didn't spike it.
Also, is it better to run these anti-malware programs in "Safe Mode"? If so, why?
ZoneAlarm is simply a firewall, and a good one. It prevents unauthorized intruders from getting to (or even seeing) your system. But by clicking on a link you opened the gate, and it respected that decision. That’s how firewalls work.
No system is any safer than the “wetware” sitting at the keyboard!
Yours is a good example of why Windows is so fraught with insecurities— all it takes is an innocent click of a seemingly safe link, and your whole system is put at risk. At least in *nix systems (including Mac OS X) the user account is usually cordoned off from the system. Although, some of the nifty little Linux-based netbooks and UMPCs like the Eee run the user as root, a very bad idea. With Windows’ sorry example, you’d think they would have learned.
For Windows users, SpyBot has my highest recommendation. You’re very smart to have and use it. It’s great against this sort of malware. Update and run it weekly, and don’t forget the inoculations. It’s free, too: http://www.safer-networking.org/index2.html
Running an anti-malware scan in “Safe Mode” isn’t a bad idea but isn’t necessary unless you have some sort of infestation that refuses all normal attempts at cleansing. That happened to my son’s old Win98 machine once; drove me nuts, and the machine was brought to its knees. In that case: Update SpyBot (since you’ll have no internet connection in Safe Mode), then reboot your computer in Safe Mode and run SpyBot again. It’ll be a lot slower in Safe Mode but will be able to cleanse everything. If it seems to stall, just leave it... it’s working. I’ve seen it “stall” for 20 minutes working on one of the *.lop bugs that was especially stubborn.
Incidentally, we have an eclectic mix of computers here. WinXP, Mac, Linux, even a Sun workstation. I use Linux for most of my personal computing, running it off a portable drive so I can travel with it. My wife has an XP laptop. My teenage sons now have Mac laptops. Now, my wife’s laptop has needed scanning and cleaning twice in the past two weeks despite having an array of antivirus and anti-malware utilities running and updating themselves on it continuously. Typically I need to do this every few months with this machine. By comparison, we have not had a single Mac “support incident” in more than four years, which equates to more than ten teenage-user-years... with NO antivirus or antimalware or firewall running on ‘em. Not a single issue. Not one. Back when the boys had Win98 machines, I’d have to grimly wipe the hard disks every couple of months due to contagion of some sort, and then reinstall everything. Never with the Mac. Not once.
I recently acquired a Macbook Pro of my own, and could not be more impressed. Just a gloriously stable, fast and usable machine, put together like fine jewelry. Recommended. If you don’t want to invest in new hardware, consider one of the better Linux installs, like http://www.pclinuxos.com or http://mandriva.com; there are plenty more, and all come with good software built-in. PCLinuxOS is especially friendly for those transiting from Windows, as it has Flash preloaded into its Firefox browser, etc., making for an especially familiar and intuitive experience.
Zone AlarmZone Alarm is more a pain than anything... Comodo FINALLY came out with a Vista64 version. not sure what version you're running, but they should have it: http://www.comodo.com/ (and it's free!)