Customer cannot login to his email (yet other family members can access their emails)

Once I get there I notice the PC is very slow and seems to have a spyware infection (hijacked home page).

I quickly track down the problem to be askpbar and swbot.

Removing them is quite straightforward… I disable the BHO using winpatrol, and disable any registry startup entries.

However, the email accounts are a different story… He uses yahoo mail, gmail, and another web based email program.

When he tries to login, he gets various types of “username and/or password is not valid” errors

Since this is via the web, then its likely that the password is incorrect.

We try the various “I forgot my password” options, but they either involve leaving the account inactive for over 5 days, or the email of the password to the “alternative” email address is never received (maybe because the alternate email address was one of the other compromised accounts, or after a year or two, its quite possible that the alternate account has been forgotten or deleted, or the spyware people have altered the alternate account)

Since this has happened with 3 different accounts (and only with 1 user), then its likely that the password has been stolen by spyware, and the email accounts hijacked.

It just goes to show that you cannot rely on only free webmail accounts.

Its also unfortunate that the customer also printed many business cards (with the yahoo email address). Now that this email account is effectively lost, the cards also become less effective.

I have my computer-aid account diverted through gmail, and then downloaded to my email client.

I use gmail for 2 reasons:

1. good spam filtering
2. It keeps a copy of my local emails (in case something happens to my PC)

If my gmail account ever gets “stolen”, then I can bypass it, in order to receive my emails, while I setup a second gmail account. Luckily, I’ve never needed to do this in over 2 years since starting my gmail account.