MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 04-29-06, 09:58
JAFO JAFO is offline
Private E-2
 
Join Date: Jul 2005
Location: 36867
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Email virus spam?

I have been receiving spam regarding two companies lately (iKarma & Pangchuan). I'm averaging six per day - after nearly three years of never having any Spam (pretty good filtering, eh). The email arrives from different domains and email addresses each time as a .gif file, making it difficult to block. I ran the scans on the READ ME FIRST malware section and have attached the documents requested. Please check to see if there are any problems. I noticed a suspicious file called kill2me.exe when i ran the panda scan.

Thanks in advance!

JAFO
Attached Files
File Type: txt Activescan.txt (3.2 KB, 3 views)
File Type: txt bdscan.txt (21.7 KB, 2 views)
Reply With Quote
Sponsored links
  #2  
Old 04-29-06, 12:22
JAFO JAFO is offline
Private E-2
 
Join Date: Jul 2005
Location: 36867
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Email virus spam?

Quote:
Originally Posted by JAFO
I noticed a suspicious file called kill2me.exe when i ran the panda scan.
Disregard this part - I was in a hurry when I typed it and forgot I downloaded it as part of the programs I was supposed to download.

JAFO
Reply With Quote
  #3  
Old 04-30-06, 17:54
Shadow_Puter_Dude's Avatar
Shadow_Puter_Dude Shadow_Puter_Dude is offline
MG Authorized Malware Fighter
 
Join Date: Apr 2005
Location: Northern NY
Posts: 8,845
Thanks: 1
Thanked 68 Times in 66 Posts
Default Re: Email virus spam?

If you don't know what program these 2 files are a part of delete them.
C:\WINNT\pcconfig.dat
C:\WINNT\system\rules.dat

Post a HijackThis log
__________________
Kevin Zoll
Emsisoft Team - www.emsisoft.com


"Only those who fail greatly can ever achieve greatly" - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security (2007-2008)
Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote
  #4  
Old 04-30-06, 23:06
JAFO JAFO is offline
Private E-2
 
Join Date: Jul 2005
Location: 36867
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Email virus spam?

Quote:
Originally Posted by Shadow_Puter_Dude
If you don't know what program these 2 files are a part of delete them.
C:\WINNT\pcconfig.dat
C:\WINNT\system\rules.dat

Post a HijackThis log
I deleted both files. The hijack log is attached.

JAFO
Attached Files
File Type: txt JAFO hijackthis log normal 043006.txt (15.3 KB, 2 views)
Reply With Quote
  #5  
Old 05-01-06, 22:08
Shadow_Puter_Dude's Avatar
Shadow_Puter_Dude Shadow_Puter_Dude is offline
MG Authorized Malware Fighter
 
Join Date: Apr 2005
Location: Northern NY
Posts: 8,845
Thanks: 1
Thanked 68 Times in 66 Posts
Default Re: Email virus spam?

Fix the following with HijackThis:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/ymsgr/...ch/search.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u

Other than the above your logs show no signs of malware.
__________________
Kevin Zoll
Emsisoft Team - www.emsisoft.com


"Only those who fail greatly can ever achieve greatly" - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security (2007-2008)
Member - Alliance of Security Analysis Professionals - Since 2006
Reply With Quote
Sponsored links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 02:52.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger