Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Sending Dodgy emails

  • 16-12-2010 9:44am
    #1
    Vinnie70
    Closed Accounts Posts: 32


    Hi guys,

    I think my email has been hacked. Everytime i go into my hotmail account everybody in my address book gets an email about buying electronic goods. I have scanned my pc with AVG and spydoctor and found nothing and if I start to compose a new mail I get this message at the start unless I delete it

    Hello, dear.how are you doing ?
    I introduce you a Very low price ,original quality site: www.emallzone.org Iphone ,Ipad,Blackberry ,PS3 ,,nikon ,SONY ,motorcycle ~! They do wholesale business. i think it is suibalble for your business , contact E-mail:emallzone88@188.com Msn : emallzone388@hotmail.com
    I have got a iPhone , very fast shipping.

    Has anyone else had this issue and if so how do I get rid?

    Cheers guys


Comments

  • #2
    bhickey
    Registered Users, Registered Users 2 Posts: 1,340 ✭✭✭bhickey


    Have a read through this thread first. You should do a good check for viruses first, then change your password and clean your personal signature in Hotmail.


  • #3
    Vinnie70
    Closed Accounts Posts: 32 Vinnie70


    Thanks bhickey! Just got rid of that message at the start of composing a mail, it was my personal signature. All I have to do now is scan for malware so I'll let you know how I get on.

    This is the result from the scan with Malwarebytes Anti malware

    Malwarebytes' Anti-Malware 1.44
    Database version: 3510
    Windows 5.1.2600 Service Pack 2
    Internet Explorer 6.0.2900.2180

    16/12/2010 13:57:20
    mbam-log-2010-12-16 (13-57-20).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 271809
    Time elapsed: 1 hour(s), 24 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 3
    Registry Data Items Infected: 2
    Folders Infected: 9
    Files Infected: 23

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg515-k641-55sf-n66p (Worm.AutoRun) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malwareremovalbot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows network data management system service (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\System32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\System32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.

    Folders Infected:
    C:\Documents and Settings\All Users\Application Data\12087504 (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\92097496 (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\Log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\Settings (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Program Files\Manson (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\podmena (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Start Menu\Programs\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Documents and Settings\AG\Local Settings\Application Data\Mozilla\Firefox\Profiles\k395urp7.default\Cache\A4350937d01 (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Local Settings\Temp\Rar$EX01.656\keygen\santa.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Local Settings\Temp\Rar$EX01.719\keygen\santa.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Local Settings\Temp\Rar$EX02.531\keygen\santa.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Local Settings\Temp\Rar$EX03.094\keygen\santa.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-436374069-484763869-839522115-1003\Dc30.exe (Rogue.Installer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\12087504\12087504.glu (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\12087504\pc12087504cnf (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\12087504\pc12087504ins (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\rs.dat (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\Log\2010 Dec 16 - 10_36_22 AM_562.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\Log\2010 Dec 16 - 10_57_04 AM_046.log (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\Application Data\MalwareRemovalBot\Settings\ScanResults.pie (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Start Menu\Programs\System Security\System Security 2009 Support.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Start Menu\Programs\System Security\System Security 2009.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (TrojanProxy.Slenugga) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Application Data\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Desktop\System Security 2009.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
    C:\WINDOWS\Temp\cd1f7b22-eb89-415f-9233-d2e0df9bb23c.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\AG\list.txt (Malware.Trace) -> Quarantined and deleted successfully.
    C:\WINDOWS\Tasks\MalwareRemovalBot Scheduled Scan.job (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Adrian Griffin\Local Settings\Temp\server.exe (Trojan.Agent) -> Quarantined and deleted successfully.


Advertisement