Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm not sure what has attacked my computer it keeps sending spam from my email


  • This topic is locked This topic is locked
5 replies to this topic

#1 cfox73

cfox73

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:22 PM

Posted 20 June 2013 - 10:27 PM

I am running Windows 7 64 bit
My email has repeatedly sent out spam to my entire contacts list. I have run my Trend Micro Titanium version full scan 2x with 0 results. I ran the free version of Malwarebytes, also came up with nothing. Then I noticed the blue and yellow shield on my Trend Micro, Malware, and for some reason on my Kodak printer icons on my desktop. So I rebooted in safemode and ran rkill which came up with this:
 
Rkill 2.5.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html
 
Invalid arguments ignored: ASUSLaptop\Downloads\rkill.exe
 
Program started at: 06/20/2013 08:56:24 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\Carla's ASUS Laptop\Desktop\rkill\rkill-06-20-2013-08-56-39.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * ALERT: ZEROACCESS rootkit symptoms found!
 
     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
 
Checking Windows Service Integrity: 
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 06/20/2013 08:59:25 PM
Execution time: 0 hours(s), 3 minute(s), and 0 seconds(s)
 
 
Not sure what to think about that...but when I ran the Malware and Trend full scans again(while still in safe mode)...nothing...again. But the blue and yellow icons are still there when I rebooted normally. I have a feeling something is in there lurking..
Please help.
I am just tired of all the texts from everyone constantly telling me I've been hacked...again!   lol!
Thanks for your help!

Mod Edit: Topic moved from Windows 7 to a more appropriate forum.

BC AdBot (Login to Remove)

 


#2 md2lgyk

md2lgyk

  • Members
  • 142 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Virginia USA
  • Local time:03:22 PM

Posted 21 June 2013 - 07:09 AM

The same thing has happened to me.  It was nothing that was on the computer; someone had hacked my Yahoo e-mail account.  I changed my password and the problem went away.



#3 cfox73

cfox73
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:22 PM

Posted 21 June 2013 - 09:58 AM

I changed my password and it happened again 3 days later. I am getting a new e-mail address. Also the little blue and yellow shields on some desktop icons are my biggest concern now. 



#4 Social Jeevi

Social Jeevi

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:52 AM

Posted 22 June 2013 - 06:00 AM

How do you use your email? Is it using any email clients like Outlook, Thunderbird or is it using a browser like Internet Explorer, Chrome???


Regards

Social Jeevi

 

Follow me on twitter: @socialjeevi


#5 cfox73

cfox73
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Ohio
  • Local time:04:22 PM

Posted 22 June 2013 - 08:03 AM

I use browsers. Used to be always IE then I switched To Chrome. I also use my Android phone.

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,752 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:22 PM

Posted 22 June 2013 - 08:15 AM

OP has another Am I Infected topic re system issues at http://www.bleepingcomputer.com/forums/t/498774/ran-rkill-and-got-this-msg-alert-zeroaccess-rootkit-symptoms-found/#entry3084320 and has been advised to initiate a new topic in the MRL forum, following the guidelines for posting in the MRL Prep Guide for that forum.

 

To avoid confusion, this topic is now closed.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users