Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A Case of Spamhaus Ransome-ware?


  • This topic is locked This topic is locked
7 replies to this topic

#1 fasthorse

fasthorse

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lund BC Canada
  • Local time:02:55 AM

Posted 15 January 2014 - 04:06 PM

Hello and greetings:

 

After suffering multipe issues for far too long, my expert help back home advised a total wipe clean of my relatively new HDD. Everything was fine when completed, until I left home, used wifi at a hotel in Canada then an apartment in Mexico. My rural home requires dial up only. I'm not sure which location was the source, since the symptoms did not begin until I tried sending email home, for the first time since leaving home, at my current location in Mexico.

I got this error message as follows............an error occured sending email: The mail server sent an incorrect greeting: cmta9.telus.net TELUS ESMTP server not available, your ip is blacklisted by spanhaus. Go to     http:www.    X  spamhaus.  X   org/query/bl?ip=    X 187.204.128.57. 

 

I have left long spaces and  X's  in this url as I don't want it to turn into a link to this foul site. I went there (dumb, dumb, dumb!)  and folowed several links, as instructed, which promised help. None ever appeared. Later, visiting Kaspersky for assistance, I find their best advice is pay the creeps and move on!  The person posting the initial request, who positively ID'd spamhaus as her infection, returned with a link to one Fabian Wosar who has a tool that will fix it. Everyone raved about it. I ran the tool and it says there is no infection. Yes there is, since the error message still apears when I try sending email asking me to go to the same site. Anything I find on this issue says it is really, really nasty.

 

I have a 2007 Dell Vostro 1500,  XP SP3, Two hdd's, Firefox, Thundebird, Kaspersky Pure 2014,

 

Thank you in adavance for any help and advise.

 

 



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:55 AM

Posted 15 January 2014 - 05:38 PM

Welcome aboard p22002758.gif

 

Please follow the instructions in THIS GUIDE starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it HERE. Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 fasthorse

fasthorse
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lund BC Canada
  • Local time:02:55 AM

Posted 15 January 2014 - 06:05 PM

Wow! that was fast!  thank you.......

I have written down the instructions you gave me, and will keep carefull notes as I proceed so I can accurately pass on what happens as I navigate this minefield.

Let the battle begin..... :warrior:



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:55 AM

Posted 15 January 2014 - 06:45 PM

p22003888.gif


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 fasthorse

fasthorse
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lund BC Canada
  • Local time:02:55 AM

Posted 16 January 2014 - 06:18 AM

Good morning:

Your team may have received some strange New Topic posts in the Virus forum last night. Strange computer behaviour would not allow me to type text. All key strokes opened drop menus and other shortcuts. My apologies for any confusion.

I followed the preparation guide as required. Data is backed up as of total re-instal from two weeks ago.  That media has had no contact with the infected computer. Recent work on separate flash drive.  Slow system not an issue.  Personal settings here are enabled as required. Firewall is on. DDS downloaded and run producing two logs and have now been posted on the virus forum successfully.

There was no sign of HelpBot.

The self help guides were of no use. The one possibility suggested to run Rkill downloaded on a clean computer and transferred to the infected one via flash drive etc. I do not have a separate computer on which to download clean tools. The infected one is all I have access to here. The alternate method requires safe mode and using Admin. tools which are not accessible in safe mode. Downed Rkill but it would not run in safe mode as requested,  WiFi will not enable in safe mode so I could nor go back to the site to finish the job.

I will await further instructions.

Thanks for everything.



#6 fasthorse

fasthorse
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lund BC Canada
  • Local time:02:55 AM

Posted 16 January 2014 - 08:12 AM

Hello:

 

 

PS     I have run my K Pure scan several times, visited the K Pure site and checked the forums for similar issues and found one person mentioning spamhaus and Kaspersky's inability to recognize and deal with it. K appeared to be of no help. So, I followed the customers advice and came to Fabian Wosar's post and tried that repair tool and when that came up clean even though I was still getting the same error message from spamhaus, I came here. That is all I have done to remove/solve this problem.



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:55 AM

Posted 16 January 2014 - 03:58 PM

Please stay in your newly created topic and be patient.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#8 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:55 PM

Posted 16 January 2014 - 04:15 PM

Now that you have started a new topic here:

http://www.bleepingcomputer.com/forums/t/521000/cannot-send-email-error-messge-from-spamhauscom/

I will lock this one to prevent confusion.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users