 |  |  |  |  |  |  |  |
Spamremote.exe
 |
•
•
Join Date: Mar 2004
Posts: 209
Reputation: 
Solved Threads: 12
Posting Whiz in Training
Has anyone seen this? I can't find anything on google/groups, none of my co-workers have seen this and none of our usual recommended spy-ware tools from here are finding this! I boot into safe mode and remove the registry keys and exe file, but after a reboot it is somehow repropogated and back in the startup! It doesn't do any browser hijacking, just random popups. This thing is damned annoying, and until it gets removed from a client's computer, I get phone calls every time there is a popup! If anyone could help out that would be MUCH appreciated.
Thank you in advance!
Thank you in advance!
PARANOIA:
A healthy understanding of the way the universe works.
A healthy understanding of the way the universe works.
•
•
Join Date: Feb 2002
Posts: 626
Reputation:
Solved Threads: 13
Practically a Master Poster
What steps have you ran all ready? Your saying in IE your getting ramdom pop-ups? Please be a little more clear on the question. Thanks buddy.
Jimmy
E-Mail - jimmy@fiberops.net
Chief Information Officer (CIO) of FiberOps
E-Mail - jimmy@fiberops.net
Chief Information Officer (CIO) of FiberOps
•
•
Join Date: Mar 2004
Posts: 209
Reputation:
Solved Threads: 12
Posting Whiz in Training
•
•
•
•
Originally Posted by MAD_DOG
What steps have you ran all ready? ...Please be a little more clear on the question.
•
•
•
•
Originally Posted by i686-linux
I can't find anything on google/groups, none of my co-workers have seen this and none of our usual recommended spy-ware tools from here are finding this! I boot into safe mode and remove the registry keys and exe file, but after a reboot it is somehow repropogated and back in the startup!
In other words...
I ran AdAware, SpyBot, and Hijack-this with no results of anything pertaining to spamremote.exe (And yes all of these were up to date) There were a few things related to SahAgent, but those were removed by adaware, and have been gone for days.
After those programs found nothing I booted into safe mode to delete the spamremote.exe file on the HD as well as the registry keys that were causing it to startup, checked msconfig as well. No records of it in the startup. Cool? No... it repropogates itself somehow from a secondary binary elsewhere on the computer.
Other resources I have checked are google/groups.google and co-workers.
•
•
•
•
Originally Posted by MAD_DOG
Your saying in IE your getting ramdom pop-ups?
•
•
•
•
Originally Posted by i686-linux
It doesn't do any browser hijacking, just random popups.
PARANOIA:
A healthy understanding of the way the universe works.
A healthy understanding of the way the universe works.
|
Similar Threads
- svchost.exe using 100% cpu! (Windows NT / 2000 / XP)
- Windows 2000 pro - svchost.exe using 100% cpu (Windows NT / 2000 / XP)
- svchost.exe !! (Windows NT / 2000 / XP)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Bridge.dll error (HijackThis Log inside)
- Next Thread: HiJackThis
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting report research risk rogueantivirus samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista volume war warning windows worm yahoo zeroday
