site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Security > [Hacked] DarkMailer?

Search Topic:
 Share Topic
Posting?
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
AuthorAll Replies


elias
Premium,VIP
join:2000-07-24
Miami, FL

reply to SpannerITWks

Re: [Hacked] DarkMailer?

said by SpannerITWks:

Sorry to hear about your GF's misfortune ! Most good AV/AT should be able to detect/remove this though. Hope she gets it sorted soon.
Actually, in checking the Even Viewer, Symantec had updated itself with the latest definitions that very morning around 6am when she turned on her computer. It also seems that when the spammer tried installing it, Symantec identified dm.exe as a trojan and tried to quarantine it. I'm guessing the guy dismissed the pop-up messages and had it ignored or something.

The version they installed on her machine was older, like 1.36 or some such. It has several files with e-mail addresses along with a text file containing the outgoing message. The e-mail addresses were all @aol.com and were all in the L's. The message itself was a Suntrust phishing e-mail, trying to trick the user into providing their info at some site.
--
My Webmaster Gig | Crunching the Midnight Oil
to forum · permalink · 2006-06-22 07:54:21 ·


Snowy
mIRC unix.ro UnderNet
Premium
join:2003-04-05
Kailua, HI
kudos:5
Reviews:
·RoadRunner Cable
·Clearwire Wireless

Elias, I had no doubt you would succesfully sort through it all. The Symantec detection of dm.exe is interesting since it seems to be the only AV to do so.
STATUS: FINISHEDComplete scanning result of "dm.exe", received in VirusTotal at 06.22.2006, 18:12:29 (CET).

Antivirus Version Update Result
AntiVir 6.35.0.15 06.22.2006 no virus found
Authentium 4.93.8 06.22.2006 no virus found
Avast 4.7.844.0 06.22.2006 no virus found
AVG 386 06.22.2006 no virus found
BitDefender 7.2 06.22.2006 no virus found
CAT-QuickHeal 8.00 06.22.2006 no virus found
ClamAV devel-20060426 06.22.2006 no virus found
DrWeb 4.33 06.22.2006 no virus found
eTrust-InoculateIT 23.72.46 06.22.2006 no virus found
eTrust-Vet 12.6.2270 06.22.2006 no virus found
Ewido 3.5 06.22.2006 no virus found
Fortinet 2.77.0.0 06.22.2006 suspicious
F-Prot 3.16f 06.21.2006 no virus found
Ikarus 0.2.65.0 06.22.2006 no virus found
Kaspersky 4.0.2.24 06.22.2006 no virus found
McAfee 4791 06.22.2006 no virus found
Microsoft 1.1481 06.22.2006 no virus found
NOD32v2 1.1615 06.22.2006 no virus found
Norman 5.90.21 06.22.2006 no virus found
Panda 9.0.0.4 06.22.2006 no virus found
Sophos 4.06.0 06.22.2006 no virus found
Symantec 8.0 06.22.2006 Infostealer
TheHacker 5.9.8.164 06.22.2006 no virus found
UNA 1.83 06.21.2006 no virus found
VBA32 3.11.0 06.21.2006 no virus found
VirusBuster 4.3.7:9 06.22.2006 no virus found

Aditional Information
File size: 709632 bytes
MD5: be06575cccb6062ab5d45f47f3958c98
SHA1: ee2d8c2b3da71682eac65a2821cb30af3dbf43cb

to forum · permalink · 2006-06-22 12:35:22 ·


elias
Premium,VIP
join:2000-07-24
Miami, FL

said by Snowy:

Elias, I had no doubt you would succesfully sort through it all. The Symantec detection of dm.exe is interesting since it seems to be the only AV to do so.
I'll try to post a log from SAV10.
--
My Webmaster Gig | Crunching the Midnight Oil
to forum · permalink · 2006-06-23 07:44:39 ·
Forums > Broadband Tech > Security > Security

Monday, 28-May 01:41:32 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics