Simple problem yet persistant

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by nova_ace47, May 18, 2006.

  1. nova_ace47

    nova_ace47 Private E-2

    I am having some stupid malware problems with my computer. I can usually hunt these things down but this one is ellusive. I did follow the "getting started instructions" to the letter but the Panda Activescan window blithely closed soon after completing. It did however tell me that it didn't find anything. Heres my info:

    Specs:
    Gateway CX200X, Tablet
    1.7 GHz Pentium M
    1 GB Ram
    Windows XP Tablet with all updates
    Panda Platinum Internet Security
    Zone Alarm Free Firewall

    Symptoms:
    -Started with browser Hijack and popup windows. That was remedied several days ago.
    -Popup windows returned today: ran Ad-aware and Spybot removed popup window problem
    -Icon in tasktray that alternates between red circle crossed out and a green broken circle. It reads "Virus Alert!" when moused over.
    -Every once in a while an alert window pops up with a malware warning that I don't recognize wanting me to download removal software.
    -Spyfalcon randomly installed but was removed via "Special Removal Procedures" on this forum.

    --So basically all that is still wrong is the tasktray icon and the alert window.
    I am worried that the browser Hijack will return as it already has.

    Scan Results:
    The only scan that returned any hits was the Bitdefender with three trojan.downloaders and one win32.browserhijack. All others found nothing.

    Here is my HJT and bdlog:
     

    Attached Files:

    nova_ace47, May 18, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you have run the SpyFalcon removal procedure, please attach the smitfiles.txt log as requested in that procedure. You HJT log shows a remnant of the procedure so the fix may or may not be complete.

    Also run the below procedure and attach the runkeys.txt log.

    Using GetRunKey
     
    chaslang, May 18, 2006
    #2
  3. nova_ace47

    nova_ace47 Private E-2

    chaslang,

    Here's those two files.
     

    Attached Files:

    nova_ace47, May 18, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Here is what I want you to do. Re-run this: SpywareQuake & SpyFalcon Removal Procedure

    Make sure you start from scratch. That is re-download the SmitRem program and also download the fixquake.reg patch again and also makes sure you follow along with the list of files to delete again. The fixquake.reg patch and the list of files has been updated to include the items you are havin problems with.

    Afterwards, attach the new smitfiles.txt log and also a new runkeys.txt log.
     
    chaslang, May 18, 2006
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds