popups and malware that I can't seem to remove

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by betenoire, Jun 18, 2006.

  1. betenoire

    betenoire Private E-2

    My computer has been getting unwanted popups despite having google toolbar with it's popup blocker enabled. Also, when I do a "full scan" using Windows Defender I find that there is something called Webhancer on my computer, which Defender is unable to remove. (Failed, 0x80508026.) I tried to delete the file manually (C:\System Volume Information\_restore{5CCEF9D0-CCF4-46FA-B21C-390D1F8E09DD}\RP133\A0009056.exe->(RARSfx)->whAgent.exe) but am unable to get the System Volume Information folder to open.

    My problems seem to have started when I downloaded a newer version of Limewire (I'd been using limewire for years and until this past week had NEVER experienced any problems associated with Limewire - but I suppose the newer version has some junk bundled in with it that the older versions didn't have? Nice.)

    Before I started having these problems I was running AVG Free, and Spybot. Since the problems started I've added Spyware Blaster, Ad-Aware, and Windows Defender.

    I did read the "Read and Run" post in this forum - but frankly I'm just not savvy enough to deal with any of that.

    I've attached a copy of my Hijack This logfile.

    Any suggestions? (Thanks in advance!)

    - brandy

    p/s - System:

    Microsoft Windows XP Home Edition
    Version 2002
    Service Pack 2

    CISNET

    AMD Semperon Processor
    3100+
    1.80 GHz, 448 MB RAM
    109GB Hard Drive

    if I left out anything you need to know please ask.
     

    Attached Files:

  2. Shadow_Puter_Dude

    Shadow_Puter_Dude MG Authorized Malware Fighter

    Welcome to MajorGeeks.com!

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

    Downloading, Installing, and Running HijackThis

    When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (
    these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
    • Bitdefender
    • Panda Scan
    • HijackThis
     
  3. betenoire

    betenoire Private E-2

    Okay, I did everything in the Read and Run first list. I was unable to run Windows Defender in Safe Mode - so I ran it in normal mode. Likewise, I wasn't able to connect to the internet in Safe Mode so I had to do the Panda ActiveScan and Bitdefender scans while in normal mode as well (I'm on dial-up.)

    The Webhancer isn't showing up in the full scan in Windows Defender anymore - which is fantastic. Also so far so good with the lack of popups. But I'm going to attach the three logs anyway - because some stuff did come up in both Panda ActiveScan and Bitdefender.

    Anything else I need to do?

    - brandy
     

    Attached Files:


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds