Previously Detected Malware, posing new threat?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by LostandConfused, Nov 20, 2006.

  1. LostandConfused

    LostandConfused Private E-2

    Hello, I am new here, but I have found this site very useful in safeguarding and protecting my PC. I use standard Symantec Anti-Virus software, and recently it detected a few problems, placed them in Quarantine, but was unable to delete these problems.

    I thought everything was fine, but recently my computer's internet connection has been slowing down in random spurts, and my computer has frozen a couple time when I have been doing simple activities such as looking at online notes for my classes (on the internet).

    I feel that a virus has infested (for lack of a better word :confused: ), or RE-infested my computer.

    Attached are my HijackThis Log, the BitDefender Scan (***which has detected those previously Quarantined but not deleted viruses that were detected from Symantec***), and a RunKeys log.

    Since I'm only allowed to upload three files, I can upload the PandaActiveScan and the NewFiles thing if necessary.

    http://forums.majorgeeks.com/showthread.php?t=35407 --- I followed these instructions as best as I possibly can. ::EDIT1:: I also did the other scans, with the ones requiring safemode being used, they picked up nothing, but I am a bit skeptical.

    :::EDIT2::: I run a Dell with Microsoft XP Professional as an operating system. Its fairly new. (Not sure if this information is needed at all or not however.)

    ***ANY helpful assistance or advice is GREATLY Appreciated!!! :) ***
     

    Attached Files:

  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes we need the other logs! All you needed to do was add a second message with the additional logs. However note that I'm not seeing any malware thus far.

    Is your copy of Spyware Doctor a free trial version or a paid version?
     
    Last edited: Nov 20, 2006
  3. LostandConfused

    LostandConfused Private E-2

    Sorry, some forums are very antsy about double-posting so I wasnt sure whether to post it right away or not.

    The Spyware Doctor is a free trial version and if needed I can uninstall it.

    I attached the PandaActiveScan (Activescan.txt) and the Newfiles (newfiles.txt)

    ::IMPORTANT EDIT:: I was just checking through the Newfiles, and it mentioned in the "All files created in System32" components that the folder is now being used by Trojan.fakealert.cx aka smitfraud....Im not tooooo computer savvy, but typically I've always conceived it to be Trojan = bad.
     

    Attached Files:

    Last edited: Nov 20, 2006
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That would not be double posting! It would just be doing what we asked you to do. ;)


    Does the free trial actually fix anything? Does it provide any realtime blocking of malware? As far as I know the answer is no to those questions!

    You are not reading it correctly. It says (I'll highlight the important text):
     
  5. LostandConfused

    LostandConfused Private E-2

    Ok, yes I didn't notice the "No Matches Found", my mistake :eek: .

    And yes, the Trial Spyware Doctor doesn't block MalWare-I guess the only reason I kept it was that it says it detected some spyware whenever I do a system scan. Should I uninstall Spyware Doctor?

    Also is there any way to delete those Quarantined viruses that both BitDefender and Symantec Anti Virus were unable to delete?

    I really appreciate your help-Thanks a lot!
     
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Bitdefender believes that it delete the items in your Symantec Quarantine. However you Symantec software should have an option on some kind of control panel to empty the Quarantine. I cannot tell you where as I do not and would not use it even if I got it for free.


    Uninstall the below old versions of software:
    J2SE Development Kit 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4

    Now install the current version of Sun Java from: Sun Java Runtime Environment


    Delete the below folder! Morpheus is an infected P2P application!!!
    C:\Program Files\MorpheusBar

    You should have uninstalled the below in step 0 of the READ ME:
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player

    You demo of Spyware Doctor is way out of date anyway. It is Spyware Doctor 3.2. Uninstall it.

    You can also use HJT as given below to remove a few non-malware related items.
    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -

    After clicking Fix, exit HJT.

    Other than the above, you have no visible problems!
     
  7. LostandConfused

    LostandConfused Private E-2

    Alright, thanks a ton for all your help-I fixed what you said to fix.
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds