I've tried it all .... but not really.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by thi3f, Oct 24, 2005.

  1. thi3f

    thi3f Private E-2

    I say not really, because obviously if I tried everything, my problem would be fixed.

    Usually, I never have a problem with spyware. I have Webroot's Spy Sweeper always running as my real-time agent. I'm pretty good about running Lavasoft's Adaware, every other day or so. Occasionally I'll even run Spybot.

    Lately though (as in the past 5-7 days), and this is a problem I've never experienced, I get an IE popup, about ever 5-10 minutes. Luckilly, my script blocking software usually blocks it, but the popup still shows.

    So, I did the usual. Went to safe mode, shut off system restore, ran Adaware about 3 times, all it found was the MRU list, that it finds everytime (I have no idea what that is, maybe I should google it?). Oh, and it finds a tracking cookie everytime. Nothing dangerous though.

    So, my next step was to run Trend Micro's online scan. Doing so, it found two pretty bad files.

    - Here is one.
    - Here is the other.

    After seeing that, I read around and figured out that I should probably remove MS Java, which I did.

    I restarted, and for the next hour or so, everything seemed fine. But no, I got home from class, and there sat a nice IE popup, pointing to:

    www9.paypopup.com/deskwizz/deskwizz.htm

    So.. I'm wondering. Could I have software running that is causing these popups? The only programs that run 24/7 on my machine are:

    - Kaspersky
    - Utorrent (my torrent client)
    - AIM
    - Gmail Notifier (notifies me of my mail at my gmail address)
    - Daemon Tools
    - Spy Sweeper
    - Logmein (software that allows my comp to be remotely accessed)

    And that's it.

    Here's my Hijack log , if it helps. (I really need to learn how to analyze that log myself, and go from there. This is the first time I've ever made a log though, since spyware has never been a problem before.)

    Thanks in advance guys.
     
    thi3f, Oct 24, 2005
    #1
  2. thi3f

    thi3f Private E-2

    *bump* :)
     
    thi3f, Oct 24, 2005
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    There were no visible malware problems in your HJT. All I can recommen is that you please follow our cleaning procedures and then our process for properly install, running, and attaching a HJT log. You may also want to consider running the Alternative scans step of the READ & RUN ME too.


    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.



    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

    Downloading, Installing, and Running HijackThis

    .
     
    chaslang, Oct 25, 2005
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds