bho - hotfax - spywaredata.com

SuperAntiSpyware just brought up something it's calling an undefined browser helper object. I assum it's from a program we purchased called "hotfax". The file is called "smfaxhelper.dll".

A search for the .dll file on google brought up something from spywaredata.com which said that the file is safe.

A search for info on spywaredata.com turned up some pages saying that they are spreading bad info.

Would appreciate any information about the program, file and web site.

Thanks.

 

I thought to post into this thread rather than starting a new thread since it's looking like we do have some kind of malware. (The computer was hijacked to a commercial web site and other things).

I started going through the "malware removal procedure" and have attached the SAS log. The hotfax "trojans" were the only things found since I had already run the scan recently.

The computer hasn't had any problems so far, since quarantining of the hotfax files.

I did notify the SAS people of a possible false positive but haven't heard back from them yet.

 

I wanted to add that the 1st time SAS found these files, it listed them as bhos. Seems that with the updates they're now being listed as trojans.

 

I went ahead and removed the files SAS found for Hotfax and the Hotfax program still functions with no problems. The program came bundled with alot of other programs, (we got it thru ebay). I wonder if that's where the trojans came from, rather than Hotfax itself.

I did report the false positive to SAS and went thru their report procedure, but haven't heard back from them yet.

I'm also going thru the full cleaning procedure and will post the logs when finished.

Thanks.

 

These are the logs of the scans.

Not sure whether we're still having problems or not. We still don't have any web sites showing in the ie7 "history". And, so far, the browser hasn't been hijacked again, or snap back to the 1st page when trying to maximize a 2nd page from the task bar.

 

Thanks.

We seem to be still having malware problems. The screen snaps back to the 1st page when trying to maximize from the task bar. And internet explorer7 is very lagged compared to firefox (which I have now switched to).

I have tried deleting the ie history folder and it recreates but still has no visited web sites.

 

I'm not sure what I was doing when I first noticed the problems happening. I did do a reinstall of win xp not that long ago when trying to set up a sata card/rwdvd to be able to boot. (It turned out I wasn't able to boot because the bios wasn't recognizing the card).

 

(Wasn't able to edit the message following this one before the expired time - I wanted to add this to it.)

The setup required holding down the F1 key (?) during boot from the xp setup disk and then installing the drivers from a floppy.

I had posted a question to the hardware forum about this on 2/1/09 and posted again on 3/1 because of the problem that was happening with the ie history.

Maybe the problems are coming from the sata card driver.

 

Just thought to be completely sure there is no malware before going on to software.

This is the gmer log.