Help with SwimSuitNetwork and possibly more

Discussion in 'Malware Help (A Specialist Will Reply)' started by nja, Jun 22, 2006.

  1. nja

    nja Private E-2

    Hoping to get some help here.

    I've been getting a SMART failure warning for a few weeks and plan to get a new HDD. I think I'm just going to start with a fresh XP install rather than restore everything from this drive. I figured I'd thoroughly check the drive to make sure I don't carry over any malware. I suspect there might be something harmful because my computer has been running very sluggish lately (this is also the reason I want to start from scratch, not carry over all the apps that are slowing this one down).

    Did the following without significant findings...
    MS Malicious Removal Tool - nothing
    Ad-Aware SE (had hang problems so had to defrag harddrive first) - removed 6 tracking cookies but that's it.
    SpyBot Search & Destroy - nothing
    Windows Defender - nothing
    CWShredder - found and removed CWS.msconfig
    Kill2me - nothing
    BitDefender - nothing

    Panda Activescan - here's where the problem starts. About 1,000 files into the scan it finds:

    Worse yet, after it gets to about 7,000 files it stops scanning and says it has fininished. No error messages or anything. But there are more like 50,000 files on the drive. I'm pretty certain that it's not scanning the whole drive. I ran it under safe and normal boot with the same results.

    Anyway, after Panda I also ran HijackThis.

    All logs attached.

    So I guess I've got two main issues:
    1) How to get rid of SwimSuitNetwork? I found this http://www.pestpatrol.com/spywarecenter/pest.aspx?id=453075471 and looked for all of the listed files and registry entries but none are on my machine. What should I do?
    2) What can I do to get Panda to finish? Does the HiJackThis log indicate that there is anything else I should be hunting for?

    Thanks,
    Nick
     

    Attached Files:

    nja, Jun 22, 2006
    #1
  2. nja

    nja Private E-2

    some screenshots of what's happening with Panda. First is just as it finds the mydll.dll problem. The second is shortly before it quits. Notice how the status bar is still far from complete. The third is seconds later, showing the scan complete.
     

    Attached Files:

    nja, Jun 22, 2006
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Make sure viewing of hidden files is enabled (per the tutorial).
    Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

    After clicking Fix, exit HJT.
    Boot into safe mode and use Windows Explorer to delete:
    c:\windows\system32\MYDLL.dll

    If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

    Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
    Now run Ccleaner (installed while running the READ ME FIRST).

    Now reboot in normal mode and post a new HJT log.

    Make sure you tell me how things are working now.
     
    chaslang, Jun 23, 2006
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds