Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having Some Problems...


  • Please log in to reply
1 reply to this topic

#1 AlexK

AlexK

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 23 June 2006 - 09:11 PM

Hello, I'm new to this so be easy on me...
Well yesterday, June 22nd I got a notification from Zone Alarm that they had a update out, so of course I downloaded it and restarted my computer. And when my computer was back on, after a little bit of research, I discovered I had the Spyware Quake stuff now on my computer. So I goggled and found your website, where I went through the automated Spyware Quake removal tutorial. I did this 2 times because the first time I messed up and didn't do it in safe mode, although it did get rid of all the popups except for that blinking yellow triangular warning one...So I did it a second time the right way and all the popups were now gone...After this I ran an Adaware Scan and it didn't find nothing big, just a couple cookies which I deleted. Then I ran a Norton antivirus scan and it found a Trojan Downloader file in the WINDOWS/system32 folder named ld8D9A.tmp, so I read how to delete it off their site and deleted it in safe mode. But to no avail because when I ran a scan again on the folder in normal mode it found the same thing but the file name changed to ldAA59.tmp....So I again went into safe mode and deleted this file, went back to normal mode and ran a scan on the folder and i think I got it because it didn't find anything...So just to be sure I ran a scan on my whole computer in safe mode again using Norton and it didn't find nothing. After this I followed your instructions at the end of the automated removal of the Spyware Quake and went to the Panda site and did a scan of my computer and it found 7 different things, which I'll list right now:

Incident Status Location

Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\alex@questionmarket[1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\smitRem.exe[smitRem/Process.exe]
Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/MyWay Not disinfected C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
Potentially unwanted tool:Application/Processor Not disinfected C:\Program Files\Roguescanfix\Process.exe

So basically I'm just wondering if someone can check out a log or something to make sure I got all the bad stuff off my computer. Also i turned off my system restore, because I read to do that at the symantec site, and it wasn't working anyways, thats the first thing I tried. And I can't get my homepage to change from the default msn.com site either...So I know I wrote a bunch of stuff down, but any help will be very appreciated...

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:08:19 PM

Posted 23 June 2006 - 09:49 PM

I suggest you post a HijackThis log for examination.
A member of the HijackThis Team will walk you through, step by step, how to disinfect your computer.
Once you post your log, don't make any changes to your system, as that could change the results of the posted log, making it difficult to properly clean your system.

Read Preparation Guide for use before posting a HijackThis Log.
Please read, and follow, all directions carefully!!!

Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, as these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users