I have XP SP2 IE6 Mcafee, Spybot, Adaware, MS Antispyware beta and Zonealarm
Short Version
How do I get rid of Exploit-ObscuredHtml? It keeps coming back even if I delete it after turning off system restore.
Long Version
While visiting a website IE hung a bit, I didn't think much of it, waited a while and IE was working again, finished what I was doing and shut down the laptop. Few hours later I started it up and saw the icons in the notification were missing and it was running just slightly slower.
I updated and ran all the above programs but didn't come up with anything. I then did a few online scans, one of which was Trend Micro. This is the weird part, the online Trend Micro scan didn't find anything but about 70% through the online scan, my installed Mcafee On Access scan did find and delete Exploit-ObscuredHtml from the Temp folder. I let the online scan finish and restarted the PC and did another TM Mcafee combo scan and it was back in Temp under another name.
I messed around with it some more but finally decided reinstall XP Home. But even after a reformat it still shows up during a Trend Micro and Mcafee combo scan. I also noticed that everytime I go into "Local Settings" folder this dialog box pops up, this never happened before and a few days ago Zonealarm caught "LSA Shell" requesting access to the internet, ZA said this was a Windows NT or 2000 component so I gave it access, but then a login dialog box poped up with link to www.sunshinehid.com. I've never even heard of that site before.
I've also tried going into the temp folder to look for the trojan myself but I can never find it. So one time I decided to watch the temp folder while doing a simultaneous scan, I noticed the trojan icon would appear and disappear from the temp folder every few seconds. I tried deleting the icon but couldn't.
Thanks and sorry for the long post.
Short Version
How do I get rid of Exploit-ObscuredHtml? It keeps coming back even if I delete it after turning off system restore.
Long Version
While visiting a website IE hung a bit, I didn't think much of it, waited a while and IE was working again, finished what I was doing and shut down the laptop. Few hours later I started it up and saw the icons in the notification were missing and it was running just slightly slower.
I updated and ran all the above programs but didn't come up with anything. I then did a few online scans, one of which was Trend Micro. This is the weird part, the online Trend Micro scan didn't find anything but about 70% through the online scan, my installed Mcafee On Access scan did find and delete Exploit-ObscuredHtml from the Temp folder. I let the online scan finish and restarted the PC and did another TM Mcafee combo scan and it was back in Temp under another name.
I messed around with it some more but finally decided reinstall XP Home. But even after a reformat it still shows up during a Trend Micro and Mcafee combo scan. I also noticed that everytime I go into "Local Settings" folder this dialog box pops up, this never happened before and a few days ago Zonealarm caught "LSA Shell" requesting access to the internet, ZA said this was a Windows NT or 2000 component so I gave it access, but then a login dialog box poped up with link to www.sunshinehid.com. I've never even heard of that site before.
I've also tried going into the temp folder to look for the trojan myself but I can never find it. So one time I decided to watch the temp folder while doing a simultaneous scan, I noticed the trojan icon would appear and disappear from the temp folder every few seconds. I tried deleting the icon but couldn't.
Thanks and sorry for the long post.