Help, I think I have Malware

[Fibrelight]

Dear Techies,

After reading some other posts I believe I have a malware problem. I have had an icon in my quick launch area for a shockwave updater. I can't do anything with the icon, I can't remove the program and every time I delete it it comes back. It appears to be making my system run really slow but other than that I can't find any other side effect.

I have gone through the 8 step process and have attached the requested log file. As I am a newbie to this please be gentle and use small words Thanks for everyone's help.

Geoff

 

[BillAllen55]

Just a shot in the dark - when accessing the directions for the '8 step' removal program, have you gone through all of the processes with ccleaner?

It has a cleaner program as well as a registry fix program and a tools option that allows one to remove programs. I would look at all available tools within the ccleaner program. I find it easier and more reliable than Windows add-remove program.
Just a thought.

 

[SpiritWind]

Hi :

I recommend avoiding CCleaner since most "Malware-Fighters" nowadays prefer
the FREE "ATF Cleaner" developed by antiSPYWARE Expert "ATribune" .

ALL evidence I could find indicates you should have HijackThis "Fix" the following :
"O2 - BHO: (no name) - {DF50F976-592A-47a4-81C7-AD34D5A3A947} - (no file)"

Your HijackThis ( "HJT" ) Log indicates you have an outdated version of Adobe
Reader, a serious security risk . Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/15...e-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has succesfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

Use of PDF-files is becoming more and more popular amongst malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

After uninstalling Adobe, seriously consider using the safer "Foxit Reader" .

Also noticed you have ZA's misnamed "Spy Blocker" on your computer; this is nothing
more than the Adware "ask.com" toolbar . You should seriously consider getting
rid of it after reading the very reliable Info at http://securitygarden.blogspot.com/2...zonealarm.html .

 

[Fibrelight]

Thanks for all your help guys. So can I take from your reply that I don't have a problem with this shockwave 10 program? I'll follow your recomendations and let you know hoe it turned out.

Geoff

 

[Fibrelight]

Didn't work

I'm sorry to say that I still haven't got rid of the Shockwave 10 updater file. I've uninstalled Adobe reader as per advise, so thanks for the tip and I've got rid of the file suggested above. Any more suggestions would be greatly appreciated. Thanks everyone.

Geoff

 

[BillAllen55]

After doing a bit more research on your concern I ran into an interesting article that may or may not be relevant to your situation. I'm including the website for you to take a look at.
The point of the Shockwave updater is to obviously update the version of shockwave to the latest which in fact would result in downloading the updated files - resulting in a change in overall performance during the update. Take a look at this website and if you like, let me know how things turn out.
Regards. http://forums.techguy.org/all-other-software/628595-shockwave-updater-icon-included-hjt.html
May like to take a look at this website as well:
http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_16683&sliceId=1