TechSpot

Help, I think I have Malware

By Fibrelight
Sep 23, 2008
  1. Dear Techies,

    After reading some other posts I believe I have a malware problem. I have had an icon in my quick launch area for a shockwave updater. I can't do anything with the icon, I can't remove the program and every time I delete it it comes back. It appears to be making my system run really slow but other than that I can't find any other side effect.

    I have gone through the 8 step process and have attached the requested log file. As I am a newbie to this please be gentle and use small words :p Thanks for everyone's help.

    Geoff
     

    Attached Files:

  2. BillAllen55

    BillAllen55 TS Maniac Posts: 368

    Just a shot in the dark - when accessing the directions for the '8 step' removal program, have you gone through all of the processes with ccleaner?

    It has a cleaner program as well as a registry fix program and a tools option that allows one to remove programs. I would look at all available tools within the ccleaner program. I find it easier and more reliable than Windows add-remove program.
    Just a thought.
     
  3. SpiritWind

    SpiritWind TS Rookie Posts: 164

    Hi :

    I recommend avoiding CCleaner since most "Malware-Fighters" nowadays prefer
    the FREE "ATF Cleaner" developed by antiSPYWARE Expert "ATribune" .

    ALL evidence I could find indicates you should have HijackThis "Fix" the following :
    "O2 - BHO: (no name) - {DF50F976-592A-47a4-81C7-AD34D5A3A947} - (no file)"

    Your HijackThis ( "HJT" ) Log indicates you have an outdated version of Adobe
    Reader, a serious security risk . Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/15...e-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has succesfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

    Use of PDF-files is becoming more and more popular amongst malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

    After uninstalling Adobe, seriously consider using the safer "Foxit Reader" .

    Also noticed you have ZA's misnamed "Spy Blocker" on your computer; this is nothing
    more than the Adware "ask.com" toolbar . You should seriously consider getting
    rid of it after reading the very reliable Info at http://securitygarden.blogspot.com/2...zonealarm.html .
     
  4. Fibrelight

    Fibrelight TS Rookie Topic Starter

    Thanks for all your help guys. So can I take from your reply that I don't have a problem with this shockwave 10 program? I'll follow your recomendations and let you know hoe it turned out.

    Geoff
     
  5. Fibrelight

    Fibrelight TS Rookie Topic Starter

    Didn't work

    I'm sorry to say that I still haven't got rid of the Shockwave 10 updater file. I've uninstalled Adobe reader as per advise, so thanks for the tip and I've got rid of the file suggested above. Any more suggestions would be greatly appreciated. Thanks everyone.

    Geoff
     
  6. BillAllen55

    BillAllen55 TS Maniac Posts: 368

    After doing a bit more research on your concern I ran into an interesting article that may or may not be relevant to your situation. I'm including the website for you to take a look at.
    The point of the Shockwave updater is to obviously update the version of shockwave to the latest which in fact would result in downloading the updated files - resulting in a change in overall performance during the update. Take a look at this website and if you like, let me know how things turn out.
    Regards. http://forums.techguy.org/all-other-software/628595-shockwave-updater-icon-included-hjt.html
    May like to take a look at this website as well:
    http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_16683&sliceId=1
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...