I would appreciate any help you guys can give me.
I use ZoneAlarm on my system. It started with, what seem an innocuous request for internet access...if I am correct 'Services & Crontroller app'.
Once I gave approval, Symantec AV started sprouting all kinds of notices of emai9ls being sent. I had to force the system to reboot as I could not get in and wanted to stop it.
On reboot, I tried to have Symantec do a scan, which it would not do. I figured something had locked it up, so I paid the $$ to upgrade ZoneALarm from the free version to the virus/spyware version. This found a few things. Spybot found a whole bunch: Hupigon13; Win32.delf.uv; and SpywareInfo.trafficZ, plus other things...many of which came back avter booting.
Then I found you "8 steps", which I have followed. Interestingly, on the first run through MalwareBytes found nothing and SuperAV found:
Rootkit.Mailer/Gen
HKLM\system\controlset001\services\22573a06
C:\WINDOWS\SYSTEM32\DRIVERS\22573A06.SYS
HKLM\system\controlset002\services\22573a06
HKLM\system\controlset003\services\22573a06
Rebooted again and MalwareBytes found lots and SuperAV nothing...logs attached along with HiJack.
Thanks...John
I use ZoneAlarm on my system. It started with, what seem an innocuous request for internet access...if I am correct 'Services & Crontroller app'.
Once I gave approval, Symantec AV started sprouting all kinds of notices of emai9ls being sent. I had to force the system to reboot as I could not get in and wanted to stop it.
On reboot, I tried to have Symantec do a scan, which it would not do. I figured something had locked it up, so I paid the $$ to upgrade ZoneALarm from the free version to the virus/spyware version. This found a few things. Spybot found a whole bunch: Hupigon13; Win32.delf.uv; and SpywareInfo.trafficZ, plus other things...many of which came back avter booting.
Then I found you "8 steps", which I have followed. Interestingly, on the first run through MalwareBytes found nothing and SuperAV found:
Rootkit.Mailer/Gen
HKLM\system\controlset001\services\22573a06
C:\WINDOWS\SYSTEM32\DRIVERS\22573A06.SYS
HKLM\system\controlset002\services\22573a06
HKLM\system\controlset003\services\22573a06
Rebooted again and MalwareBytes found lots and SuperAV nothing...logs attached along with HiJack.
Thanks...John
