Unfortunately, the malware is probably geneating a random name -
that's why it''s not recognized. MalwareBytes is a respected name in
fighting this kind of thing.
Start here:
http://www.malwarebytes.org/forums/index.php?showtopic=2936
Basically it tells you to run some tools and post the resultanrt logs.
The experts on the forum will assist you.
Good luck
| I have goggled this and can find nothing. It just popped up yesterday asking
| for access to an http address. Anyone know anything or recognize it?
Please submit a sample to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it. In addition Virus
Total will provide the sample to all participating vendors.
You can also submit a suspect, one at a time, via the following email URL...
mailto:sc...@virustotal.com?subject=SCAN
When you get the report, please post back the exact results.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
I just reformated a month ago.
Sammy
"dave xnet" <davexn...@ETEyahoo.com> wrote in message
news:31drj4dhgf8nbgl0g...@4ax.com...
"Sammy Castagna" <sammycastagnahotmail.com> wrote in message
news:u9pASoZW...@TK2MSFTNGP03.phx.gbl...
Perhaps your goggles are dirty. :o\
> It just popped up yesterday asking for access to an http address.
File names are often useless information. Better information would be
the address you neglect to mention - but that could be useless as well.
> Anyone know anything or recognize it?
You should have the executable scanned by software designed to find
out if it is a known malware program. Try jotti.org or virustotal.com.
The computer is trying to access 216.95.196.22 HTTP.I am very careful to
watch Zonealarm for abnormal behavior.
Also when I search for the file on my computer this new search device
Microsoft has got out where it indexes everything says c drive has not been
indexed and file can not be looked for.
I will get back with you all tomorrow I have to get up 5:00 am est
Sammy Castagna
"John" <a> wrote in message news:egIgOsZW...@TK2MSFTNGP06.phx.gbl...
AS soon as I got home I deleted the microsoft search indexing tool and went
back to the find that used to be on win xp.I have fonf the file.
S7JFWBO7.EXE-OC7ED4DB.pf
S7jfwbO7
S&jfwbO7.exe.a_a Two are in folder C:\WINDOWS\system32 The other is
C:\WINDOWS\Perfetch
In your opinion is the Zonealarm firewall antivirus a good solution?
Sammy
"Sammy Castagna" <sammycastagnahotmail.com> wrote in message
news:OwWK3UaW...@TK2MSFTNGP06.phx.gbl...
Malwarebytes took it off. Thank you all.
What configuration of fire wall virus spyware should I be using?
Sammy Castagna
"Sammy Castagna" <sammycastagnahotmail.com> wrote in message
news:%23O4YNVl...@TK2MSFTNGP05.phx.gbl...
Sammy
"Sammy Castagna" <sammycastagnahotmail.com> wrote in message
news:encB0mlW...@TK2MSFTNGP02.phx.gbl...
| The damned thing came back. I tried to delete it and it said access denied.
| So I renamed it .old and was able to delete it.
| Sammy
OK. there is a helper/peer application that is restoring the file.
Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
Then post the contents of the HJT log in your post in one of the below expert forums...
{ Please - Do NOT post the HJT Log here ! }
Forums where you can get expert advice for HiJack This! (HJT) Logs.
NOTE: Registration is REQUIRED in any of the below before posting a log
Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0
Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7
Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13