Results 1 to 2 of 2

Thread: New adware

  1. #1
    macdo503 Guest

    Default New adware

    I have just had my hotmail address book used by an unknown company to send malware. Zone alarm did not pick up any viruses or spy-ware, however Malaware did with this log.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Policies\Explorer\Run\rare (Trojan.Zlob) -> No action taken.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Program Files\MyFunCardsSetup2.3.50.26.ZUfox000.exe (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken.
    C:\Users\Iain Macdonald\Malwarebytes_Anti-Malware_v1.32_Multilingual\keygen\kg.exe (Dont.Steal.Our.Software.A) -> No action taken.

    For information

  2. #2
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,464

    Default Re: New adware

    Please try the Following

    NOTE: the steps below works only if you are on the latest versions of ZA (7.0.470.000 or later). If you are not, please update.
    Try to perform a full Antivirus/Antispyware scan but in SAFE MODE WITH NETWORKING.

    1. Disable system restore;
    2. Set ZA Antivirus/antispyware to "Ultra Deep Scan" under the advanced options of the ZA antivirus/antispyware tab (scan modes);
    3. Reboot in SAFE MODE WITH NETWORKING;
    4. Manual run ZA (ZA firewall will be OFF but Antivirus/Antispyware will be functional);
    5. Run a full ZA AV/AS scan;
    5. Reboot in Normal Mode
    6. Set ZA Antivirus/Antispyware back to Normal
    7. Ensable System restore

    How to start in SAFE MODE WITH NETWORKING
    How to disable windows SYSTEM RESTORE

    If the above fails try to clean your system with:

    A. Download update and scan with MBAM
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running

    B. Use the superantispyware online cleaning tool --> Here or download, update and scan with superantispyware FREE
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running

    C. Download update and scan with A2 free

    Still Problems? Try the bootable CD fromDrWeb

    if ALL the above fails please post your Hijackthis log to BleepingComputer or SpywareHammer
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •