Malware problems

[Red Dragon]

don't use google - try yahoo or msn - I have actually seen that before

Let me look through some change logs for your infection - I actually see it back in the combofix log and thought sdfix would have killed it but it didn't

[steff]

Dy wasn't kidding when he said I was a handful.

MBAM log 1 - quick scan in safemode
MBAM log 2 - full scan in safemode
MBAM log 3 - quick scan in regular mode
Misc file - the file that got created when the online Kaspersky virus scanner wouldn't work

It's also worth mentioning I have a process running called "conime.exe" which sounds bad. I just closed it there just now.

edit - and since I have said process... here's my hijackthis log too

[Red Dragon]

Run Smitfraudfix

• Download Smitfraudfix by S!ri from HERE
• Double-click SmitfraudFix.exe
• Select 1 and hit Enter
• The report can be found at the root of the system drive, usually at C:\rapport.txt

==============================================

Panda Online Scan

• Please visit Panda Online Scanner
• Click on "Scan your PC".
• A new browser window will open with Panda ActiveScan.
• Click the big "Check Now" button
• Enter your Country, State/Province, e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it

Note: If this is the first time you scanned your PC, you´ll have to download the ActiveX controls (8 MB). The time it takes to download these can vary depending on your connection

• Click on "Local Disks" to start the scan
• Save the log file to your desktop

Attach both here - looks like MBAM is finding it but may be having trouble removing some of the files - i have something for that after we see these reports

[Red Dragon]

I wouldn't be so sure. It's easy enough to upload it - and the legit version usually only is seen on Asian versions of windows


Upload a File to Virustotal
Please visit Virustotal found HERE

• Click the Browse... button
• Navigate to the file C:\Windows\system32\conime.exe
• Click the Open button
• Click the Send button
• Copy and paste the results back here please.

now I wanna see virustotal, report.txt, and panda log

[steff]

MD5: abc9002269e569538901109441660dd2
First received: -
Date: 09.01.2008 17:58:45 (CET) [>3D]
Results: 0/36
Permalink: analisis/12c29d9080aa9f7693fa58c74f18af87

So apparently it isn't a virus... strange though since that is the first time I've ever seen that process running.

edit - and the whole google problem was a general "click on a link" problem but MAMB sorted it.