Solve : Unwanted system tray icons, spyware related? – InterviewSolution

InterviewSolution

1.	Solve : Unwanted system tray icons, spyware related?
Answer» Hey, I recently got rid of some spyware, but I think there is some left over. I've tried Spybot S&D, Ad-Aware, Ez Anti-Virus, and Norton, and nothing can remove this paticular problem. I've taken some screens of this thing and posted them below. (red arrows point to the two icons) The virus/spyware has put these two icons on my system tray, and I can't remove them. Every 30 seconds or so, I get a little yellow bubble appear near the icons and tells me that "Your system is infected! Please click here for special offers on SpyWare removal software". It then adds a desktop icon, shown below. (I put a red box AROUND newly added icon) So far no anti-viral or anti-spyware software can remove this thing. Any tips on manual or other means of removal would be much appreciated. Also, I have a hunch that the problem might be "wupdmgr.exe", because I cannot end the process (It keeps reappearing) or delete the exe, but I don't KNOW much about this stuff, so I COULD be wrong. Thanks for any help. OS: WIN XP Service Pack 2 It should be easy enough to find. Could you please download HijackThis, run it on the infected PC, save the logfile, zip it with WinZip, and attach the zip file to your next post? We'll be able to take a look and suggest fixes from there.Thanks, Here's the log file.Look and see if you have a program RUNNING called MSSearchnet.exe in your windows/system32 directory. you will need to use your windows install CD and go into recovery and delete this file if it is present.File Name: osaupd.exe -------------------------------------------------------------------------------- Description: osaupd.exe is related to a variant of [highlight]SpyFalcon[/highlight] rogue anti-spyware which displays false messages that your system is under control of remote computer. You should remove this file and related infections from your computer immediately. Carry out the steps listed at the following site then return here with a fresh Hijackthis logfile. http://www.bleepingcomputer.com/forums/topic43659.htmlIn addition to what Fed has outlined ......... [highlight]wupdmgr.exe [/highlight].......... C:\WINDOWS\wupdmgr.exe running process. (wupdmgr.exe) Added as a result of a Troj/Soromo-A trojan infection ....... This must be removed as well . dl65 Okay, had to reboot in safe mode to delete wupdmgr.exe, and so far so good. Thanks for all the help guys.

Discussion

No Comment Found

Related InterviewSolutions