Hidden malware and/or spyware

Dell / Dell dv051...
July 10, 2010 at 23:38:09
Specs: Microsoft Windows XP Professional, 2.792 GHz / 502 MB
Hey everyone, I'm here to ask for some help getting rid of some malware or spyware i seem to have picked up.

Whenever I'm browsing the internet with firefox I hear the clicking noise from IE, the firefox window turns inactive with no other program running in the background, and the "Wave" volume control keeps going down.

I've run various scans with AVG, MalwareBytes, Housecall, and Spydoctor with no luck and now i'm pretty desperate to get rid of this annoyance. Anything you all can suggest to end my misery? Thanks in advance


See More: Hidden malware and/or spyware

Report •

#1
July 11, 2010 at 14:22:19
you can try combofix:
http://www.bleepingcomputer.com/com...
Follow the guide on the website and you should be fine

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#2
July 11, 2010 at 19:57:31
Murf, try using Bootkit Remover: http://forums.majorgeeks.com/showth...

I would also have a look at the thread that contains that link, which is here: http://forums.majorgeeks.com/showth...

Please follow the instructions in the first post VERY carefully (as it deals with your Master Boot Record as stated). As suggested in that thread, PLEASE back-up your data before hand.

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#3
July 12, 2010 at 19:26:44
Thanks to both of you, bootkit remover seems to have done the trick, but ill remain cautiously optimistic at this point.

One more question, ZoneAlarm keeps picking up on erijihdtssd.exe trying to access the internet. I don't know what that is so I keep denying access, but could that mean that the virus is still on my computer?


Report •

Related Solutions

#4
July 13, 2010 at 09:28:56
I believe the process belongs to a fake AV Suite, so with that said, please first download and run Rkill here: http://download.bleepingcomputer.co...

After it finishes, please DO NOT reboot, as if you do the Malware or whatever that process is will re enable itself. Then download either Trojan Remover from here: http://www.simplysup.com/tremover/d... or use Hitman Pro found here: http://download.cnet.com/Hitman-Pro...

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#5
July 13, 2010 at 16:30:36
Alright I ran Rkill, then Trojan Remover, and Hitman Pro and both scans came up clean. I also managed to locate the erijihdtssd.exe file in my Applications Data folder and deleted it.

I looked up some stuff about fake AV suites and saw that they often hide themselves in various folders, and was just wondering if there are any other places I should search for any traces of this virus


Report •

#6
July 13, 2010 at 20:40:23
You could try using the Kaspersky Online Scanner, which won't delete viruses, but will try and pin point where the infections are, then you can use Google to search for the names of said processes it finds to see if they're malicious or not: http://download.cnet.com/Kaspersky-...

Helpful tips before getting started: http://www.computing.net/howtos/sho...


Report •

#7
July 14, 2010 at 19:38:52
Alright, will do. Can't thank you enough for helping me during this mini crisis :D

Report •

Ask Question