[Madraykin]

Hi All,

I'm running XP home on an Acer Travelmate 2420. I recently ran Norton LiveUpdate (I have Antivirus 2007) and since then I've been getting a barrage of Symantec pop-ups in the bottom right of the screen saying 'scanning message 1 of 1'. I've done a Google search on the problem and can see some rather complicated solutions but need some guidance as to the best course of action to take.

Any advice would be much appreciated, let me know if you need any more info

Thanks

Mads

[serverguy]

Hi

I would like you to download HijackThis and generate a report on it so as we can analyse it and advise you on what to do.

Download HijackThis to your desktop.
Double-click on the file you just downloaded.
Click on the "Install" button to install.
It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Please do not change the default install location.
Upon install, HijackThis should open for you.
Now close HijackThis to rename it to analyze.

Important
Rename the Hijackthis.exe file to analyze.exe.
This is important because some forms of malware can hide from HijackThis.
Right click the HijackThis.exe file in C:\Program Files\Trend Micro\HijackThis
Choose Rename.
Type in analyze.exe and press the enter key.
Right click the analyze.exe file and send to desktop to create a shortcut.

Next click on the "Do a system scan and save a log file" button.
HijackThis will scan and then a log will open in notepad.
In the top left of the notepad window click "File" > "Save As" name it hijackthis and then save it to the Desktop.
Please save the log as a text (.txt) file or .log
Do NOT attach MS-Word .DOC files, they will NOT be looked at!
In your post, add the log as an Attachment.
* Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
** Don't use the Analyse This button. It's findings are dangerous if misinterpreted.

Guide for attaching logs to a post

[Madraykin]

Hi

Please see attached.

Thanks,
Mads

[evilfantasy]

Please download Combofix by sUBs from either here or here

Save Combofix.exe to your your Desktop.

1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall


Next post please attach
combofix.txt log
NEW hijackThis log

[Madraykin]

Hi

Thanks for the reply. Please see attached logs.

Regards,
Mads

[evilfantasy]

I don't see anything that could be causing the symantec to be scanning.

Do you use these?
Boonty Games
Kontiki <--This could be the problem, it sends data only I don't know if it is automatic or if you have to tell it or allow it to.

Open HijackThis and select Do a system scan only and place a check mark next to:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Now click Fix checked

If the computer is still scanning messages you will need to run the scans in this post and submit the logs.

[Madraykin]

Hi there

Thanks ever so much for your help with this. The strange pop ups have now stopped, for which I am very grateful.

Many thanks once again and all the best,
Mads xxx

[evilfantasy]

No problem, we need to uninstall combofix and let it clean up after itself.

Go to Start > Run and copy and paste next command in the field:

ComboFix /u



Make sure there's a space between Combofix and /
Then hit Enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again

Check out this post for some free programs to increase security on your computer.