NewsFlash malware???

Discussion in 'malware problems & news' started by Heirloom, Nov 18, 2007.

Thread Status:
Not open for further replies.
  1. Heirloom

    Heirloom Registered Member

    Joined:
    Mar 30, 2004
    Posts:
    34
    Hi All,
    A friend in NY (I'm in TX), has contracted something I can't help her get rid of. In the systray she has an icon for 'Newsflash' and it seems to be slowing her machine drastically.
    Attempts to remove the program have been unsuccessful. It is listed in Add/Remove, but, even after killing the process with Process Explorer, Windows says there is a process still running. BTW, the process does not show up in Task Manager. Removal from the startup axis and rebooting does not help.
    Any suggestions or help would be greatly appreciated.

    Heirloom, old and hate it when this happens
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    Perhaps this will give some good advice.
     
  3. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    You could tell her to give us a call... :)
     
  4. Heirloom

    Heirloom Registered Member

    Joined:
    Mar 30, 2004
    Posts:
    34
    Thanks, Monty. I went through all of that and am just at the point of having her install HJT. I was hoping someone might be familiar with the removal of this pest. There was some information and removal steps for the NF Trojan, however, the file mentioned there was not on her computer.....if it is, it is well hidden. The big problem is that Windows thinks that the process is running and won't allow removal. I have killed the process (had her do it) through Process Explorer, after stopping it from the systray icon's menu and still, Windows sees it as having a running process, rrrrrrr.

    Sorry, Hermes, she really can't afford the $$$ for professional help...that's why I am attempting to help her.

    Thanks to both for your replies....I'll keep picking at it.

    Heirloom, old and persistent
     
  5. lasu

    lasu Registered Member

    Joined:
    Mar 19, 2005
    Posts:
    43
  6. Heirloom

    Heirloom Registered Member

    Joined:
    Mar 30, 2004
    Posts:
    34
    Thank you, lasu.
    Those look like some good sites for the HJT log to be analyzed. I'll have to get her to dl'd the app and run it. I am amazed that I cannot find any info on this thing! If I were there it would help........take care, and thnx again!

    Heirloom, old and this bugs me
     
  7. lasu

    lasu Registered Member

    Joined:
    Mar 19, 2005
    Posts:
    43
  8. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Not all infections are known my friend... Much of the Security community is reactive. Few actually know about infections before a few months into it's cycle... Fact of life!
     
  9. Heirloom

    Heirloom Registered Member

    Joined:
    Mar 30, 2004
    Posts:
    34
    Oh, I know you are right, Hermes. It is the 'day zero' nasties that will bite you in the butt, regardless of the steps you take to avoid them. This just happens to be the first time that I have seen something like this first hand. I'm just glad it is not on my computer. Of course, if it were, it would be dumped and the backup put on.....of the four discrete backups, at least one ought to be good~! :thumb:
     
  10. lasu

    lasu Registered Member

    Joined:
    Mar 19, 2005
    Posts:
    43
    Heirloom,
    how is the cleanup going?
    L
     
Loading...
Thread Status:
Not open for further replies.