8 step help needed

[St1klmr]

I had a trojan that took over my desktop and gave "Warning.....Dangerous Spyware ....." message on a black screen.

I followed the 8 step process completely, and ran the Super Antispyware and Malwarebytes scans twice each. Attached are the logs from the last scan and from the hijackthis. Please assist with identifying if this has taken care of all of the issues. Even after running the mbam several times, I keep getting the two same infected items coming up even after removing them every time. Aside from that it's taken care of the desktop issues and problems with Internet Explorer.

Any help you can provide is greatly appreciated!

St1klmr

 

[kimsland]

-> No action taken on MBAM scan, for found issues

Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected. <========= Not Done

Uninstall Symantec (Norton) Antivirus
Run the Norton Removal tool

Run Startup Control Panel and remove any not required startups: (should be most!)

Install Avira free AntiVirus

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"

By the way, you will need to then restart, and run (and attach) a new HJT log

 

[St1klmr]

Thank you very much for your assistance on this. I went through as you instructed, the only thing I was unable to do was to completely uninstall Symantec Anti-Virus. Unfortunately this is a work computer and it got to that point and it was password protected and would not allow me to uninstall (I did however disable the auto-protect, which was all I was able to do). (side note, the IT department at my company spent about 6 hours trying to remove the malware, and didn't accomplish anything, and thanks to this site and people like you I was able to get rid of the Desktop issues within 2 hours!)

I did go back through and ran through all 8 steps again just to make sure that there wasn't anything else going on. See attached for logs. It appears the same 2 items are still there even after I selected remove. Not sure if this is because of the inability to remove the Symantec or not, or if it is something else? I removed it once after the full scan, and did a quick scan and it was still on there. (I'm attaching both of those logs)

Everything seems to be working fine, but I just want to make sure there's not a small part that is going to spread into something larger.

Thanks,

Steve

 

[kimsland]

it was password protected and would not allow me to uninstall

Try one of these:

symantec

norton