TechSpot

Virus/Malware Problem - Logs attached

By msykes100
Sep 13, 2007
  1. Hi,

    A friend has had a Virus/Malware problem on his laptop which I've been trying to resolve for him. It manifested itself by having continual Windows Security popup messages and a few new icons on his desktop to do with Spyware removal.

    I've followed the Virus/Malware/Spyware Preliminary Removal thread (excellent instructions by the way!) and everything looks ok to me. I've attached the logfiles mentioned in the above thread and would be grateful if you could check them out for me and let me know if you can see anymore problems.

    For info, the laptop originally had Norton Internet security on there but the licence had expired! Before finding your instructions I ran Sweep, SS&D and Ad-Aware Personal SE, all of which found quite a few problems. However, the popups continued, though less frequently. The thing that seemed to stop them completely and remove the desktop icons was Smitfraud.

    Thanks
    Mark.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    You`re using an outdated version of HijackThis. See this thread HERE.

    Run this Symantec/Norton removal tool.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://smb-support.vaio-link.com/eSupport/PortalJSP/Portal.jsp

    O2 - BHO: (no name) - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - (no file)

    O14 - IERESET.INF: START_PAGE_URL=https://smb-support.vaio-link.com/eSupport/PortalJSP/Portal.jsp

    O21 - SSODL: msmhost - {4D4BF45C-FFA7-429A-9604-FC3F9E51906C} - (no file)

    O21 - SSODL: msmdev - {894E8E17-B0ED-4321-9491-4356DE5EAC91} - (no file)

    Click on the fix checked button.

    Close HJT and reboot your system.

    Post a fresh HJT log.

    Regards Howard :wave: :wave:

    This thread is for the use of msykes100 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. msykes100

    msykes100 TS Rookie Topic Starter

    New HJT Log

    Hi Howard,

    Thanks for your reply.

    I've carried out what you suggested, and the new HJT logfile is attached.

    Thanks
    Mark
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean. Unless you`re having any other problems, you should be good to go.

    I recommend you install a third party firewall, such as the ones below.

    Zonealarm, Kerio or Comodo free firewall programmes.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of msykes100 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. msykes100

    msykes100 TS Rookie Topic Starter

    Thanks

    Put the Comodo Firewall on, just handed the laptop back.

    Thanks for your help Howard, much appreciated!!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...