please help AIM virus

Hi, my brother was on AIM when his friend sent him this link that said something about a Myspace picture. He clicked the link, and although norton tried to stop him he permitted it. I went back onto the Norton Activity Log and he permitted these two files: C:\WINDOWS\wmiapsv.exe and C:\conf.com (I'm not sure if these are important files should I just delete them?)

I've tried using AIM fix but the problem will not go away. It's sending this virus to everybody on the buddy list and then AIM just goes haywire. I then deleted AIM from the computer and did a regedit(?) and then installed Gaim (which was something that was recommended when I was googling this virus) However, the problem persists. I then followed the instructions here https://www.techspot.com/vb/topic50981.html but that conf.com file and wmipsv.exe files are still on the computer. Is there anyway to fix this?

Thank you so much for your help

Hello and welcome to Techspot.

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Viewpoint\Viewpoint Manager
aol toolbar 2.0

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ViewMgr.exe
links.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [links] links.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - blank (file missing)

O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

Fix all 016-DPF entries.

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files(if there).

links.exe You will need to seach your system for this file.
C:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll

Reboot into normal mode and turn system restore back on.

Post a fresh HJT log.


Regards Howard :wave: :wave:

Thank you so much for your help! I did everything you said, and attatched is the new log.
thank you again!