The other day I was infected by W32.Myzor.FK@yf. My homepage got changed and pop ups saying I need virus protection. I scanned my computer with several anti-virus/spyware programs and got rid of the homepage the virus created and those pop ups. I am not sure if I got rid of the whole virus or if there is something else on my computer but I don't think my computer is virus free yet, so if anybody could help me get rid of this or tell me if its still there, that would be great.
Am I still infected with W32.Myzor.FK@yf?
- Thread starter s888
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hi there. You have nothing too serious on your log, and the Myzor.FK infection you mention is certianly not present. You might like to do the following though...
Reboot into safe mode, and tell explorer to show hidden files and extensions. (no need to turn off system restore for this, as your log isn't too bad. Unless of course you didn't turn off system restore when you were following the instructions, in which case do so first, and re-enable it once you've finished)...
Open task manager, and end the task
symlcsvc.exe
Go to add/remove programs and...
uninstall DAP (Download accelerator plus)
uninstall anything to do with symantec (not spyware, but I see you've changed antivirus!
thumbs up and you have a residual service)
Spyware detector (it's complete rubbish)
run HJT and let it fix the following entries...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://express.rogers.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: SDService - Max Secure Software - C:\Program Files\SpywareDetector\SDService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
in My Computer/Explorer, go to...
C:\Program Files\Common Files\ and delete the "symantec shared" folder.
Reboot normally into windows.
Reboot into safe mode, and tell explorer to show hidden files and extensions. (no need to turn off system restore for this, as your log isn't too bad. Unless of course you didn't turn off system restore when you were following the instructions, in which case do so first, and re-enable it once you've finished)...
Open task manager, and end the task
symlcsvc.exe
Go to add/remove programs and...
uninstall DAP (Download accelerator plus)
uninstall anything to do with symantec (not spyware, but I see you've changed antivirus!
thumbs up and you have a residual service)Spyware detector (it's complete rubbish)
run HJT and let it fix the following entries...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://express.rogers.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: SDService - Max Secure Software - C:\Program Files\SpywareDetector\SDService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
in My Computer/Explorer, go to...
C:\Program Files\Common Files\ and delete the "symantec shared" folder.
Reboot normally into windows.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is clean.
Regards Howard
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Quite right Spike. I missed it too.
s888 should go to add remove programme in his control panel and uninstall it asap.
Regards Howard
This thread is for the use of s888 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
s888 should go to add remove programme in his control panel and uninstall it asap.
Regards Howard
This thread is for the use of s888 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Razer launches $160 Viper V3 Pro gaming mouse with 8,000 Hz polling rate- Shawn Knight replied
