Melissabill
Posts: 6 +0
It appears I may have an HKLM Trojan that starts each time I start my computer. When I checked msconfig, it is listed on everything. How can I get rid of it?
Melissa
Melissa
HKLM Trojan
- Thread starter Melissabill
- Start date
- Status
kitty500cat
Posts: 1,391 +6
Hello, welcome to TechSpot! :wave:
What exactly do you mean by "HKLM trojan"? HKLM stands for HKEY_LOCAL_MACHINE, a legitimate thing in the Windows registry. It will show up in msconfig because that's where a bunch of stuff is stored in the registry.
What symptoms is your computer showing?
What exactly do you mean by "HKLM trojan"? HKLM stands for HKEY_LOCAL_MACHINE, a legitimate thing in the Windows registry. It will show up in msconfig because that's where a bunch of stuff is stored in the registry.
What symptoms is your computer showing?
Melissabill
Posts: 6 +0
Hklm
Well, my computer says it has encountered an error, and automatically shuts down. I tried running adaware, but before finishing my computer encounters an error and gives me a timer as to when it will shut down.
My Symantec virus protection which came standard with my pc says it will not allow me to send various emails, emails which I have not attempted to send, which are very vulgar as to the going to email address.
Web sites automatically open up when I am on the internet, etc.
Well, my computer says it has encountered an error, and automatically shuts down. I tried running adaware, but before finishing my computer encounters an error and gives me a timer as to when it will shut down.
My Symantec virus protection which came standard with my pc says it will not allow me to send various emails, emails which I have not attempted to send, which are very vulgar as to the going to email address.
Web sites automatically open up when I am on the internet, etc.
kitty500cat
Posts: 1,391 +6
Try updating your Symantec antivirus and running a full scan. You'll probably have to do it from safe mode. Then download Spybot - Search & Destroy, update it, and scan with it, again in safe mode. Update Ad-aware and scan with it in safe mode. See if that removes it.
Then please post a HJT log as an attachment into this thread (as per these instructions).
Regards
Then please post a HJT log as an attachment into this thread (as per these instructions).
Regards
Melissabill
Posts: 6 +0
Hklm
I have already installed adaware, installed updates. My PC shuts down prior to the Adaware finishing its scan, every time.
I have installed Spybot search and destroy, and its updates. Did nothing.
Any other suggestions? I am at a total loss.
I have already installed adaware, installed updates. My PC shuts down prior to the Adaware finishing its scan, every time.
I have installed Spybot search and destroy, and its updates. Did nothing.
Any other suggestions? I am at a total loss.
kitty500cat
Posts: 1,391 +6
Melissabill
Posts: 6 +0
Hklm
Yes, I have tried booting in safe mode. Same thing happens, when running Adaware pc shuts down. I am at a total loss.
Yes, I have tried booting in safe mode. Same thing happens, when running Adaware pc shuts down. I am at a total loss.
kitty500cat
Posts: 1,391 +6
OK, try posting a HJT log as an attachment into this thread (as per these instructions).
Melissabill
Posts: 6 +0
Hklm
Here is my log, per the instructions.
Here is my log, per the instructions.
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your system is absolutely riddled with malware.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Download LSPFix from http://cexx.org/lspfix.htm
1. Disconnect from the Internet, go to the LSPfix file and extract/unzip LSP-Fix into its own folder [C:\lspfix].
2. Open the lspfix folder and double-click on LSPFix.exe to start the program.
3. Check the "I know what I am doing" checkbox.
4. Select (highlight) all instances of 'msnetax.dll' in the left column under "Keep".
5. Click the arrow >> so it goes over to the right column under "Remove".
6. Click "Finish" and LSPfix will remove references to the file and restore the chain numbers.
7. Delete the bold file C:\windows\system32\msnetax.dll and Restart your computer
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, let me know the results of the AVG Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of Melissabill only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is absolutely riddled with malware.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Download LSPFix from http://cexx.org/lspfix.htm
1. Disconnect from the Internet, go to the LSPfix file and extract/unzip LSP-Fix into its own folder [C:\lspfix].
2. Open the lspfix folder and double-click on LSPFix.exe to start the program.
3. Check the "I know what I am doing" checkbox.
4. Select (highlight) all instances of 'msnetax.dll' in the left column under "Keep".
5. Click the arrow >> so it goes over to the right column under "Remove".
6. Click "Finish" and LSPfix will remove references to the file and restore the chain numbers.
7. Delete the bold file C:\windows\system32\msnetax.dll and Restart your computer
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.
Also, let me know the results of the AVG Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of Melissabill only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Melissabill
Posts: 6 +0
Hklm
Howard,
After reviewing my options, I will format and reinstall. I do not want to take any chances.
Thanks so much for your help. I knew I had a problem, just didn't know exactly what or how to fix it.
Howard,
After reviewing my options, I will format and reinstall. I do not want to take any chances.
Thanks so much for your help. I knew I had a problem, just didn't know exactly what or how to fix it.
howard_hopkinso
Posts: 21,238 +17
That is possibly your best option. Thanks for letting us know.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of Melissabill only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of Melissabill only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
