Virus/Spyware Help

[ryanb]

It appears I have contracted the "Trojan 32" virus/spyware. I was trying to view a profile on myspace.com when I was prompted to download a "myspace viewer." Once I did this I began getting multiple popups (porn and virus protection stuff), critical system errors, and the little yellow triangle in my taskbar telling me I had spyware.

I have followed the instructions in the preliminary spyware removal thread and attached my hijackthis log below. When I ran the AVG scan it came back with no bad files.

Can anyone tell me if I still have nasty stuff in my log file?

Thanks for your help!!!

 

[howard_hopkinso]

Hello and welcome to Techspot.

Looks like you`ve done a very good job.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.r3.attbi.com:8000<Only fix this if you didn`t set this proxy yourself or you don`t know what it is.

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple.com/iTunes4/WW/win/019-0312.20050111. MmVrT/iTunesSetup.exe

O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://download.sidestep.com/get/k00719/sb028.cab

O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Click on the fix checked button.

Close HJT and reboot your system.

Delete this bold file.

C:\windows\system32\blank.htm

Other than the above, your HJT log is clean.

Regards Howard :wave: :wave:

This thread is for the use of ryanb only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Rik]

You definitely still have some nasties but as i am still "in training" I'm not %100 sure in regards of removing it permanently!!


I would however advise you to download either the free AVG or Avast antivirus programmes and either the free Zonealarm or Kerio firewall programmes from within this link - https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

Then, disconnect from the net and completely uninstall Symantec/Norton. If you have any problems in uninstalling the programme, take a look at this thread - https://www.techspot.com/vb/topic57112.html

Once you`ve completely uninstalled Symantec/Norton, reboot your system and install whichever firewall programme you chose, followed by whichever antivirus programme you chose. Reboot your system the required number of times and reconnect to the net. Run the antivirus updates.


Once you have done that, post a new HJT log and we will deal with the remaining malware!!!!



This thread is for the use of Ryanb only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.


EDIT!
Ooops!!! I didn't see Howards post untill i had posted mine, sorry!!!!!

 

[ryanb]

Thank you guys so much for your help!!! I think my computer is cleaned up. It's nice to know that there are guys like you making up for all the knuckleheads who spend their time building viruses and crap like that.

Thanks again - Ryan

 

[Rik]

If you would like you can post a fresh HJT log so that we can check to make sure it really is clean!!!!



This thread is for the use of Ryanb only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.