Please help removing malware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Heyman7, Jan 21, 2008.

  1. Heyman7

    Heyman7 Private E-2

    The issue started off about last weekend sometime, a friend of mine was over the house and is not too savvy with online computing. I'm guessing a pop up told him to click yes and here comes the annoying virtuemonde or something the malware is called.

    1st you get all these system messages about error this and error that, so I X them out and run X Cleaner & HiJack this and everything from the help thread. The system error messages come up everytime I boot the computer when programs are loading and everything. Another weird thing I see is

    "Help And Support Center"
    "Windows Update"

    were once before icons at the bottom of the right hand side and now they
    are on the desktop with NO IMAGE Showing, you know the image you see online from a photobucket when the pic is took down or something.

    This malware or virus is related to IE of course(Storage Protector), something in IE comes up
    like a malware ad comes up asking me do I want to download this out of the blue along with all the system errors
    that pop up all relating to this 1 I believe.
     

    Attached Files:

    Heyman7, Jan 21, 2008
    #1
  2. Heyman7

    Heyman7 Private E-2

    No upping, I am going to upload the other file because
    I didn't have space on the upload in the 1st post.

    Thank you all for everything.

    Edit: The file is too big it's showing.(Unkey2)

    Here's a Hijack this log
     

    Attached Files:

    Heyman7, Jan 21, 2008
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please run ComboFix as directed in the Read and Run First instructions ...then re-run C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file and the ComboFix log.
     
    TimW, Jan 22, 2008
    #3
  4. Heyman7

    Heyman7 Private E-2

    There you go. Sorry about that.
     

    Attached Files:

    Heyman7, Jan 22, 2008
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Combo Fix took care of most of it:

    I'm not seeing any anti-virus software ......??

    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Now download The Avenger by Swandog469, and save it to your Desktop.

    * Extract avenger.exe from the Zip file and save it to your desktop
    * Run avenger.exe by double-clicking on it.
    * Check the 'Input script manually' box.
    * Click on the magnifying glass icon.
    * Copy everything in the Quote box below, and paste it in the box that opens:

    * Now click the 'Done' button.
    * Click on the traffic light icon and OK the prompt.
    * You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Avenger.

    Be sure to tell us how things are running.
     
    TimW, Jan 23, 2008
    #5
  6. Heyman7

    Heyman7 Private E-2

    the mglogs is there but some reason when I put the file names in avenger the 1st time it was going good, when it rebooted it says the file was not saved or something then I repeated the same process and it says, there is no file so I'm guessing it's done.
     

    Attached Files:

    Heyman7, Jan 24, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    There is no need to quote my posts in your replies.

    * Run Spybot and click Mode
    * Select Advanced Mode.
    * Then click Tools and select Resident.
    * Now in the right window pane, uncheck TeaTimer.
    * Also while this is open, in the left column now select IE Tweaks
    * and then in the right pane make sure all the Miscellaneous locks are unchecked.
    * Now quit Spybot!

    * Run avenger.exe by double-clicking on it.
    * Check the 'Input script manually' box.
    * Click on the magnifying glass icon.
    * Copy everything in the Quote box below, and paste it in the box that opens:
    * Now click the 'Done' button.
    * Click on the traffic light icon and OK the prompt.
    * You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
    * A log file from Avenger will be produced at C:\avenger.txt

    You never told me what anti-virus program you have .....if any.
     
    TimW, Jan 25, 2008
    #7
  8. Heyman7

    Heyman7 Private E-2

    Error: selected file does not appear to be a valid script

    that's the error message that appears when I followed your procedure.
    Currently I have no Anti Virus Programs on the computer, I do have a Anti Virus Norton 2007 disc though. It appears to be no more problems as of currently.
     
    Heyman7, Jan 26, 2008
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Then check for those files by using windows explorer and delete them if found.....you need to install an anti-virus program ...whether it be Norton ( a known resource hog) of one of the freeware programs here: Top Freeware Picks.
     
    TimW, Jan 27, 2008
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds