Am I in the right place?

Discussion in 'Malware Help (A Specialist Will Reply)' started by auron99ie, Apr 17, 2006.

  1. auron99ie

    auron99ie Private E-2

    Hey I've been having some minor probs with my PC. My buddie rekons it's spyware but I'm not 2 sure...thought I'd ask you guys since ye did a brill job helping me before!
    Anyway, today whenever I tried to open a pdf with acrobat, a windows essenger(which i don't even use) configuration box popped up, telling me windows is preparing to configure messenger, it wouldn't cancel if I tried to, and even If i proceded it wouldn't work. I unistalled windows messenger then. But it said I unistalled 4.7, but the pop up box was for 4.5. Uninstalling didn't make any difference. So then I uninstalled&reinstalled adobe and it worked.
    But a while go whenever I tried to paste something into Microsoft Word, the messenger configuration box came up again!
    So am I in the right place, is this a spyware problem?
    Oh one more thing, last few days my msn messenenger kept crashing when I opened hotmail, I reinstalled XP service pack 2 yesterday(after trying everything else!) and that seemed to fix it but then todat I get that weird windows messenger thing....

    I've got all the software from the read this first, and my computer "seems" clean, so i dont know whats happening....
    Any help appreciated Thanks
     
    auron99ie, Apr 17, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It does not really sound like malware; however the only way to be really sure is for you to run thru ALL of the below. Your alternative would be to ask your question in the Software Forum.

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)
      • Bitdefender
      • Panda Scan
      • HijackThis
    .
     
    chaslang, Apr 18, 2006
    #2
  3. auron99ie

    auron99ie Private E-2

    Ok I've done all the scans, the only ones that showed up anything are the two on-line ones. Sorry about the delay but I've benn busy with college...srupid exams!:rolleyes:
    The windows messenger box that was popping up seems to be fixed. But I'm still getting the IE/MSN messenger crash. I have attached the log files. When the crashes happed it says that "msgsc.dll" caused the error if thats any good?

    Ok just tried uploading there and it says the BDScan file is too large(~450KB). The file seems to show all the files scanned(even though clean) in the recovery drive aswell the infected ones so I'll take those out and attach again. Let me know if I have to do the scan again?
     

    Attached Files:

    auron99ie, Apr 22, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    While you do have a few things to cleanup from your Panda log you do not have any major malware concerns. And I see nothing that would be causing your problems. But I do have a couple questions.

    1. Why and when did you install IE 7? This is a beta program. Are you a beta tester or are you a very experienced PC user? I would not recommend anyone who does not fit those categories to update to a beta program like this.
    2. Do you need the below proxy settings for something?
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

    Now on to the minor fixes!

    Copy the bold text below to notepad. Save it as fixMe.reg to your desktop (yes overwrite the previous one). Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Run Windows Explorer and delete the below:
    C:\Program Files\SearchRelevant <--- the whole folder
    C:\WINDOWS\SYSTEM32\MYDLL.dll
    C:\WINDOWS\INF\fastvideoplayer.inf
    C:\WINDOWS\usta33.ini


    Additional step to delete files in the super hidden Downloaded Program Files folder:
    - Click Start, Run, and enter cmd in the box and click OK. This opens a command prompt windows.
    - Enter the following command lines each followed by the enter key
    cd C:\WINDOWS\Downloaded Program Files\
    attrib -r -h -s HDPlugin1019.inf
    del HDPlugin1019.inf
    cd CONFLICT.1
    attrib -r -h -s HDPlugin1019.inf
    del HDPlugin1019.inf
    exit
     
    chaslang, Apr 22, 2006
    #4
  5. auron99ie

    auron99ie Private E-2

    Not to sure about the proxy settings, as far as I know they are not used anyway the use proxy settings box isn't ticked. And as for IE 7, only just the other day, thought if I upgraded it might fix the crashing which it did...for a while, wanted to have alook at it too, and yes i am a fairly experience user, I do computer science in college and have been using computers for ages so I know a thing or two! But this msn problem is doing my head in....
    Think I should post it in the software section like you originally suggested?
     
    auron99ie, Apr 22, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay! Make sure you include full error messages if you are receiving any.

    And you MUST uninstall one of the antivirus applications you have installed! And if Symantec came with a firewall, you should not be using ZoneAlarm.
     
    chaslang, Apr 22, 2006
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds