BitDefender found TrojanPurityAd.B

Hi. I followed all the instructions in the Read Me First Thread.

Here are my logs. Any help is appreciated!

 

here are the rest of the logs

thanks

 

Hi tgirl ! Welcome to MajorGeeks!

1) Please look in Add/Remove Programs for the following and uninstall them if found. If you get any errors just make a note and proceed.

Then delete the below folders which may be left behind by the uninstall:

C:\Documents and Settings\Mariane.BLUE\Application Data\Sunbelt Software
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software

I'll get back to you with further instructions later.
abri

 

Finished all the instructions you wrote. Ready whenever you are. Wasn't sure if you were waiting for me to reply before you posted further instructions.

Thanks for any help.

 

Hi tgirl!

1) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger

2) Next we need to remove a bad service, please follow the below…

• Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
• On the page that opens, scroll down to mousecrm
• then right click the entry, select Properties and press Stop Service.
• When it shows that it is stopped, next please set the Start-up Type to 'Disabled'.
• Now Click OK until you get back to Windows.
• Next, run HJT, but instead of scanning, click on the None of the above, just start the program button at the bottom of the choices.
• At the lower right, click on the Config button
• Then click the Misc tools button
• Select Delete an NT Service
• Copy/paste mousecrm into the box that opens, and press OK
• If you receive any error messages just ignore them and continue.
• Now exit HJT but do not reboot when it tells you it needs to. We will do that further down after running HJT again to fix some other items.

3) Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

Again, make sure ALL browser windows are closed when you click FIX.

4) Copy the contents of the below Quote Box including the word REGEDIT4 to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fixme.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the fixme.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.

5) After you have completed all of the above, please run new scans for ShowNew (newfiles.txt), GetRunKeys (runkeys.txt) and analyse.exe (hijackthis.log) and attach fresh logs for them as well. Also, please let us know how it went and how your computer is running now.

• ShowNew Log
• GetRunKey Log
• HijackThis Log

abri

 

hope that does it.

 

Hi tgirl!
Your logs are clean. Please do our final instructions in the box and take time to read through "How to Protect yourself from Malware".

Let me know how everything goes!
abri