Help with removing malware and trojan virus!

Hello,

My system was down to 3mb of disk space, and nearing a crash. I have ran Ad-awareSE, Spybot and Ccleaner, CounterSpy, Bitdefender and the Panda ActiveScan.

A number of viruses and malware were found. Please help me to get rid of what is killing my computer.

Thank you,
River

 

Please attach, the BitDefender log and a HijackThis log.

 

Hello,

I am having a problem running hijackThis.

I will keep tyring. I get a parser error message.

 

I have tried to remove the old hijackThis download from Fed 2004, but when I download it with WinZip it keeps putting it back in the same place.

Then when I run it I get this message: The download cannot continue. Error parsing voucher.

What should I do?

 

Help with downloading and running hijackThis.

My Bitdefender log. is 4000 kb long. Why would that be?? What should I do about that?

I am so lost and so frustrated.
I appreciate any and all help you can give.

River

 

Please, please help. I can not attach my Bitdefender log as it is too long.
And I the hijackThis log will not download either.

Here is my hijackThis log from yesterday, before I ran Bitdefender and Ccleaner and CounterSpy.
I followed the procedures to the letter. I have attempted to download the new version of winzip and hijackThis but for some reason I am having a problem with hijackThis.

Please please help

 

You are running HijackThis directly from your desktop; this is not a desired loaction for HijackThis.

Right-Click, and Save the following file to your desktop: Move_HijackThis.vbs. Double click on the file you just downloaded, this will move HijackThis to a safer location.

Uninstall MyWebSearch using Add or Remove Programs in the Control Panel.

You have items in the IE Trusted Zone; this is not a good practice from a security stand point. Remove all items from the IE Trusted Zone.

The version of Sun Java that is installed is very out of date. Update Sun Java to the latet version.

Zip your BitDefender log, this should make it small enough to attach.

 

Thank you.

I saved the file to my desktop and double clicked it and hijackThis reopened but I get the same message.

I have uninstalled hijackThis and reinstalled it, but I keep having the same problem. How can I uninstall it for good and start over?

I have hijackThis saved in drive c:/programs/HJT folder. And when I reinstall it, win-zip asks if I want to reinstall the old version over the old version. I don't see the new one.

I will try and zip my Bitdefender file.

 

Thank you.

I saved the file to my desktop and double clicked it and hijackThis reopened but I get the same message.

MyWebSearch does Not show up in my Add/Remove programs. How can I find it to remove it?

I have uninstalled hijackThis and reinstalled it, but I keep having the same problem. How can I uninstall it for good and start over?

Also I uninstalled my old winzip program and installed the new version from you web site. How can I get the old version back?

I have hijackThis saved in drive c:/programs/HJT folder. And when I reinstall it, win-zip asks if I want to reinstall the old version over the old version. I don't see the new one.

Attached is my zipped Bitdefender file.

Thank you again for your help.

 

I need to know what the error messege is, word for word, that you are getting when you run HijackThis.

Run this uninstaller to remove MyWebSearch, http://help.myway.com/uninstall/mwsUnins.exe

You don't actually install HijackThis, it is a single executable file placed inside C:\Program Files\HJT; and then ran from that location.

You shouldn't have needed to upgrade WinZip to unzip the archive that contains HijackThis.

{EDIT} - Additional Instructions

Empty your Recycle Bin
Empty Your AV Quarintine Folder
Disable System Restore, the renable it. You have several infected restore points. This will flush the infected points and create a new one.

Uninstall Wild Tangent.

Run Counter Spy in Safe Mode, then run it again in Normal Mode.

Post the Counter Spy log from Normal Mode and a fresh HijackThis Log

 

I have done all that you suggested. And have added the logs you requested.

. Can I get the old WinZip file back? As this new one seems to be only an Evaluation Version. Will I have to pay for WinZip now after having it free for five years?

{EDIT} - Additional Instructions

Empty your Recycle Bin - Done
Empty Your AV Quarintine Folder - Done
Disable System Restore, the renable it. You have several infected restore points. This will flush the infected points and create a new one. - Done

Not in Add/Remove Programs. Where can I find it?

Done

Done

Thank you so very much.

 

If you have a valid license for WinZip then it will work with version 9. If you do not have a license then I suggest 7-Zip as an alternative.

Scan with HijackThis and fix the following:

Remove the following from IE Trusted Zone:

Copy the contents in the quote box to notepad and save as FixME.reg to your Desktop

Double-click on FixME.reg and answer 'Yes'.

Delete c:\windows\cookies\default@ad.yieldmanager[1].txt

Turn Off system Restore.

REBOOT

Turn on System Restore

Post a fresh HijackThis log

 

Hello Shadow

Thank you again for your help. Please forgive my opening two posts. Chasling was helpful in directing me to open my hijackThis log. I was trying to open it with an incorrect program other than Notepad.

I have completed your directions.

I have been able to restore 50% of my memory, Thank you, thank you.

However, my system still seems to run slow and it locks up, to the point of having to restart it at the cpu, and then get the message that the system was shut down incorrectly.

 

Your log appears to be clean.

Having both Norton AV and CounterSPY running with resident protection enabled; you are going to see a large amount of your resources in use (i.e. memory).

If you can do with out it, I would disable CounterSPY and only run it as a On-Demand Scanner.

 

How do I disable CounterSpy to only run it on demand? Also I only have it for a few more days. Do you recommend purchasing this software?

What Anti Virus program do you recommend?


Thank you again so very much.

 

If it's the Trial just Uninstall it, CounterSpy has a habit of consuming quite a bit of you CPU cycles.