Messengerspy.net

Discussion in 'Malware Help (A Specialist Will Reply)' started by kriss-47, Aug 4, 2008.

  1. kriss-47

    kriss-47 Private E-2

    Hello,

    Yesterday afternoon I was on my laptop, when suddenly <snip> appeared and attached itself to my offline contacts and told me that a contact of mine had deleted me and then all of a sudden some other contact that didn't belong to me (sexy lady) signed into my account, but then she was gone. My friend hadn't deleted me and suddenly he re-appeared back in my contacts list.

    I immediately ran spybot and they found Fraud.ProtectionBar and Vario.Antivirus. and i fixed the problems, I also ran it again this morning and it said Congratulations - No immediate threats were found

    I cannot seem to find out much information about these, are they malware ??

    I have also ran AVG 8 and it found nothing other than a lot of cookies although they referred to them as warnings, but I deleted them anyway.

    Is there anything else i can do to protect myself and do you think they have definately gone now as i feel nervous using my computer from a security angle.

    Thanks for listening.



    kriss
     
    Last edited by a moderator: Aug 4, 2008
    kriss-47, Aug 4, 2008
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Welcome to Major Geeks!

    If you want to be sure it is gone and you are clean:

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions. If something does not run, write down the info to explain to us later but keep on going. Do not assume that because one step does not work that they all will not.

    READ & RUN ME FIRST. Malware Removal Guide


    Note: If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:

    Starting your computer in Safe mode
     
    TimW, Aug 4, 2008
    #2
  3. kriss-47

    kriss-47 Private E-2

    View attachment mbam-log-8-6-2008 (00-08-04).txt

    Hello, I am having real difficulty trying to upload these files, I have ran 4 of the scans so far, but when i try and upload the others they keep saying invalid files :(

    It also keeps telling me that a security token is missing (no idea what that means) but i will keep trying. but will send you this one anyway.
     

    Attached Files:

    kriss-47, Aug 6, 2008
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Have you saved your logs to the desktop as text files, there should be no problem attaching them. You also need to run Malwarebytes again and have it fix all that it finds.

    What exactly happens when you try to attach the C:\MGLogs.zip?
     
    TimW, Aug 6, 2008
    #4
  5. kriss-47

    kriss-47 Private E-2

    kriss-47, Aug 7, 2008
    #5
  6. kriss-47

    kriss-47 Private E-2

    kriss-47, Aug 7, 2008
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The logs you uploaded are not showing any malware ....have you tried running MGTools in safe mode?
     
    TimW, Aug 7, 2008
    #7
  8. kriss-47

    kriss-47 Private E-2

    Hi,

    Thanks for looking at my logs, are you saying that my computer looks clean Tim.

    In the Read and Run it says to show the HIDDEN files do i now HIDE them again.

    I haven't tried to run MGools in safe mode, It all makes me very nervous, I will try today to scan it again today.

    Kind Regards,

    kriss.
     
    kriss-47, Aug 8, 2008
    #8
  9. kriss-47

    kriss-47 Private E-2

    Hi,

    Have uploaded this file from C Drive - hope its the right one

    View attachment MGlogs.zip


    Please let me know what you find.


    kriss.
     
    kriss-47, Aug 8, 2008
    #9
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean.....though you need to install:
    Java Runtime 6

    What exactly are the problems you are having?
     
    TimW, Aug 8, 2008
    #10
  11. kriss-47

    kriss-47 Private E-2

    Hi Tim,
    Thanks for checking my logs for me and no malware (quite shocked)

    You ask me what the problems are with my computer - My computer runs really, really slow and when its scanning it almost comes to a halt and its impossible to do anything else and it takes a good couple of hours to do the AVG one on a daily basis.

    The other thing that freaked me out was last sunday when Messenger Antispy.net signed itself in to my offline contacts deleted a contact that was online at the time, saying that this person had deleted me, then someone i don't know signs in to my account and then they disappear and my contact is Back, so he hadn't deleted me at all. I hope you understood all of that. lol

    Just one more question do i need to hide the files again re - READ & RUN instructions.

    Regards,

    kriss.
     
    kriss-47, Aug 9, 2008
    #11
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I would first suggest that you change your passwords....and address the slowness in the software forum. :)
    Though with AVG ...that may not be unusual depending on factors such as amount of ram, how recently you defraged the drive and the amount of files you are scanning. Avg is not a fast scanner.

    If you are not having any other malware problems, it is time to do our final steps:
     
    TimW, Aug 9, 2008
    #12
  13. kriss-47

    kriss-47 Private E-2

    Hello, As you know I have done all the read and run etc, but today i noticed that my homepage browser emblem is different, I am with virgin media and it should be a red V, but it has a big J instead, and on your page it says majorgeeks but the browser has Travel Republics sign/emblem at the beggining instead. they are all mixed up.

    I have another user account and on that all the emblems are correct

    I am running a Malware scan at the moment, but as yet its found nothing.

    On the SuperAntispy programme that i downloaded, on install it asked if i wanted them to protect the homepage and i said ok (ticked the relevant box) although i have deleted now as per theHe instructions. Would that have any bearing on it.

    Any info really appreciated.

    Regards,

    kriss.
     
    Last edited: Aug 11, 2008
    kriss-47, Aug 11, 2008
    #13
  14. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    It may have affected it ...but so could Spybot or other protection programs.

    Attach the MWB's log when it is finished.
     
    TimW, Aug 11, 2008
    #14
  15. kriss-47

    kriss-47 Private E-2

    kriss-47, Aug 12, 2008
    #15
  16. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This is a new one on me ....have you cleared your browser cache?

    Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

    NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

    * Double-click ATF-Cleaner.exe to run the program.
    * Under Main choose: Select All
    * Click the Empty Selected button.

    If you use Firefox browser

    * Click Firefox at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    * Click Opera at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main ATF Cleaner menu to close the program.
     
    TimW, Aug 12, 2008
    #16
  17. kriss-47

    kriss-47 Private E-2

    Hi,

    I cleared all cookies and temp files this afternoon and then rebooted and it appears to be ok, although i can't make out the emblem on majorgeeks, it still looks different .

    Was the log clean Tim ?

    kriss
     
    kriss-47, Aug 12, 2008
    #17
  18. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes the logs are clean.....perhaps you should take this problem up in the software section. :(

    If you are not having any other malware problems, it is time to do our final steps:
     
    TimW, Aug 12, 2008
    #18
  19. kriss-47

    kriss-47 Private E-2

    Hi Tim,
    where do i find the mgools folders, are they in C Drive and do i delete the whole folder ?
     
    kriss-47, Aug 14, 2008
    #19
  20. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes....it is on the C:\drive...and you can delete the whole folder.
     
    TimW, Aug 14, 2008
    #20

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds