please help, my computer has the bird flu

Hello there,

Stumbled accross this forum when looking for a solution to my computers infection. I have done all the required tests. Attached is the files.
any help would be much appreciated.

 

The filesize of the Activescan log is to big to attach, so ive split it into 3 files.

 

Welcome to MajorGeeks.com!

Please see the below thread on how to install and run Spy Sweeper.

• Running Spy Sweeper...

 

ok ive installed spy sweeper & its still infected

 

Did you update the definitions? Did you run a full sweep and remove found infections? Where are the requested logs?

 

found the culpret..

a program called spy falcon, trying to get me to buy their product to solve its self created problem which probably wasnt actually there to begin with.

none of the standard anti spyware programs removed it, spybot found it but couldnt remove.

went to this link http://www.spyware-removal-guideline.com/spyfalcon-removal

solved the problem... removed spy falcon, removed the regestry key that was regenerating the program at startup.

thanks for your time though, hijack this gave me a good start and solved a few other niggly problems i had in the background.

 

I can't provide you with assistance if you don't do what I request. You still have not attached the logs I requested nor answered my questions in my previous post. You have more problems than just that program. If you want to clean all of those do what I request.

I need the Spy Sweeper log with a fresh HJT log.

 

ok i've done that, and yes i did update the definitions & removed the found infections

 

Please look in Add/Remove Programs for the following and uninstall them if found:

Spy Sweeper

Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)

O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing)
O23 - Service: AntiVir Update Temp (TmpUpSrv) - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\_VWUPSRV.EXE (file missing)

Again, make sure ALL browser windows are closed when you click FIX.

NOW:
Click Start > Run > type services.msc and Click OK

Locate Local Security Authority Subsystem Service (lsass) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

Locate AntiVir Update Temp (TmpUpSrv) and RightClick on it to bring up the Service Properties Window.
First: Stop the service by clicking the Stop Button.
Next: Disable it by changing the Startup Type to Disabled and click Apply

Next, run CCleaner to clean up cookies and temp files.

Finally, I would like you to flush your System Restore points. Please follow the instructions in the below:

• Disable and Re-enable System Restore
  
  
• Turn OFF System Restore to flush any bad Restore Points.
  
  
• Then, follow the instructions at the bottom of the linked page to Re-enable the Restore Utility which will create a fresh restore point.

After you complete the above reboot once more and then scan with HijackThis and attach the new log.

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

I followed your instructions, the Local Security Authority Subsystem Service was already stopped when i checked the properties, the same went for the AntiVir Update Temp. So i just continued as per your instructions.

Things are running much better now.

 

Your HJT log looks good, you must now get updated to prevent re-infection.

Please download and install the below update.

Windows XP Service Pack 2

After you install this update, surf in to Windows Updates and get all available critical updates then see the thread below.

How to Protect yourself from malware!

 

thankyou very much

heres a six pack of local NZ beer.

http://www.mauricebennett.co.nz/images/six pack image.jpg

now i can get back to writing music instead of fighting malware

 

Thanks, I need these right now!!

You’re Welcome! Be sure you get your OS updated or else you continuous problems with malware.