Please help with malware & virus

Discussion in 'Malware Help (A Specialist Will Reply)' started by scottvstn, Oct 31, 2007.

  1. scottvstn

    scottvstn Private E-2

    I am trying to help a friend get rid of spyware & virus on his computer. I have done all the step as you have outlined. He still seem to have just the internet running extreme slow, really slow. his computer had the following things on it:

    fakealert
    win32.trojandownloader
    give4free browser plug-in
    kazaa p2p program
    morpheus p2p program
    my websearch toolbar
    altnet p2p networking low risk adware
    weatherbug low risk adware

    I believe I have removed all of them. i cant seem to run panda online scanner. since the internet is so slow i am posting the files you request with my intel mac. i want to thank all that help in advance.

    God Bless our Troops
    Scott
     

    Attached Files:

    scottvstn, Oct 31, 2007
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Have your friend use add/remove programs to uninstall:
    Java 2 Runtime Environment, SE v1.4.2_03
    MarketResearch
    Search Assis
    Viewpoint Media Player
    Either BitDefender or Avast
    my websearch toolbar
    give4free browser plug-in

    Then have him properly install HJT ....It should be installed:
    C:\Program Files \HiJackThis\Analyse.exe

    Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

    Then Have him re-run spybot in safe mode and remove what it finds.

    We will then need to see new logs for:
    ShowNew
    GetRunKeys
    HJT
     
    TimW, Oct 31, 2007
    #2
  3. scottvstn

    scottvstn Private E-2

    when i try to run fixme.reg i get the following error:


    cannot import c:\documents and settings\james\pitts\desktop\fixme.reg: The specified file is not a regisrty script. You can only import binary files from within the registry editor.

    when i tried from start/run/regedit i got the following error:


    cannon import c:\documents & settings\james pitts\desktop]fixme.reg: the key selected is invalid

    can you send the file? perhaps i am typing something wrong
     
    scottvstn, Oct 31, 2007
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    TimW, Oct 31, 2007
    #4
  5. scottvstn

    scottvstn Private E-2

    ok, i ran spybot in safe mode and it found nothing. i have run the 3 log programs again from a normal boot. thanks again


    God Bless our Troops
    scott
     

    Attached Files:

    scottvstn, Oct 31, 2007
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You have AVG anti-spyware and counterspy installed but did not provide the logs from them. Am I to assume that they found and deleted the malware?

    Your logs look clean ....but lets reset his IE:

    Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Then have him run:
    ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

    NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

    * Double-click ATF-Cleaner.exe to run the program.
    * Under Main choose: Select All
    * Click the Empty Selected button.

    If you use Firefox browser

    * Click Firefox at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    * Click Opera at the top and choose: Select All
    * Click the Empty Selected button.
    o NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main ATF Cleaner menu to close the program.

    Let me know how things are running.
     
    TimW, Nov 1, 2007
    #6
  7. scottvstn

    scottvstn Private E-2

    ok, i ran those things. if i use ie explore it is really really slow. when using msn explore it seems to run just fine. any ideas what is wrong. also spy sweeper seems to always be blocking sites in a pop up window.

    God Bless our Troops
    scott
     
    scottvstn, Nov 1, 2007
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Let me repeat myself:
    Please attach a log from one or the other ...as you do not need to have both installed!
     
    TimW, Nov 2, 2007
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds