Re: Trojan-Win.32 problems

---

• From: Malke <malke@xxxxxxxxxxxxxxx>
• Date: Tue, 21 Oct 2008 05:22:22 -0700

---

jenjo200 wrote:

First a disclaimer: I'm computer illiterate, so please talk to me like I'm
a neanderthal.

That being said, I've reviewed the posts from September 18th for this
spyware pop-up, but they aren't helping me. I cannot access the
recommended website to post my Hijack log. I don't know if the Trojan
spyware is preventing me from doing so or what. I could really use some
step by step assistance to walk me through this. If anyone could help me,
I'd greatly appreciate it.

In addition to the flashing yellow triangle and the pop-up System alert
warning, I also get a window trying to direct me to download spyware
software from "Windows". I am smart enough to know not to do so, but how
do I get rid of the pop-ups? I have AdAware, which is not detecting it.
I've read things telling me to manually delete the msmsg folders, but
those look like Microsoft messenger and system folders and I'm afraid to
do so. This thing appears to have deleted my homepage info as well.

Being that I'm a computer moron, would you recommend I go to a
professional, or is this something that I can do on my own?

You must get the needed tools/updates from a different, known-clean
computer. You must post your HJT log on one of the specialty forums from a
different, known-clean computer. The infected one should be off the
Internet and any Local Area Network anyway.

I'll give you my standard "rogue malware" reply but as that says - there is
no shame in admitting this isn't your cup of tea. We all have our areas of
expertise. And yes, I think you should probably take your computer to a
professional based on what you wrote above, but of course that's your
choice.
*****
Your system is infected with a rogue antivirus program. It is called "rogue"
because it pretends to be A Good Guy but is really Evil. Do not pay them!

Because you didn't give me the name of the program that is trying to get you
to buy it, I can't point you to specific removal steps. Look for them here:

Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html
or here Malwarebytes malware removal guides - http://tinyurl.com/5xrpft

If you are infected with XP Antivirus or Antivirus 2009/10, here are removal
steps:

http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009
http://www.bleepingcomputer.com/forums/topic154529.html (earlier versions)

Removal instructions for Antivirus 2010:
http://www.malwarebytes.org/forums/index.php?showtopic=6703

Removal instructions for Antivirus 2009:
http://www.malwarebytes.org/forums/index.php?showtopic=5178

These may work for you and all may be well. However, in many cases the
computer will also be infected with Zlob and/or Vundo trojans and protected
by a rootkit. These machines are extremely difficult to clean.

If your machine is one of these cases, either get guided help at one of the
specialty forums below OR back up your data and do a clean install of
Windows. It is your choice. If you are unsure how to back up your data or
how to do a clean install, you can take your machine to a local computer
professional. I don't recommend using BigComputerStore/GeekSquad types of
places.

PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS.

http://aumha.org/downloads/hijackthis.zip
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and
the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5
http://forums.techguy.org/54-security/
http://forums.tomcoyote.org/
http://www.thespykiller.co.uk/index.php?board=3.0
http://forums.subratam.org/index.php?showforum=7

Malke
--
MS-MVP
Elephant Boy Computers - Don't Panic!
FAQ - http://www.elephantboycomputers.com/#FAQ

.

---

• References:
  • Trojan-Win.32 problems
    • From: jenjo200

• Prev by Date: Trojan-Win.32 problems
• Next by Date: Re: Trojan-Win.32 problems
• Previous by thread: Trojan-Win.32 problems
• Next by thread: Re: Trojan-Win.32 problems
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Mystery process ... > I also tried a system restore, but can't do a restore either. ... > online virus scan at one of the following sites: ... Some other applications to try for ANTIVIRUS and SPYWARE elimination can be ... (microsoft.public.windowsxp.perform_maintain) Re: Installation Problem ... So tried to reinstall Windoze, ... The problem is that whoever d/led Antivirus 2008 doesn't have a clue: ... reports 47 of the 147 or so pieces of spyware that it introduced onto the ... costs you time and money getting rid of it when it nauses up your system as ... (uk.comp.homebuilt) Re: Viruses, spyware etc ... > various spyware software will not go away. ... My list for AntiVirus and AntiSpyware follows: ... (Free Online Scanner: http://www.pandasoftware.com/activescan/) ... (microsoft.public.windowsxp.newusers) Re: Help!!! Buffer overrun error on Server 2003 running Exchange ... "The error is a pop-up box, ... but I doubt it is viral or spyware. ... The only event log ... the server started getting hammered with ... (microsoft.public.exchange.connectivity) Re: Installation Problem ... She also mentioned that Antivirus 2008 ... was saying there was 47 pieces of spyware on the PC but it needed ... The only free lunch is in a mousetrap - And you've been caught! ... As to trying to use a computer at little or no cost, ... (uk.comp.homebuilt)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)