Thanks for being so patient.
Hello and welcome to TSF
Please ensure that Windows is patched against the WMF exploit. This is a dangerous vulnerability that opens the door to multiple infections. Visit
Window's Update to get the KB912919 patch.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Please print out or copy this page to
Notepad in order to assist you when carrying out the following instructions.
Go to
My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the
Hide protected operating system files option.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
You have multiple antivirus programs installed on your system. This can and will lead to conflicts on your system. Therefore you should only keep one (1) antivirus program on your system and remove/uninstall the rest. It will be YOUR decision as to which antivirus to keep and which one(s) to remove.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).
Go into Hijack This->Config->Misc. Tools->Open process manager. Select the following and click
“Kill process” for each one
(If they still exist)(You must kill them one at a time).
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs:
MessengerPlus! 3
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Open Hijack This and click on Scan. Check the following entries
(make sure you do not miss any)
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
Please remember to close all other windows, including browsers then click Fix checked.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Delete the following Files indicated in
RED and Folders indicated in
BLUE if they still exist.
C:\Program Files\MessengerPlus! 3
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Reboot your system in Normal Mode.
Perform an online scan with Internet Explorer with
Kaspersky WebScanner
Next Click on
Launch Kaspersky Anti-Virus Web Scanner
You will be prompted to install an ActiveX component from Kaspersky, Click
Yes.
- The program will launch and then begin downloading the latest definition files:
- Once the files have been downloaded click on NEXT
- Now click on Scan Settings
- In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Scan Archives
Scan Mail Bases
- Click OK
- Now under select a target to scan:
- This will program will start and scan your system.
- The scan will take a while so be patient and let it run.
- Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
- Save the file to your desktop.
- Copy and paste that information in your next post.
Take note the names and locations of any file it detects but fails to clean.
* Turn off the real time scanner of any existing antivirus program while performing the online scan
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
In your next post, please include fresh logs from:
- HijackThis Log
- Online Scan
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now.