I have a lot of viruses, can someone help me to remove them?

By alejandrobadill
Apr 12, 2010
  1. i been runing super antispyware and malwarebytes anti malware, but they keep coming i dont know wath else to do. i have my logs already, can someone please help me wath to do, oh i dont have my malwarebytes anti-malware log because the viruses didnt alow me to run that program. thats how bad it is.

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    The most likely reason you have viruses is because you aren't running an antivirus program. You have the AVG anitspyware and the Symantec link-connect, but no AV. You need to handle that first:
    Both of the following programs are free and known to be good: Install one of them:
    Avira Free
    Avast Home
    So I'm not sure how you even know you have viruses.

    The most obvious sign of malware infection I see is in the HijackThis log:
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,

    It is a variant of the Mal/Zbot-I malware.This programs starts by appending itself to the Userinit registry
    Startup Type. After you have installed an antivirus program on the system and rebooted, please run the following:
    Please download ComboFix HERE:
    • With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

      Important! Save the renamed download to your desktop.
    • Please disable all security programs, such as antiviruses, antispywares, and firewalls.
    • Double click on the setup file on the desktop to run
    • If prompted to download and install the Recovery Console, please do so.
      (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
    • If prompted to update, please allow.
    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.

    • 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
      2. ComboFix may reset a number of Internet Explorer's settings.
      3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security.
      4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run.
    Then Run Eset NOD32 Online AntiVirus Scanner HERE
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the Active X control to install
    • Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    • Click Start
    • Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    • Click Scan
    • Wait for the scan to finish
    • Re-enable your Antivirus software.
    • A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    Please leave the Combofix report and Eset scan logs in next reply
  3. alejandrobadill

    alejandrobadill TS Rookie Topic Starter Posts: 42

    ok i did all the steps you told me.

    i downloaded avast antivirus program, and runed it, and downloaded combo fix, and runed it and i downloaded eset online scanner and i runeed it. i dont see any viruses poping out of my screen but i might still have you . after all you are the expert. well here the logs of combo fix, hijack this and eset online. for some reason i cant upload the eset log. i have it saved . i find it wen i click manage attachments on this reply but i click browse, i select it and i click upload but it dosent gets aded to this message. well hopefully this logs will help you.

    Attached Files:

  4. alejandrobadill

    alejandrobadill TS Rookie Topic Starter Posts: 42

    Here is the combo fix log.

    I forgot to put this log on my last reply. So now you have combo fix in this reply, eset online and hijack this on the previous one.

    Attached Files:

  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I will finish checking the logs and take action first thing in the morning. Your computer has been badly infected and there are still quite a few entries to be removed.

    Please do not run any other cleaning or scanning programs. Don't use a Registry cleaner or make any changes in the Registry.

    Try not to download, install or uninstall anything until tomorrow. I need to work with the information in the logs as it is. Thanks for your patience- it's been a very long day!:)
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    P2P or 'file sharing Warning:
    You are running Warez P2P, a Peer-to-Peer (P2P) file-swapper [known to have spyware or other unwanted parasites bundled into it) You are also using LimeWire. I highly recommend uninstalling both of them for the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.

    Note: Even if you are using a "safe" P2P program, it is only the program that is safe.
    Please read the information on P2P Warning to help you better understand these dangers.

    To uninstall Warez P2P, Go to Start -> Settings -> Control Panel -> Add or Remove Programs and uninstall:
    Warez P2P
    Follow the same path for LimeWire.
    If you chose to uninstall Warez P2P and LimeWire, using Windows Explorer, delete it's program folder:
    C:\Program Files\Warez P2P Client
    C:\Program Files\LimeWire.

    I think you malware infections you have and the large number of files that are infected is due to the use of these file sharing networks and programs. As long as they are actively running, the malware will continue infecting the system. Continued support will depend on the removal of these programs.
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Due to inactivity, thread is being closed. If you need it reopened, please send a PM to your helper.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...