Just another noob with another problem

Status
Not open for further replies.
I would like to get to know this site and people, but I am afraid I have a pretty big crisis on my hands. I am going to provide as much information about it as possible. I have done some research and found out I have a malware virus, as well as adware trojans and crap too.

First of all, my name is Christopher M. Scott, Chris for short, Scottie Daddy to prevent confusion amongst the other Chris's in the world. There is only 1 Scottie Daddy :D

OK, anyways, here are some of the problems I am having:

1. c:\windows\system32\xwusuhzh.exe This little booger has disabled my task manager. When I hit ctrl+alt+del it says the administrator is preventing me from opening it. I AM the admin! I also can't open it by any other means... task manager is off limits to me... which sucks.

2. Everytime I restart the computer, it is automatically waiting on me... Notepad has to close b/c "Microsoft" says it is unsafe. Which means I can't manually change the value of programs, and I can't get a textable log from Hijack This! Notepad is not functional at all....

3. When I am on Google.com (my homepage) and I type "xwusuhzh.exe" so I can obtain information, and the list is populated, I click on the link, and thanks to a "TrojanDownloader.XS" I am re-directed to other sites. Stuff like yahoo jobs, and other search engines. Pretty annoying... I can however copy and paste the address into a new browser window, so, that's at least good... ?

4. I download and ran, in safe mode, SmitFraudFix. It would get to the point of deleting the Temp folder, then say another program is using the Temp folder so it CAN'T delete it, and then it restarts. It never disk cleans... it actually doesn't do anything.

There is more to go on, but, I have over 30 gigs of crap on here, never backed up (stupid me, I know) limited CD-Rs, I am poor, so a manual way to remove this crap would be prefered over buying a Microcrap anti-spyware program for $$$ I don't have...

If someone would help, I would be greatly appreciated. Some other files on my computer which were deemed "bad" are located in the c\windows\ folder:
editpad.exe
msconfd.dll
quicken.exe
iedll.exe
internet.exe
mssys.exe
msupdate.exe
notepad32.exe
svchost32.exe
window.exe
win64.exe


Everytime I delete a file, it is spawned again... and if I can't delete it it's b/c it is ran by another program, which I am assuming is the virus.


Anyways, please help. I am not totally noobified when it comes to computers, but keep in mind I only hung w/ Windows 95, then switched to Windows 98 (hard choice) in 2003, which once I got 98 my computer crashed. Since then, I haven't been online for 4 years, got 2 kids, full-time job, and all the stress life brings with it. I do have an Everex computer (I've never heard of it, came from Wal-Mart... wedding gift...) with Windows XP... AMD 64 Athlon processor, like 2 GHz I believe... argh, this is frustrating, I can't even think straight. Talk to me like I am a complete ******* noob :(
 
Have you tried running it in safe mode?

Also turn off your System Restore.

WIthout the ability to run HJT I am not sure what you can do. I would say reformat but I am sure there is a way you can get out of it.
 
Try this then:

Start
Run
Enter 'cmd /k' (no quotes)
Enter 'cd\' (will get you the C:\ prompt)
Enter 'cd\windows\system32\'
Enter 'dir /w'
If you can see the item, Enter 'erase xwusuhzh.exe '
 
This is a rootkit problem that can't be removed by deleting that one file.

It is more than likely attached itself to the Userinit value, which specifies what program should be launched right after a user logs into Windows.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon ->under the value Userinit.

-----------------------------------------------------------------------

Attach a Hijackthis log here and we can go from there.
 
Status
Not open for further replies.
Back