Ok, I've tried everything. Sick virus. Help.

I did everything from safe mode to disc defragmenting to online virus protectors. Whatever the faq said I've tried. Whenever I tried to use an online virus remover I get an error and it closes the internet window. The same happens with the virus and spyware killing programs I have. I've tried the ways to get it to be fixed, but to no avail. I have atleast 10 spyware removers on my computer now. Here is my hijack this log. Does any of this look funny?

What could be there problem?? I'm so sad.

http://www.techspot.com/vb/topic58138.html

First off, read the link above and follow the instructions exactly.

BTW, Wlcome to Techspot!

Hello and welcome to Techspot.

Your system is infected with a rootkit.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Download and run the Blacklight programme. follow all the instructions carefully.

Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of halo71 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Thanks a lot guys. I tried this out, and I did the backlight to find a hidden file. Does that mean the hidden file is gone? The second part took forever. I don't know if the horror is over yet. AVG ran through and got 43 threats and destroyed them without freezing. Here is my HJT log. I think all may be ok now?

You have not attached an AVG Antispyware log as requested. Please do so in your next reply.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINDOWS\system32\ToolBand.dll/MENUSEARCH.HTM

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe (file missing)

O15 - Trusted Zone: *.line6.net

O17 - HKLM\System\CCS\Services\Tcpip\..\{CF498831-840E-46F4-89D8-31A41780600C}: NameServer = 85.255.114.13,85.255.112.78

O17 - HKLM\System\CCS\Services\Tcpip\..\{DF8BFA9E-4DA1-4A8B-A2B4-B10943FCF8C8}: NameServer = 85.255.114.13,85.255.112.78

O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6F573D-0634-4410-B1B0-A67F9EE6F49C}: NameServer = 85.255.114.13,85.255.112.78

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.13 85.255.112.78

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.13 85.255.112.78

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.13 85.255.112.78

Click on the fix checked button.

Close HJT and reboot your system.

Post a fresh HJT log as well as an AVG Antispyware log.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

My new hijack this log. My AVG antispyware log the second time through after I did one and cleared all I could with it. Is this all I need to post? You guys are my saviors. Thanks.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Delete all files in AVG Antispyware quarantine.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

SpyMarshal

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

SpyMarshal.exe
Uninstall.exe

Close task manager.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\SpyMarshal<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Turn off system restore.(XP/ME only) See how HERE.

Now turn system restore back on. This will clear out your old restore points and anything nasty that`s in them. It will also create a new, clean restore point.

Post fresh HJT and AVG Antispyware logs.

Let me know how your system is running.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Well I did this, but I could not find spymarshal anwhere in my add remove programs or task mannager. Also I couuld not find the unistall.exe. I did delete spymarshal.exe 's folder, but it seems it's still on my computer after the AVG antispyware check.

Your HJT log is clean.

Delete all files in AVG Antispyware quarantine.

Turn off system restore.(XP/ME only) See how HERE.

Turn on system restore.

Reboot your system.

Once you`ve done the above, you should be good to go.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Well, I have one thing. I think I missed something, but now when I run my virus programs or run the online virus scanner it either shuts off automatically or freezes.

Also, a family member of mine got an email that I didn't send that was just a bunch of jibberish such as, "aasfj92331a" for an entire page. Is this related to spam?

It`s strange that you can`t run an antivirus scan. Please post a fresh HJT log.

The email was either spam or possibly a virus of some description.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Here is my HJT log. I hope it's ok.

Your HJT log is clean.

The reason your having problems with your antivirus programme, is because you`re running AVG and Avast at the same time. This is not recommended, will slow your system down and can as you`ve just found out, cause conflicts.

Uninstall one of your antivirus programmes.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

I have ad aware and AVG anti-spyware. Does that matteR? AVG automatically shuts down and ad aware freezes.

I`m not talking about antispyware programmes such as Ad-Aware and AVG Antispyware. I`m talking about the fact you have AVG free antivirus and Avast antivirus programmes running on your system. You should only have one antivirus programme on your system.

You need to uninstall either AVAST antivirus or AVG free antivirus.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Oh, I apologize. I forgot to mention that I uninstalled Avast, then all of this happened.

Please post a fresh HJT log, as your last log showed Avast as still running.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

Ta da! Thank you.

Your HJT log is absolutely fine.

Try uninstalling and reinstalling the AVG free antivirus programme. In fact, after you`ve uninstalled it, redownload it from HERE, then reinstall it.

Let me know if you still have problems.

Regards Howard

This thread is for the use of Sad Panda only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.