Regedit already in use

[bballman53187]

Hello all who take the time to read this. I came across the site from browsing the internet on how to fix this and it seems this has been presented before.

My limewire which I haven't really used in a very long time just started opening on its own from startup and keeps reopening regardless of closing it. I was trying to go into regedit to fix this but this has me confused. My hijack log is attached. Thanks in advance,
Joe

EDIT: I also tried running an online virus scan but it automatically closes after a few minutes. I have spywareguard and Microsoft Anti-spyware on the computer and they usually do a pretty good job catching things

 

[howard_hopkinso]

Hello and welcome to Techspot.

I have moved your thread to our Security and the Web forum.

Your system is infected with a variety of nasties.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.

Regards Howard :wave: :wave:

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

Thanks Howard for a really fast response! Question: Can I use my spyware guard? Or should I just use all the reccommended programs?

I'm having trouble running the online virus scan, this was the one I previously tried. After about 10 minutes all of my broswers close. Will the AVG virus detector be sufficient?

Also, while AVG is running it presented 3 files, I pressed heal and all were healed successfully. REGEDIT is now available to me. I will continue the above steps as long as thast internet scan is not needed.

 

[howard_hopkinso]

Your should use the programmes in the instructions. Skip the online scanner for now.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

Alright got everything done besides the online scanner and the new log is attached. Only complaint I have about the system is that it runs a tad slower than it used to. Can I remove most of these programs now that it is done? I'll keep the virus scanner and spyware software but the rest can go right?

heres the new HJT log btw

 

[howard_hopkinso]

Don`t remove anything yet, until I`ve finished cleaning your system.

I need to see the HJT, Combofix and AVG Antispyware logs as requested.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

alright here we go, disregard that last HJT log

 

[howard_hopkinso]

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Delete all files in AVG Antispyware quarantine.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ntvdm.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKCU\..\Run: [Scbu] "C:\WINDOWS\system32\FNTS~1\ntvdm.exe" -vt yazb

O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) - http://wf2dnvr3.webfeat.org/iyn7H1143/url=http://site.ebrary.com/lib/cecybrary/s upport/plugins/ebraryRdr.cab

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\system32\FNTS~1<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Post a fresh HJT log and let me know how your system is running.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

Alright, that one directory wasn't there

new HJT posted

 

[howard_hopkinso]

Your HJT log is now clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all you old restore points and any nasties that are in them. It will also have created a new, clean restore point.

Provided you`re not having any other problems, you should be good to go.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

Thanks a lot! Computer is running great now! So can I uninstall everything now that I am done? I will keep the AVG softwares because they prove useful, and of course HJT. I may be coming back with my girlfriend's computer because her computer is badly infected.

Thanks again for everything!

 

[howard_hopkinso]

Yes, you can uninstall all the tools we have used. Just keep the following. I also suggest you get one of the free firewall programmes in the list of recommended programmes below.

AVG free or Avast antivirus programmes.

Zonealarm or Kerio free firewall programmes.

Spybot Search & Destroy.

Ad-Aware se personal.

Spyware Blaster.

AVG Antispyware.

Ccleaner.

Please feel free to post your girlfriends log files, after following the instructions in this thread HERE.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[bballman53187]

So I was setting some schedulers on my AVG antispyware and making sure it was on for AVG virus scanner too, and I noticed there were 4 items in the vault. All trojans! What exactly does the vault do, because it says they are not healable. I'm attaching a screenshot of it as well. If you need a HJT log it's attached

 

[howard_hopkinso]

Your HJT log is clean.

The virus vault is there for infections that can`t be cleaned. AVG moves them there where they can`t do any damage to your computer. Just delete the files in your AVG virus vault, there`s no real point in keeping them.

Regards Howard

This thread is for the use of bballman53187 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.