Please Help if possible

[Oreo410]

I dont know to much about hijack log files or what you guys call them, but from reading all thes posts and trying to fix my own problem, I seem to have made it worse. Im am uncertain what to do but here is a log file from ad-aware, I dont know where these files came from but here they are:

Im not sure what to post but, i cant seem to post the whole thing seeing how its too long.

 

[howard_hopkinso]

Hello and welcome to Techspot.

Click start/run and type msconfig into the run box and press the enter key. When the window appears, click on the General tab and tick the normal startup button. Click apply/ok. You will be prompted to restart your computer. Once your computer has restarted, you will see a windows that says you have used msconfig to make changes etc. Tick the little box that says not to run msconfig the next time you start your computer.

Go and read this thread HERE and post a HJT log as an attachment into this thread.

Regards Howard :wave: :wave:

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

reply

Here is my log file, hopefully this helps. Sorry about posting my log i had no idea not to, but thank you for doing so. just for reference, i didnt get asked if i wanted msconfig to run again when my computer restarted.

 

[howard_hopkinso]

Your system is infected with some real nasties, including a rootkit infection.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

Let me know how you wish to proceed.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Help

Im not sure how to confront this problem, because i use my computer at work, i place orders all day, i think i really need some guidance on what to do, i dont know if re-installing is an option. From what you posted, im guessing there is no way to get rid of what of the infection?

 

[howard_hopkinso]

We can get rid of the infections, but Sensitive information from your computer may have already been sent to a third party.

However, it`s up to you how you wish to proceed. I can clean your system, but I can`t guarantee the safety of your computers sensitive info. It has to be your decision whether to clean or reformat.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Thank You

That is good news, I don't have any sensative info that can be sent, atleast I don't think, because I can replace my computer no problem, I just don't know how to reinstall this one program on my comoputer seeing how its shared amoungst other computers, but were not all linked together, we just use the same program. If you have any advice please help.

 

[howard_hopkinso]

Ok, no problem.

Go HERE and follow the instructions for getting rid of ntsystem.exe.

Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Im Not Sure

Ok i tried to download the first file, but when i try to unzip, i get this message The Compressed (zipped) Folder is invalid or corrupted. when i look in the folder there isnt annything to unzip anyhow.

 

[howard_hopkinso]

I suggest you redownload another copy of Regrun Reanimator and see if it`s ok this time. Remember to follow the instructions carefully.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Ummm

Well thanks for the help, but i just cant seem to do it. Ive downloaded the file atleast 20 times, and i still get the message. Thanks for trying

 

[howard_hopkinso]

I have downloded the Regrun reanimator software and it extracts just fine on my system.

Unfortunately, that`s the only fix I know for that particular infection. That being the case and the fact that you can`t seem to get hold of the software required, there`s only two things you can do. Either get a friend to download the software for you, or you can IM me(details in my profile) and I`ll send you the files you need. Failing that, you`re looking at a reformat in order to clean your system.

Let me know what you wish to do.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

not sure

Im not too sure what wrong with that file or what the problem is, but i tried to download it from my co-workers computer and it didnt work, same problem, next thing im going to try and download it on my computer at home. If that doesnt work im going to have to do the IM. but intell then im going to have to wait. but thanks very much for the help. i probably wont be able to get to it for a couple days.

 

[howard_hopkinso]

Thats absolutely no problem. If you have any problems, I`ll be happy to send you the file via Yahoo Messenger.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Well I really havent had time to try it on my computer, but I was wondering if you possibly knew anywhere to download the reanimator file anywhere except from there site, cause everytime i seem to download it, it just always says the error message.

 

[howard_hopkinso]

Ok, try this link HERE.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Your the best man, it worked right away, but now im stuck again for some reason.

It tells me to find the ntsystem.rnr, but i dont cant seem to find it anywhere, or have any idea what it is. please help

 

[howard_hopkinso]

The ntsystem.rnr file is missing from the version you downloaded. I have therefore attached the file in a zip folder. You will need to save the file to the same place as the Regrun Reanimator software and follow the instructions on the website.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Ok well here it is, I did every little install and what not and saved all my log files, im not sure if i did anything but hopefully you will be able to tell me. here they are

And here is my HIjack log, for some reason it wouldnt let me add all three at once.

 

[howard_hopkinso]

Your HJT log is now clean.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

I just wanted to say thank you howard, you are the man. I do have a problem i think, right after i posted the previous post, i used ad-aware to search for potential unwanted files, and i still got 3 files that it found, any idea why?

 

[howard_hopkinso]

A lot depends on what files Ad-Aware found. Can you give me a list of what was found?

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Ok here it is, well i saw your post after i had deleted the files, but did a new scan the next day and came up with 10 more, here is the log

 

[howard_hopkinso]

All those file are just tracking cookies and are nothing to be overly concened about.

If you download and run Firefox, instead of IE, you`ll get a lot less tracking cookies.

I also recommend you download and run the Ccleaner programme as per the instructions in this thread HERE.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of Oreo410 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Oreo410]

Im not sure if you know what this is, but i thought id give it a shot. I went to add remove programs, to see if there was anything i didnt know about, and of course, there was, so i saw yahoo toolbar, and i realized i didnt put it there, so i deleted, and it put this malacious software on my computer, well thats what mcaffee said, so ran my progs, AVG, then CClean, then ad-aware, found something but you can check my log cause i dont know, then i ran the hijack. so here they are.