Registry/Audio/Trojan/=Enigma/InJeopardy!

[Xfactor]

Amatuer Here,
A couple days ago I tried to Download a Codec Device to play some videos. Thats when sometime later, I noticed the first symptoms of problems.

Tryin to explain this as thorughly as possible, in chronological order, I first noticed my computer came to a crawl, which of course, prompted me to run a Virus scan(Live One Care.) (1).Once scanning was In progress, the program unchararestically came to a Abrupt crawl. In Addition to this, A runkey was placed in my tray(2).(AdWare Remover 2007) saying my computer was Infected, and that I needed to run a Virus scan?

Upon further Analysis, I naturally tried to Remove the Adware Remover 2007, from Add/Remove programs, which of course was unsuccessful. I did However, manage to Uninstall just about everything BUT, the Infiltrated Adware Remover. Which is now(to what I believe) an Isolated problem(s) that I have.


OTHER PROBLEMS:

NOTE: I have Not been able to Determine the Reasons for the other problems, because I'm not sure what I did or did'nt Uninstall?

1. My Windows Registry Repair Pro has vanished without a trace!?!

2. My Desktop tab in settings has vanished without a trace, as well?!?

3. I Now, have no sound! No "Audio Device connected" which is NOW dimmed(grey) and Inaccessable. In the Device manager there is a yellow question mark next to Multi-Media Audio Controller.

4. Sometimes upon start up, it directs me into the BIOS screen????

Upon trying to fix these problem I have possibly made matters worse. For example, I tried to Download a Driver for my sound (took a educated chance)(I know stupid move) and when finished Installing. My computer went into a series of "error beep codes" (I also have a exclamation mark, along with a question mark NOW)

Fortunately, I did a Systems Restore for the previous day, and that seemed to control or fix the problem. Still have exclamation mark, However.
Should I re-install/Uninstall Driver????

I also found a "TOOL" called "SmitFradFIX" that I Naturaly used in Safe Mode and was able to Repair my Desk top settings.......Horaaaay!

PLEASE HELP!!!

___________________________________-

1.After some time, I eventually completed a scan(s) and was able to detect a couple Trojans along with SpySheriff.

2. As of we speak, Adware Remove 2007, is STILL on my computer, but is now in "All Programs" Ive put the computer IN Selective Startup, So I dont have to See it everytime I Re-boot. Note: Is their a possibility this the reason for the disappearence for Windows Registry Repair Pro?????

SYSTEM:
Windows XP service P2
Motherboard: Phoenix Award.

 

[howard_hopkinso]

Hello and welcome to Techspot.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

Also, let me know the results of the Panda Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Whadyathink?

Hello Howard,
Thankyou for the Quick Response.

I have limited knowledge about computers, so Im not exactly sure what I should do next?
I do know however, I dont have online banking or anykind of sensitive material of anything like that.
I feel a good clensing should be sufficient. Should I begin to attempt, the 15 step cleaning process?

 

[Rik]

Yup, the sooner you get started the sooner you will finish.



This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[howard_hopkinso]

Yes, as rik said, the sooner you start, the sooner you`ll finish.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Little help....lol

Hello all,
I would like to do a double check here before proceeding to step8.

A couple questions?

1. I had a little confusion, about creating a new folder.Note: I downloaded HJT about 5 days ago, would this be a issue?

2. How I can I verify this was downloaded to my desktop? Or can I?

3.When I pushed the delete key the folder vanished. Is that normal?

4. I couldnt ascertain or not I successfully downloaded this to my file. Nothing happened.

1A. The spybot wizard is asking me about a Registry back?

2A. What is the teatimer ? I saw nothing about this.

Should I start over. Because I have I lot better feel for it now.
Hope this process isnt irrepraible.

 

[howard_hopkinso]

Yes, start over from step1. Delete all previous versions of HJT.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Newbie,in training

Yes, start over from step1. Delete all previous versions of HJT.

Dear Howard,

It my Intention to ask you the least amount of Questions as possible! I realize this is not your problem. I am grateful for any, and all help you give me. If any at all.

I cant seem to get hi-jack this into its own folder? When I click HERE in step 4, it automatically starts to run, then a little pop-up window says hi-jack this, is already running in a temp folder, in effect, activating the main menu(in screen in HJT)

Ive tried to Delete previous versions of HJT. BUT where and how?

 

[howard_hopkinso]

Do a search of your system and delete all other versions of HijackThis, including any folders you may have made for it.

Since you`re having so much trouble, click the link below.

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

This will download the HijackThis installer. Run the installer and it will automatically place HJT in C:\program Files\Trendmicro\Hijackthis

Then follow the instructions in step5 for renaming Hijackthis.exe.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

OK,Thankyou

Crusty.exe has its own folder on my desktop.

1.Theres is also the Hi-jackthis Icon on my desktop as well. Should I delete that?

2. Is it okay that windows live one care is still active? NO means, I should disable or uninstall!

1. yes or no

2. yes or no

 

[howard_hopkinso]

Delete the HijackThis icon on your desktop.

You should disable Windows Live One Care.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Ignore last problem

Step 10:

When I download SmitFraudfix, theres a Red screen Saying Reboot file.exe missing.????

 

[howard_hopkinso]

Ok, skip Smitfraudfix for now and continue with the rest of the instructions.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Step13

OH Boy....lol

No Root KIt infections found.

Panda 2007. Alertad me in apopup window! Should I be concerned? Should I Disable this Program to? Thankyou for your support Howard. I understand Im doing this at my own risk!

 

[howard_hopkinso]

Panda2007 alerted you to what?

Should I Disable this Program to?

Disable which programme?

I can`t give advice, if you don`t explain properly.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Step 14

Panda2007 alerted you to what?



Panda 2007, Automatic protection, Recommended me to Re-install the communications library! Should I disable all my Anti-spyware programs? Or just the ones one the list?


IS Adware 2007, Adware personal SE ?

 

[howard_hopkinso]

In that case, reinstall the communications library.

Just disable the ones on the list.

We`re now on post#17, including this one, and I haven`t seen a single log file yet. How much further do you have to go, before you`ve finished the instructions?

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

Sorry Howard, Almost There! This is all new to me! And Scary! Ill get those logs as soon as I can guy, & Thankyou!

 

[howard_hopkinso]

Ok mate, no worries.

Only once I`ve seen your log files, can I advise you on what needs to be done next.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

I thought youd never ask.....lol/kiddin!

My current status/progress is Ive already booted in safe mode a couple hours ago and ran SSD AVG with the open files "of course" NOTE: I had problems opening Adware '07 IS THIS the SE version?????????

IM currently in normal mode "of course" with my hidden files still exposed????

Im gettin ready to go back into safe and re scan pending I JUST saw step 14...lol

Note: on my last scans I found nothing but a Cookie. This is probably because out of frustration last nite, I went ahead and ran the scans and found/detected a S.LOAD of stuff.

 

[howard_hopkinso]

Yes, that`s the SE version.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Rik]

I personally have never know it to take this many posts just to get the logs!



This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[howard_hopkinso]

Nope, me neither mate

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Xfactor]

I personally have never know it to take this many posts just to get the logs!



I just learned how to copy and paste two weeks ago! Im only familar with this message board beacause I post over @ Blackjackinfo.com(jj) which is formatted the same way. Personally, most people I know dont even know how to use a computer. NEWBIE, IN TRAINING..

 

[howard_hopkinso]

I know what you`re saying Xfactor, but it does get a little frustrating from our point of view sometimes.

I tried to make the instructions as ***** proof as I could. Maybe I didn`t do such a good job of it lol.

Regards Howard

This thread is for the use of Xfactor only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.