Virus hijack - Help I dont know what to do

[shugashayne]

ok, so i was getting trapcode particular off the internet, and like a ***** i download from an anonymous site that i was pretty sure was guna get me a virus, but in dire hope i did it anyways...

so know i have like 100 viruses and trojans and crap...
ill list the "symptoms"
@ Start Up: Windows refresh every 5 seconds
Icons dissapear
Backround disappears
taskbar dissapears
won't run any windows except AIM
ANTIVIRUS 2009 shows up (cleared that up tho)
avast and PC Doctor both say i have Rogue Anti Virus but when i go to the location they stated its no there C:\ProgramFiles\Antivirus

ITs only on my account to

and also when i start up it says HP conncetions.exe is missing '-' the app id seperator
and just recently 3 more error messages showd up but i forgot what they were

I restored my computer but the last restore dates are 10/3/08 (day i got virus...)
and 2\7\2007 (day i got my computer) so i dont want to restore it and lose all the stuff i have

thats my hijackthis log file...
im running on VISTA SP1 Home Premium

 

[tw0rld]

That doesn't look like the full log. However go here; https://www.techspot.com/community/topics/updated-4-step-viruses-spyware-malware-removal-preliminary-instructions.58138/ follow the instructions then return here then post the required logs.

 

[Bobbye]

so know i have like 100 viruses and trojans and crap...

You need to run the full malware cleaning, in the order given and then ATTACH the logs:
https://www.techspot.com/vb/post645589-1.html

When through, see this: How to post your Hijackthis log-file as an ATTACHMENT https://www.techspot.com/vb/topic19133.html

When you rerun HijackThis, please include the entire log in the attachment. The middle section of your log is missing.

I restored my computer

You should not use the System Restore feature when you have malware.

 

[shugashayne]

ok well then i guess i wont ever restore my comp with virus, thanks fer tht

Hokay, lets do this shi*
pwn some viruses YEAH!

here are the 3 logs that the link told meh to do

 

[Bobbye]

ok well then i guess i wont ever restore my comp with virus, thanks fer tht

The reason is because you don't know when the malware got on the system. You may clean some of it out, but the restore points are protected files, so the cleaning programs don't remove any malware from those files. That's why we remove the old restore point when through. If cleaning had started and you use System Restore with malware, the system would get infected- again!

I see that mbam removed some Trojans. Also note in SuperAntispyware that there are 3 different users getting the Tracking Cookies. You can have the program remove all of them, but you need each account to reset their Cookies:

For each account: shayan, anaheet and beeta, do this same setting

Control Panel> Internet Options> Privacy tab> Click on Advanced button and make the following changes:

CHECK 'override automatic Cookie handling'
CHEK 'allow first party Cookies'
CHECK Block third party Cookies
CHECK 'allow per session Cookies'

Please re-open HiJackThis and scan.**Check the boxes next to all the entries listed below:.

O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - HKCU\..\Run: [RunSpySweeperScheduleAtStartup] "C:\Windows\system32\msfeedssync.exe" /ScheduleSweep=User_Feed_Synchronization-{D91F989D-135D-4CD0-BDE9-87C65BFF4A0A}
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll

These Real Time prgrams ,running at startups, should be disabled for the scans, shouldn't running for the scans.

The Java entry is old. It should be uninstalled, then the updated:
https://www.techspot.com/downloads/6463-java-se.html

Edit: correction of last sentence: Never keep the auto-update for Real Player, Adobe, Java. They are useless and use your resources.

 

[shugashayne]

ok, ill do that thanks but idk why spysweeper is running, that thing finished its subscrition like 7 months ago and i uninstalled it, and i edeleted uniblue cause it sucks

so yeah, thanks so much, and illl reset the cookies, mmmm, for mine, and my sisters account

shugashayne