hijackthis log included please help

Ok this computer was complete taken over it started off with all EXE show not a vaild win32 application. I was finally able to get a work around that and ran adware which found a bunch of stuff repaired all that. Ran spy bot. Found a bunch of stuff. repaired all that. Ran i virus scan had over 150 viruses repaired all that. Now as you can see about i have one issue. Im stumped. fnbafnb.dll is haunting me. Please help


Thanks

 

Welcome to MajorGeeks.com, please follow our standard cleaning procedures:

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

• Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around..

http://www.majorgeeks.com/images/grenade.gifWhen you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:

• CounterSpy Log - only for Windows XP, 2K, & NT users
• AVG Antispyware Log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
• Bitdefender Log - from step 6
• Panda Scan Log - from step 6
• runkeys.txt - the log from GetRunKey.bat
• newfiles.txt - the log from ShowNew.bat
• HijackThis Log

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

 

Ran everything except online scans pc won't allow it. Not doing anything that requires another window to open. Im also have problems with getting an ip address im running static right now. Not sure if part of the same problem but i figure ill bring it up

Here are the files you requested

 

I had to transfer these files to another pc to upload because the manage attachments button wasnt showing on the Infected pc

 

First, please disable Spybot's TeaTimer so it will not block anything we try to fix!

• Run Spybot and click Mode
• Select Advanced Mode.
• Then click Tools and select Resident.
• Now in the right window pane, uncheck TeaTimer.
• Also while this is open, in the left column now select IE Tweaks
• and then in the right pane make sure all the Miscellaneous locks are unchecked.
• Now quit Spybot!

Next you need to run AVG once more and this time have it fix everything it finds.

Once you have completed the AVG scan, try once again to run the online scans as these are very important in the removal.

After you have completed the steps above, I would like one more scan.

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Attach this log to your next reply

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Once you have completed this post, please attach the following fresh logs.

1. HijackThis Log
2. ShowNew Log
3. GetRunKey Log
4. ComboFix Log

 

here you go

 

here is the last file. Still having a problem with Internet explorer. Can click links that open a new window. Im thinking of upgrading to 7.0 should take care of the problem. But i won't until you say it's ok

Thanks very much BTW

 

i noticed my under admin tools services when i look at extened it doesn't display anything. just the blue corner. when i look at standard it displayes all my services running

 

Deeper search into it

Control panel/Users Displayes a white box
Control panel/Admin tools/services displays a white box on extended mode

IE don't allow downloading or open another page via java

There probably is more but that is all i found so far

 

First, please disable any antivirus and/or antispy programs you have installed so they will not block this fix.

Step 1:
Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

Again, make sure ALL browser windows are closed when you click FIX.

Step 2:
Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Check the 'Input script manually' box.
• Click on the magnifying glass icon.
• Copy everything in the Quote box below, and paste it in the box that opens:

• Now click the 'Done' button.
• Click on the traffic light icon and OK the prompt.
• You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt

Step 3: Begin here after rebooting from Step 2!
Next Reset Web Settings & Default Security Settings

Note for IE 6 users:
To Reset Web Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK

To Default Security Settings:
Right click on your desktop Internet Explorer icon and select Properties. Then click the Security Tab and click Default Level for Internet, Local Intranet, Trusted Sites, and Restricted Sites. For IE 7 users, simply click the "Reset all zones to default level" button.

Note for IE 7 users:
Select Internet Options, then the Advanced Tab and then the Reset button under Reset Internet Explorer Settings.


Step 4:
Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main ATF Cleaner menu to close the program.


Step 5:
After you have completed ALL of the above in the correct order, please attach the following logs.

• HijackThis Log
• ShowNew Log
• GetRunKey Log
• Avenger Log

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

here you go

 

It's almost like there is a file missing or my reg is messed up somewhere.

 

weird it was at least i thought sorry

 

i remember why norton wasn't removed error 1316 a network error occurred while attempting to read from the file c:\windows\installer\nav.msi

and i do have hidden files and folders enabled

 

sorry step 2 complete

Norton virus not. The program doesn't run and i can't uninstall been like that for a while from what im told

 

went to nortons site got that uninstalled

The cam software i couldn't find

 

Everything went good but still same problems i will post pics of what im looking at after this post but here are the logs

 

for my problems they are still the same

user accounts not displaying

I couldn't do a search to find all the symantec folders but i looked thought the folders

And i had to install firefox just to be able to load up the pics and you will see why

 

First, let's be sure all of the Norton junk is gone.

Download Rnav and save to desktop.

Double click to run, click NO on the "RNAV Question" popup and then when it goes on, tick the box next to "Norton AntiVirus 2002/Norton AntiVirus 2002 Professional" and click OK.

Once it completes reboot and post new logs from ShowNew, GetRunKey & HijackThis.

I don't think your problems are malware however let's go thru your new logs and go from there.

 

that's the program i used to uninstall the first time but i ran it again.
I also decided to update my drivers for video card and also direct x which didn't change still having same issue. Everything worked before im wondering if a file got changed removed which is causing the issue. I also checked my event logs and there is no errors it's wierd.

BTW thanks soo much for the help

 

Okay! Your logs look ok, this means your problems are more than likely software related. I would now recommend your posting in the Software Forum.

I would however try this one last step before going to the software forum.

Click Start > Run > type in sfc /scannow

This may or may not help, if it does not then go ahead and post in the Software Forum.

Good LucK!:major

 

Thanks for the help with the malware issues

 

Your Welcome!

Did you try the sfc? Did it help?

 

i did try it, it scanned but after ended that was it didn't give error or nothing restarted and still issue

 

Okay! Go ahead and post in the Software Forum. I would continue helping but it's no longer a malware problem.

Good Luck!