Another Cry for Help

Hi

I need help. I am either infected by some malware or a virus or my Windows XP installation is badly damaged and I need advice on how to repair it.

I have followed the advice in the “READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan and Virus Removal” document in this forum. Very little was found with most scans not finding anything...

I was unable to connect to the Internet while in “Safe” mode so ran the tests in “Normal” mode. I tried many times but was unable to get the online Symantec Security scan to scan my Pc (the line would drop before it was completed)... I did successfully run all the other and Alternative scans except ADS SPY as I do not know enough to use the results without help. I also downloaded the Ewido Security Suite trial and obtained the Microsoft Trojan finder and used them to do a scan but neither found anything.

The full story is given below. Sorry for the length but I wanted to give you full info:-

Dual Boot Win XP Home (c/w SP2), Linux (Mepis) using the GRUBB dual boot menu
Intel Pentium 4 CPU 3.2 GHz with 512Mb RAM, single 120GB HDD
Deepnet Explorer Browser (uses IE core) & also have IE installed
ZoneAlarm Pro V4
Pandasoft Titanium 2004 anti virus software

Problems – Sluggish internet connection, unable to automatically or manually download updates from Microsoft website, unable to manually of automatically update AVG, line dropping frequently (especially on the AVG, Microsoft websites and some antivirus sites). I have problems logging onto website accounts like Majorgeeks forums (they timeout before logging in). The software I use to connect to the Internet gives an indication of how much data comes in and goes out. The amount of data going out is very much higher than it should be. The Windows Security Centre is not on the Control Panel.

History
I bought the Pc just before Xmas. I set up WinXP and the installed software I wanted on it. I started to install Linux on it and make it dual boot. Due to making a mistake when doing this I screwed the partitions up. I was unable to salvage what I had done so had to reformat the hard drive use the XP Recovery Disk to reinstall Win XP. I then correctly installed Linux without problems and started reinstalling the Windows software I use.
After connecting to the Internet a few times I started noticing problems. I ran a scan with AVG which got rid of a couple of instances of the DipNet worm. I then found AVG could not be updated whether I tried to do it automatically or manually. I also noticed the Windows Security Centre icon was not on the Control Panel. I ran Spybot which did not find anything significant. I got the Pandasoft Titanium Antivirus 2004 with my PC so got rid of AVG and installed the Pandasoft product. I found this would automatically update but scans find nothing.
I consulted your help forums and followed the “READ ME FIRST BEFORE ASKING FOR SUPPORT” document. The scans appear to have found a few bits of Spyware. My Internet connection seems a little faster but none of the other problems has been cured.

 

Did you mean that you ran all the scans in normal mode? If you can't get online in safe mode (I had the same problem) you should still run run the offline scans in safe mode.

 

Sorry I did not make myself clear. I ran all the scans that I could in Safe mode (e.g offline ones - Spybot, Adaware etc) .

I was unable to connect to the Internet in Safe mode so I had to do the online scans e.g.Trend Micro and BiDefender in normal mode.

Hope this makes things clear.

 

Thanks.

I will do that as soon as I get home tonight.

 

I have done my best to do so. Please find the log attached.

Thanks for the help.

 

I will print your instructions off and follow them tonight when I get home. I am accessing this forum from my connection at work as I can have a lot of problems if I try to connect to MajorGeeks from home.

I will let you know how I get on.

Thanks for the help

 

I followed your instructions last night and have attached the new HJT log.

I connected to the Internet and found that the problems I have been having appear to be unchanged.

I cannot log on to sites like MajorGeeks as the connection times out during the password validation stage and the line often drops.
I still cannot install security patches etc from Microsoft's website either manually or automatically despite having the automatic facility turned on.
The program I use to connect to the Internet still shows an anomalous amount of data being sent from my PC to the Internet and the XP security centre is still missing from the Control Panel.

I will not be able to Post anything again until I am at work again on Monday but I can access the forums and read any further advice or instructions you have for me.

Thanks very much for the help you have already given me. I really appreciate it. If I can reciprocate in any way please let me know.

 

Sorry. I screwed up with the attachment. When I cmae to attach the new log I found the file on the floppy I brought from home was unreadable despite checking it, last night.

I will not be able to log onto the forum again until I get to work on Monday.

 

i have attached the latest HJT log, which I reran last night as promised.

Iwill follow the advice you give, and let you know what happens.

Thanks again for your help.

The following is information you may find helpful in diagnosing my problem.

I only use Internet Explorer to when downloading updates for Windows.
My usual Browser is Deepnet Explorer, which uses an IE core with a different shell and claims to be considerably more secure than the unmodified IE. I do not use IE or Deepnet explorer to achieve an Internet connection. I have the "Never Dial a Connection" box ticked in Internet Options.

I use a program called Turnpike to establish an Internet connection. This program automatically downloads and sends my email. It also downloads and sends new contributions to any newsgroups I am subscribed to. It has a separate offline reader which allows you to read your mail and newsgroups.

If I want to surf the net I bring up Deepnet Explorer after Turnpike has established an Internet Connection. I have been using Turnpike without problems for about 10 years (starting with version 1.01. I am now on version 6.4).

 

I did what you suggested, changed the settings and installed Firefox.

Browsing was dramatically faster but I was still unable to log onto accounts like my MajorGeeks account.

I take your point about it may not be a malware problem but there is one more thing I want to try. If this fails it is the nuclear option of doing a HD format and reinstall.

I will let you know by PM if this last thing works and details of what it is.

Thanks for all your help Chas. I have learnt a lot.