Crude, major help

All right well I was sending an e-mail on a web site and then eveyrthing just started to go crazy and my computer would not stop running like crazy so i forced shut down and booted back up in Safe Mode, I ran a CleanUp, a CCleaner and an AdAware but the AdAware couldn't delete everything, so I restarted back into safe mode because it wouldn't let me manually delete the location of the virus. So I did another ad aware and it found even MORE that it couldn't delete, now i'm getting excessive pop ups, my icon's look locked on my desktop, my homepage is not the same, so what do i do? It won't let me download BitDefender on here.

 

Welcome to MajorGeeks ***************!

- Please run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:


Downloading, Installing, and Running HijackThis


When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

Good Luck!

 

ugh this is ridculous i cna't get anywhere on the computer, i tried typing in the URL to download SpyBot, everything just crappedout

 

You mentioned in your duplicate thread that you were using a second computer why not download the tools in the Sticky thread on that ?

Once you have them try running them in safe made, many of the steps require this anyway.

 

All right i've been at this for awhile, nothing seems to be working, I just got down w/ a SpyBot and it couldn't delete 5 things. I've done an AdAware, CCleaner, SpyBot, I STILL can't get BitDefender because of the virus, so i've read over and over on that FAQ and i've literally used every single one of those virus things so here's a HJL if I have done it all

~ INLINE LOG ATTACHED ~ SPD

 

Do not copy and paste log into your posts, always include them as attachments.

HijackThis is not installed correctly. Move HijackThis to C:\Program Fils\HJT.

Once you have Hijackthis in the correct location, rename hijackthis.exe to analyse.exe.

Follow the directions for Look2Me VX2 Removal.

Post a fresh HijackThis log along with the log from the Look2Me Removal Procedure.

 

well I ran a CCleaner again and I some how got the BitDefender to download so i'm running that right now.

 

K well now i can't download that Look2Fix thing

 

Whenever you're ready post your logs. If your having problems downloading; use another computer.

 

well i really don't know how to do what he said about the HJL, he says i didn't install it right but thats how it keeps coming out each time I install it, it never makes a HTL folder, unless i'm supposed to make one

 

Did you click the link in post # 2 of this thread OR in step 7 of the READ & RUN ME FIRST Downloading, Installing, and Running HijackThis It explains the steps for properly installing HJT.

 

No i didn't bother reading that section yet because I didn't know if I tried everything else yet but now i'll read that section

 

There I think i did the attachment right

 

You still have not completed our tutorial. You have not run any of the required scans, which is clearly evident when one looks at your log.

You have 2 Antivirus applications installed. Only one is needed. Uninstall the other.

You now have HijackThis in the correct location; but you have not renamed hijackthis.exe as directed by our tutorial.

We are trying to help you; but you must help us to help you, and that is by following our directions. Do not skip steps.

Follow our standard cleaning procedures which are necessary for us to provide you support.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

Downloading, Installing, and Running HijackThis

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

 

What are the two Anti Virus ones? I know Norton is one, but right now Norton's helping block all the nasty pop ups that are coming up and all the things trying to get into my DNS

 

BitDefender is also installled

 

Windows Denfender isn't working, running CounterSpy

 

We'll be here.

 

ooh BitDefender is also Anti Virus? Oh well BitDefender is kind of sucking because when ever it finds an Infection, it can't delete it and it says it just moved it

 

Almost all AV apps are like that.

 

All right now i think i'm all set, the Windows Defender doesn't work and i got rid of BitDefender

 

Where are the logs for the online scans?

 

Ugh which ones lol sorry I didn't do panda scan, last time it didn't work right

 

Follow the directions in the Tutorial; if you weren't able to run something I need to know that; or I will continue to tell you to post the logs.

 

Sorry I was going to post the Panda Scan but when it got to 50% the CounterSpy started to run automatically and woudln't let me abort so the Panda Scan screwed up

 

Okay well I just did a Panda Scan and then it asksme which section i'd like to scan, I chose My Computer and then it said there was an error on the page, so I tried with the Flobby Drive, same thing, as well as all the others

 

From the Read Me

From Using Panda ActiveScan instructions (Last link from above)

Once again follow directions.

Disable CounterSpy.

 

Oh okay so I don't even NEED to do the rest right? Ugh i'm really sorry

 

It still won't let me click on Local Disks

 

You need to do everything in our tutorial. If something won't run in Safe Mode, then run it in Normal Mode. If it wont run skip it. But I need to know what won't run.

 

Oh well all right, it won't activate on Normal mode so i'll try Safe Mode

 

The Scans are to be run in Safe Mode, as per our Tutorial. READ THE DIRECTIONS.

 

Okay i'm on safe mode and it won't do Local Disks, it keeps saying Error on Page at the bottom

 

I know the Look2Me Virus is on here and the Kill2Me thing isn't working because I did a AdAware after that and it keeps finding it and it says it can't delete it

 

Don't use anything that I don't tell you to use.

Complete the Tutorial and post all required logs.

 

um but that tutorial did tell me to down load all those things and one of them was Kill2Me, so i was just adding that, sorry

 

I'm going to try Step 5 again because I realized during safe mode it didn't disable my wireless internet

 

There are 37 post in this thread, and we haven't even begun to deal with your issues. Don't post again, unless you are posting your logs; or have a question about one of the procedures.

 

Well what do you want me to say? I can't get anything done with PandaScan because before it asks me which drive i'd like to scan, it doesn't say anywhere on the screen to View or Save Report and it won't do ANYTHING when I click on Local Disks or My Computer nor any other of the drives. I deleted BitDefender because you said it was unneccsary for two AntiVirus Protectors so I deleted BitDefender and now I can't redownload it. Meaning the only log I can now post is the HijackThis Log in which I did...twice, with the "advanced" method

 

I trying to be as polite as possible. You have been told several times to follow directions. You obviously aren't capable of that. You were told if a scan will not work in Safe Mode than run it in Normal Mode if it still won't run, then skip it.

I did not tell you that the BitDefender scan was unneccessary. I told you told you to uninstall 1 of your 2 Antivirus applications. The BitDefender scan in our tutorial is the BitDefender ONLINE scan, not BitDefender8, BitDefender9, or BitDefender Free.

Your HiackThis log clearly showed that you made NO attempts to follow the procedure.

If you want help then you have to do your part. I answer upwards of 50 threads a day here, depends on the volume of traffic for that day. This post is like the 40th post for this thread and we are no closer to resolving your issue then before.

Follow the directions given. Tell me what your were not able to run, any error messages recieved, and post the logs from the tools your were able to run.

Finally Panda ActiveScan does have an option to save logs. It's a text link instead of a button. Logs from Panda ActiveScan are posted here in nearly every thread. So, I now it can be done or else we wouldn't ask for the log.

 

All right I was up all night reading the scans very carefully, so I followed the directions on the dot. I have a BitDefender log and an updating HJTL after hoping to god I named the right file to analyse.exe. Panda Scan still refuses to work for me on either Normal or Safe Mode, the directions talk about having to disable something but I honestly don't know how to disable that. I tried the same Panda Scan on my Laptop and it seems to be opening just fine.

 

You have several different infections. We will deal with the Major infections 1 at a time.

Follow the directions for Qoologic Removal Procedure.

Post a fresh HijackThis log.

 

Here's the HijackThis Log

 

The Qoologic infection is still there, run the procedure again.

 

according to the scan, nothing was found, here's another log

 

Download
- Pocket Killbox

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

Well I know i'm still infected. HijackThis Log had trouble getting rid of "C:\WINDOWS\system32\ghynf.exe" It kept deleting it but when I went to highlight the next one, it was there again at the bottom, so I kept trying to get rid of it, but it wouldn't delete.

 

OK, we are making progress. As heavily infected as your system was it will take several posts to get it clean.

Follow the directions for Look2Me VX2 Removal procedure.

Post the log from Look2MeDestroyer and a fresh HijackThis log.

 

I'm having a problem, the Look2Me will close out but won't reopen after a minute

 

Okay well it seems that I can't edit my last post so sorry for making another one but I got that program to work and here's the log and fresh HijackThis Log