Do I need to call a professional?

Welcome to Majorgeeks!

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

• Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
• Make sure you check version numbers and get all updates.
• Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

• After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

Downloading, Installing, and Running HijackThis​

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.​

• When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
  • CounterSpy
  • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
  • Bitdefender - from step 6
  • Panda Scan - from step 6
  • runkeys.txt - the log from GetRunKey.bat
  • newfiles.txt - the log from ShowNew.bat
  • HijackThis

NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!

 

Use your xp cd to do a repair install:
Wordy xp repair install:
http://www.informationweek.com/windows/showArticle.jhtml?articleID=189400897

Once you are finished with the repair...
Please download DrWeb-CureIt & save it to your desktop. DO NOT perform a scan yet.

You should copy/print the following because you need to be in Safe Mode from here on.

Reboot your computer into SAFE MODE" using the F8 method.
To do this,restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly.
A menu will appear with several options.
Use the arrow keys on your keyboard to navigate and select the option to run Windows in "Safe Mode".

Scan with DrWeb-CureIt as follows:
* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis"
* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.
* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.
* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
* After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

************************

Please download Combofix and save to the desktop:

Note:
It is important that it is saved directly to your desktop
Close any open browsers.
Double click on combofix.exe & follow the prompts.
When finished, it will produce a log.
Post the C:\ComboFix.txt in your next reply.
Note:
Do not mouseclick combofix's window whilst it's running.
That may cause the program to freeze/hang.

Reboot,post the DrWeb.cvs report,the C:\ComboFix.txt,and a new Hijackthis log into your next reply.

 

Were you unable to get into safe mode?
Could you not do any of the scans ...esp. the online BitDefender scan?

Have you run the system file checker?
Start > Run > type "sfc /scannow" without quotes. It will ask for your cd ..run it at least twice. (note the space before /scannow).

 

To get good and proper help, you need to give proper descriptions of your problems. And you need to give exact word for word error messages. For example you said:

I doubt that it asked you WHERE to open it. It more than likely asked you what to use to open it. This would mean that you have lost file associations and they need to be fixed.

Also you said:

Neither do I on what it is that you were trying to say!


Let's see if we can fix a few file associations and perhaps this will help.

Copy the bold text below to notepad. Save it as RegFileFix.reg to your Desktop. Be sure the "Save as" type is set to "all files". Do not try to double click on it or run it though. See below!

After saving the above to your desktop, click Start, Run, and enter regedit an click OK. This should open the Windows Registry Editor. Now click File and select Import. Navigate on the next form to your Desktop and locate the RegFileFix.reg you just created and double click on it to open it and add it to the registry. You should get a success message. (Tell me if you do).

Then reboot your PC (this is necessary). After reboot, see if you can get to Add/Remove programs from contol panel. If not, try this:

Click Start, Run and enter appwiz.cpl and click OK. Does that open Add/Remove Programs?

 

So do you mean that the Windows Registry Editor did not even open. That is what should happen when you put regedit into the run box and click ok.

What happens if you double click on the RegFileFix.reg file you saved on your Desktop?

What happens if you click Start, Run and enter cmd and click OK!

Can you download files? I'm assuming your browser works since you are here posting (unless you are using another PC).

Does the C:\i386 folder exist on your PC? If not, what about any of the below:

• C:\WINDOWS\i386
• C:\WINDOWS\DRIVER CACHE\i386
• C:\WINDOWS\SERVICE PACK\i386

By the way, you also have never even told us what version of Windows you are running.