Experienced User** First Posting Though!

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by MeanMrMustard, May 17, 2007.

  1. MeanMrMustard

    MeanMrMustard Private E-2

    I have removed so many different forms of malware and "viruses" over the years that I haven't even had to read anything about them for quite some time. Anyway, my problem... well actually wait, another story first.

    Whatever happened, I got it in the most ridiculous manner. Being the "PC Doctor" to my friends I brought someone's harddrive to be hooked up to mine as a slave, because then his windows files wouldn't be used and therefore could be manipulated(he actually had the smitfraud-c or whatever, the tcpipmon.exe in his processes). I have done this a few times over the years and it has always seemed to work majestically. Then like a retard I ran an executable on his harddrive and the smitfraud jumped to me, I was going to have to do this the hard way, so here I am.

    I ended up downloading AVG for myself, after repeated hijackthis and spybot/adaware runs and smitfraud fixes. Directly after this, I can't get into windows, and by that I mean that I get to the 'welcome screen' even though I never used the welcome screen at all, and once I log in, it immediately logs me out, plays the on then off sound for windows, back to login.

    I can get into safemode, and I removed AVGfrom my registry/run settings. Reboots take a lot longer than usual, and I can't get past the welcome screen.

    Am I down to reinstall as last option? Also, anywords of wisdom on the smitfraud-c or the tcpipmon.exe?

    Thanks so much for any help, if you have any direct questions, I can am sound enough with the computer to be able to test and answer.

    Again,

    Mean Mr. Mustard
     
    MeanMrMustard, May 17, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Sounds to me like you should not have been using HijackThis on your own or doing the fixing on your own. This problem sounds like you may have deleted the c:\windows\system32\userinit.exe file or something else you may need.

    Are you saying you can login and do a full boot up in safe mode but not in normal mode?

    See if you can run this: RogueRemover
     
    chaslang, May 18, 2007
    #2
  3. MeanMrMustard

    MeanMrMustard Private E-2

    I will see if I can run it.

    I fixed the login problem... sort of.

    I went into safemode and created a new account, and presto* back in business, I can get into normal mode.

    But...

    I got back into normal mode, re-downloaded AVG, it found a whole ton of viruses and locked the filesin the vault, thus making my OS pretty much useless unless I can get them out somehow.

    And it seems as though AVG was the problem somehow, because after having put AVG back in, I now can't get back into normal mode, again!

    Blah, I'm not an idiot, but I haven't dealt with 'viruses' in forever, just spyware and garbage that slows the computer down. 'Viruses' just sit and try to do stuff and show up in scans, never see a Virut.A running in my processes!

    End, I will try and run this file and get back to you.

    Thanks,

    MeanMrMustard
     
    MeanMrMustard, May 18, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    AVG is not the problem! If you have a virus of some form that has infected system files and the only way to remove the virus is to delete the file, then the problem is the virus, not AVG. I suggest you stop running AVG for now and just run Rogue Remover.

    Also if you can get you PC into a state where it can be run properly, you should then start working thru the below so that we can determine if you have other problems.


    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy - only for Windows XP, 2K, & NT users
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy. - only for Windows XP, 2K, & NT users
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    chaslang, May 18, 2007
    #4
  5. MeanMrMustard

    MeanMrMustard Private E-2

    Chaslang,
    Thanks for trying to help. I was however in a bind and needed to get the computer back up and running this weekend and could not go through this process though I know you would have eventually been able to get me through it.
    I formatted and have everything back to fresh (it was all good because I wanted to make a larger partition anyway).

    Thanks again Chaslang and majorgeeks.com, this site rocks anytime there is something wrong with anyone's computer!!

    Best regards,

    MeanMrMustard
     
    MeanMrMustard, May 22, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, May 22, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds