few questions 1st, b4 I do run the R&R on my son's computer!!

Hi all... I'm back... (on my computer at the moment)... Anyway, I wanted to get this message started so once I do all the steps in the R&R... I can just add the file to this message.

I will tell you this much... my son (21 yr. old) messed with the registry (when he shouldn't have, because he's not that knowledgeable) & his computer is a mess... a total mess... may just need to format... but going to try your R&R 1st!!

If I can get any of the programs to download & run... I'll be back to upload what you want.

Oh & btw... he has NO protection whatsoever... & yes, I know that's part of the downloads in the R&R... So, when I'm done with that AND you (whoever goes over the files) are done & we have the computer fixed... my question for you is... should I leave the SuperAntiSpyware on his... or download what I use (which is AVG).

Guess, the question is... which do you trust better? SAS or AVG??

Yes, I'll be keeping the Malwarebytes on there too!

Well, I'm heading to his computer now...

Also, my hubby maybe going to his Aunt's to work on her computer (tonight)... he thinks she has the "Facebook Virus"... so, if he can't fix it, I told him to come to this site... Since it will be a different IP... should he create his on ID... or use mine??

Sorry to hit you with all these questions at once... just seems it's hitting us all at once!

Thanks & Hope to hear from you soon! :cool
P.S. Would you rather I start a new topic, when I'm ready to upload the files?? Or can I just add to this message??

 

Re: logs from the R&R on my son's computer!!

Ok, my son's computer is still a mess... I hope these couple logs can help you, help me fix it.

Here are the problems I encountered while trying to run the various steps.

1st, could not get to the Malwarebytes.org site. So, I used my thumb drive & copied the stuff to it & put it on his computer. Acted like it loaded. So, I thought.

2nd... all other processes downloaded fine.

3rd, time to run the scans... this is where the problems really begin.

I kept getting the "iertutil.dll" file was missing & after clicking the ok button (only one available) several times, SAS finally opened.

It ran fine & I'll be attaching that log.

Then it was onto MBytes

Wait... I did run CCleaner when I was supposed to... it seemed fine. (It took away the desktop image, as I knew it would, because it's done that to me when ran on my computer.)

Anyway, did all the steps 1 - 6 & then onto the "cleaning"... which brings me back to MBytes... well, it would never start. So, I uninstalled it. Brought my thumb drive back to my laptop & bingo... a virus... (which AVG caught & well, that's another problem for later. But it's ok now... until each time I put it back in my son's computer. At least I know which file on the thumb drive is the bad one... but can't find it on the computer to delete it so it won't keep infecting my thumb drive. Hopefully it will be taken care of when you help me fix my kid's computer.)

So, I tried MBytes one more time & still couldn't get it to even open up. Then I moved onto ComboFix... where it ran good & found a rootkit & took care of it & restarted & finished it's deal & gave me a log. Which will be attached in a moment.

I have this feeling when you look at that log you're going to know what my son was up to... (yeah, the bad sites no one should go to!)

After that is RootRepeal & it just stuck at "initializing"... which then I had to manually shut the computer down... with the button, because it wouldn't with the start / turn off.

MGTools, well, that I couldn't do either. I'll try that again in the morning... If I do get it to run, I'll add the log then.

I hope you can help with the 2 logs I have now.

Oh, btw... Tried to open SAS again... & kept getting that missing .dll file... & that happened with a couple other programs too.

Is that a problem that you can tell me how to fix... Or is that an inclination that I just have to format the HDD & re-install windows? Does any of the above or the logs give you that indication?

I know (from past experience) to be patient for your replies... & I will be... just know that I may be able to add one more log tomorrow... unless someone tells me before hand that it's not needed. (The MGTools one.)

Ok... here goes... lets see if I can attach the 2 logs I have.

Have fun with this one... I have a feeling it maybe a little bit of a challenge. (But then again... you are the EXPERTS!!)

That's all for now. Thanks ahead of time!

 

Thanks a ton Kestrel for the quick reply...

Not to worried about the registry errors at this moment... Just want to get rid of the malware... but then again... He's begging me to just format it & reload WinXp.

I was able to run MGTools today... & attaching the zip file.

I'll be starting another topic later, AFTER I run all the scans on my computer... because I want to make sure that I didn't infect mine with the thumb drive I was using to transfer the files to here. (I can explain that in the other topic... unless you want me to keep it all in this one thread??)

I figured being a different computer you'd want it in a different thread???

Anyway... thanks for the help & if you see that there is just way too much wrong with my son's logs... don't worry. I'm read to just wipe it clean anyway.

 

Tim... did you see my reply to Kes... I was able to run MGTools... & did attach the log... Do you still want me to do what you say below? (Took it out of the quote just to make it easier to read)

Also, the SAS is already installed from the R&R... is that not considered an Anti-Virus program? If not, I'll install AVG... or do you trust Avast better? (This is an argument between my hubby & I, that I can't seem to get anyone to settle for me.) :-D However, I'm not sure if all the problems will even let me get to something like AVG's website.

Furthermore... the below instructions you have for me... (just glanced at)... will that fix all the registry errors... or the malware problems?

With all the errors that I keep getting... & etc... it's sounding more & more like it's going to be better to just format & reload WinXP. (He backed his stuff up onto a thumb drive... which, yes, I realize is probably infected too. I'll be taking care of that later.) rolleyes

Anyway... to save you & Kes' time... do you think the start from fresh would be best for his computer? :confused

Furthermore... there is one problem I think I forgot to mention... In the Virus list (from the R&R) that we have to look for in the Add / Remove programs there is "Ask Toolbar" ... In my son's computer, it had 2 versions... I was able to get rid of one... but the other... & I believe this is what is preventing me from getting to Malwarebytes.org. (Among other things)

So... you see my dilemma... He's has royally messed things up... again... should I just save us ALL the time & just format?

.......
Also, when I go to do the R&R for MY computer (just to be sure his stuff hasn't crept onto mine ... do I post in this thread or a new topic?) I thought I remembered you all said when working with multiple computer that you wanted it in separate threads... correct??

Hope all this make sense. ... & I sure don't want to have you and Kes spending too much time on his computer when it's this bad... if you don't have to.

(In case I didn't mention it below... he's just begging me to wipe it clean & start all over... should I give in?? Or is it worth trying to fix it?)

That's all for now.

P.S. YES, I have AVG and Malwarebytes on MY computer... and I so happen to be running scans from them both right now. (Because when I ran the AVG scan last night it came up with a few Trojans.) We'll see how it works out today... & Then I'm still planning on doing the R&R for my computer... just to be safe!

Then, I might even do my hubby's computer... since his is on the same network... & well, that's all for another day. :-D

Thanks again for your quick reply as well.

 

Tim & Kes,
Thank you so much for your time you've already put into this... but my hubby is telling me to format it & he's going to write all 0's to the drive & then we'll reload XP. :-o

I'm frustrated at this... because I thought I could work with you all to fix it... but he's telling me to stop wasting everyone's time, including my own.

I'm sorry that you both have taken the time to try to help me. To avoid anymore tension in my house... I'm going to let Hubby take care of it from here. *sighs* rolleyes

AS for MY computer... shall I post my logs in this thread... or do I start a new topic??? confused

Thanks again. You all have always been a big help to me! :cool

 

oops... I just now saw this... & just replied with changing the format... I thought it would actually make it easier to read... & to tell the difference when you quote me or vice versa. Sorry. I won't change again. :-o :cool

 

Will do. (New thread that is.)

Yes, this one is over with... Hubby finally was able to get it to format ... that was even a pain! :banghead (he's "writing all 0's to the drive", whatever that means... that's where his knowledge is better than mine.)

I truly appreciate you & Tim taking the time to try to help me. I'm sorry I took up so much of your time.

(My computer logs should be clean.... but I'm going to still run the R&R sometime tomorrow... just to be safe, you know, what I mean?) :cool

Thanks again. & See one of ya in the new thread :wave