Multiple Infections In The Computer !!!

First goto Add/Remove programs and uninstall this: Screensavers Installer

Make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assis...rce=wdz3&utm_medium=bund&utm_campaign=wdz0805
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.accoona.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program\Accoona\ASearchAssist.dll (file missing)
O2 - BHO: (no name) - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - (no file)

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program\Accoona <--- the whole folder
C:\Program\Screensavers.com <--- the whole folder
C:\WINDOWS\impborl.dll

Now run Ccleaner.

Now we need to Reset Web Settings:

1. If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
2. Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
3. If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.

Note for IE 7 users: You need to select Internet Options then the Advanced tab and then Reset Internet Explorer Settings!

Now attach the below new logs and tell me how the above steps went.

1. ShowNew
2. HJT

Make sure you tell me how things are working now!

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

Formatting is rarely necessary and there are a lot of things to consider before doing this. But a new install involves more than you may think. Especially to get back to a level of where your system is at. You have to consider all of the below:

• you have to backup all you own data, settings, configurations etc and first you have to know what/where all of these are. And you have to have the medium (burnable media, second hard drive, tape drive [yuck] )
• then you must make sure you have the necessary disks to reinstall not just your OS but all other software you use especially protection before going online
• then fdisk, format, reinstall the OS
• now reinstall all your software especially protection
• get online (requires some setup and config that novices have problems with)
• download updates for OS
• download updates for protection software
• download updates for all other software
• tweak all software back the way you like it. Including Desktop settings, icons etc.
• create all the folders that you use for everything in your normally routines
• re-load from your backups to get data back, to get settings, Favorites,.....etc back
• now over the next two weeks you will realize that you forgot to backup some stuff and also you will keep finding something else that you need to reinstall.

Make sure your Aunt thinks about all of the above.

 

This is not a topic for the Malware Forum and you an easily find help on that on any search site, but as implied in my previous message, formatting is only a small piece of what you need to consider and do.