multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccleaner

Hi,

I hope you can help me. I have just about given up.

Last year at some point, toward the last quarter, I noticed a pop up upon start up. It was what I believe to be a virus of some sort. It was called ***something***defender. I can't remember the first word. I tried to remove it from in the add/remove programs and I thought I was successful. But, I wasn't. I had my personal IT guy from work look at it and he removed it as it was set up to start up when the computer would start up.

I was given an ipod for Christmas and I tried to download itunes and I was not able to. At first I thought it might be because I didn't have all the requirements (including the room/memory) to support it. I had more RAM added and I thought it should have worked. When I tried again to download itunes, it promted me to download service pack 2. (I have XP) I tried doing it from the internet but it had downloaded 0 KB. Strange but ok. I ordered a cd be sent to me so I could download manually. It didn't work. My computer won't take that update. I try it and once it gets to a certain point, it crashes and turns off. I briefly see a blue screen with mumbo jumbo on it and it reboots itself. So, I opted to never be able to download itunes. I mean I am still able to successfully use the internet, so... so what, i don't get itunes. No biggie.

Well, strange things started happening, I suppose this past February. I was surfing the web to find information for a grade school project for my step daughter. We were saving pictures and the computer began to run sluggish and would freeze. Shortly thereafter, I'm talking a few days later when I got on the computer again, when I would try to access my C drive, my computer would request me to choose to report it along with the verbage, “Windows Explorer has encountered a problem and needs to close. We are sorry for the inconvenience.”
So, I have since given up on saving anything or recovering anything from my C drive. But, I can still use the internet so, no biggie still.

At one point, I can’t remember what I did, but I think I checked a McAfee report and I saw something that might have resembled the verbage “ldpinch” or something pinch. I was concerned but not enough to stop using my computer.

At some point in the above events, I can’t remember what I was trying to do, but I kept getting an error about a missing kernel.dll. Which I also couldn’t figure out why that was happening. I haven’t seen that error in a while though.

Recently, like three weeks ago, I realized there was a history section of sites visited on the internet and checked into it. I saw a few weird websites on there EVERY SINGLE DAY. It is adoginhispen, b.skitodayplease and 88.80.7.66

I googled adoginhispen and found major geeks. I tried surfing to find a resolution to my dilemma and I tried doing the RUN AND READ ME FIRST. I went through some of the steps. I did encounter at the Msconfig point, starting up in normal mode… it was already in normal mode, however when I clicked on okay, it says that I need to make the change as an administrator. Every sign shows me that I am the administrator. So, I figured since it opened up already on normal mode, I was good to go to the next step.

I don’t have Norton Antivirus / Symantec so there were no files to remove from a quarantine folder. I moved on to Ccleaner and when I try to run it, the computer crashes, goes to the blue screen with the mumbo jumbo and it reboots itself.

Just now, when I tried to re-download service pack 2 to let you know exactly what happened, it rebooted and opened back up. I saw a strange little icon that I had never seen before on the bottom right hand corner, so I clicked it and it opened up a program that I obviously downloaded recently and it said that one or more file (for lack of the possibly correct word, I will use file) that was not removed or partially removed. It was backdoor: Win32/zonebac.gen!F

I checked the info on it and sure enough, it cited the websites I listed above… adoginhispen, b.skitodayplease, 88.80.7.66 and that it tries to steal passwords.

Can you help me with my problems?

Thanks,
Iiris

 

Re: multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccle

Thanks for the quick reply. I was trying to attach the file awf.txt, however, when I clicked on manage attachments and clicked browse, it closed my internet window. I tried several times and it won't let me do it. So, i manually typed in awf.txt into the field. It seemed to work but I am not completely sure.

I can't finish the READ & RUN ME FIRST. I got to the point of ccleaner and it shuts me down completely, temporarily shows a blue screen with a whole bunch of writing and then reboots itself.

 

Re: multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccle

I can't continue on. I skipped ccleaner. I went to procedures based on your window operating system and it kept giving me an error and asked me to send to microsoft and closed mywindow. I dont think you are understanding my problem. Nothing is working. I only get to a certain point and it cuts me off.

totally frustrated,
Iiris

 

Re: multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccle

Its a new day. My apologies for my quick frustration yesterday.

The other evening, prior to my first post, I tried to do the READ AND RUN ME FIRST (R&RMF). I did not finish the entire procedure. I have read and done so many things it is hard to remember where I stopped and what day I did what.

I know that I am unable to use CCleaner. When I try to run CCleaner, the screen turns completely blue with some words or numbers or a mixture... I can't tell you verbatim what it says because it appears and disappears too fast to read and then my computer reboots itself.

At some point, I was able to get to step 3 on the R&RMF instructions and I was got to the point of downloading SuperAntiSpyware, Spy Bot - Search and Destroy, Malwarebytes Anti-Malware, Combofix.exe but I did not get to download MGtools.exe. It may have gotten late and I just didn't get to it or I just completely missed that step etc... I tried to download MGtools.exe now and it won't let me. An error window appears and says Windows Explorer has encountered a problem and needs to close. We are sorry for the inconvenience and it cuts my internet connection.

During the execution of SUPERAntiSpyware, I got to the complete scan part and performed a complete scan, it did its thing. I can't remember what happened because I came back to my computer and it was no longer on the screen. I saw that there were more instructions to do that I didn't get a chance to do, because the program was no longer on the screen for me to do it. I thought it strange and re-ran a scan. I remember at some point a list of files or something showing what it found but I don't remember if I did the repairs part of the instructions, nor the saving the logs part. I do remember that there were removals done but there was a partial removal that did not get completed. It was Backdoor:Win32/zonebac.gen!F.

So, today, since it is a new fresh wonderful saturday morning, I re-ran the complete scan. This time I sat and watched it the whole time. It got through memory items scanned with 0 detections, it got through registry items with 0 detections (this time) and it got to the file items scan and I don't know what the number was at the time, but my computer went to that blue screen that appears and disappears quickly and rebooted my computer. I think the very last file I saw when it was doing the scan was C:\Windows...

Question 1: should I go back into superantispyware and (since there will be no notification regarding quarantine and removal at this point) jump to repair tab and repair the broken connection and proceed with instructions from there?

Question 2: Since your first question to me was regarding MGtools, do you have a suggestion on how I can download MGtools or install it without using the link provided in the instructions?

Question 3: Regarding your response on the awf infection... you said to use windows explorer to delete the BAK folders. How do I do that? I right clicked the start button, opened explore. It automatically is set on expanded C drive and sits at start menu. If I click on C: to get to the very first one on the list, Program Files, it gives me the error window again... Windows Explorer has encountered a problem and needs to close. We are sorry for the inconvenience.... and closes my explore window. If I am doing it correctly to remove the BAK folders, what do you suggest now?

(also, how do I get to safe mode... I can't remember. I thought it was F8)

sorry for the long read, but I just want to relay to you what is exactly going on while it is going on otherwise I will forget the steps I have taken.

Thanks for your help. I really appreciate it.

Iiris

PS forgot to mention that now something called Windows Installer appears upon start up and then a window called HPProduct Assistant appears and asks me to insert a disk and it will not go away. I can hit cancel and x it out but it keeps popping up.

 

Re: multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccle

Well, I tried starting my computer in safe mode. It did not work. I tried doing it through the msconfig and it didn't work. As a matter of fact, it pretty much got stuck on the (MS Dos) black screen requesting to start in either safe mode or normal code. It would flash the blue screen very quickly in the background. I tried it so many times... I must have done it a hundred times because I was trying to read word for word what the back ground was displaying on the blue screen.

Either way, it seemed it was never going to go back in normal mode or safe mode.

I put the recover cd that came with my computer and just started re-installing my software on it. I lost all my old information but that is ok since I didn't really store too much on there to begin with.

Do you think I need to do anything else to my computer now that the previous memory has been wiped out?

 

Re: multiple probs: can't access c drive, cant SP2, have adoginhispen, can't use ccle

Thanks for all your help and thanks for your helpful service. I am sure (I hope not) I will talk to you in the future.

:wave