Please help?!

I've attached my hijack this log. Can someone check it for me and tell me what to do?
I'm having sytems errors, crashes and can't get rid of some spyware and trojans.

Thank you so much,
Kim

 

Edited to add that I'm running Windows XP.
Just don't know what else to do.

 

Welcome to MajorGeeks.com!

Follow the directions for SurfSideKick Removal.

Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

- Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis:

Downloading, Installing, and Running HijackThis

When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

 

The results of scan

Here are the results of the hijack scan. I also did the bitdefender as you instructed but it won't upload here because it's too big. It's 287 kb.
I cannot get pandascan to work.

What do I do?

 

oops! Sorrry about that.

Thanks for the info, Halo.

 

Ok, the issue with Panda: I was able to install the ActiveX it required. When I got to the scan page it would say Error on Page and do nothing. I closed it out and tried 3 more times all with the same result.

I was able to put the BD file into a zip file, so I will attach that.

I ran windows defender and it came up with nothing.

 

I got rid of WinAntiVirusPro and ran Windows defender.

Windows defender has found:

Deskwizz-trojan
Look2Me-spyware

I'm going this afternoon to purchase McAfee

 

You're a lot of help, Halo!
Actually, I'm getting McAffeeVirusScan free. It's on sale, then there's a rebate for the full price.

 

Download
- Pocket Killbox

Using Add or Remove Programs in the Control Panel; uninstall the following:
WinAntiVirus Pro 2006
WinTools

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 7 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Follow the directions for the following procedures:
SurfSideKick Removal
Look2Me VX2 Removal

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post the log from Look2Me Destroyer and a fresh HijackThis log.

 

Ok, I've done everything.

Yesterday I downloaded AVG and it found 64 viruses/threats. It put them into the virus vault. Do I need to do anything with them or just leave them in there?

Look2Me won't run. I've tried several times with rebooting in between.

Computer does seem to be working a LOT better.

I'm getting the error every restart:

Error loading
w0378783.dll
specified module could not be found

Here's a fresh HJT log.

Thanks,
Kim

 

You are running 2 Resident Antvirus applications. You only need 1. Having more that 1 resident Antivirus application on your computer will cause problems. They will interfer with each of and create conflicts, causing system performance to suffer. Pick one uninstall the other.

Install Java Runtime Environment (JRE) 5.0 Update 7 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

 

Here's the fresh HJt log.

Why am I seeing AOL things in there? I don't have AOL.

Got rid of Bitdefender and kept AVG, hope that was the best choice.

Thanks!

 

AOL was installed at one time on this computer.

Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.

On the page that opens, scroll down to Command Service or cmdService (Whichever is present) ... right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, run HJT, but instead of scanning, click on the 'None of the above, just start the program' button at the bottom of the choices. At the lower right, click on the 'Config' button, and then the 'Misc tools' button ... select 'Delete an NT Service' ... copy/paste the following into the box that opens, and press 'OK':

Command Service or cmdService (Whichever you found above)

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Post a fresh HijackThis log.

 

OK, The file you're telling me to get rid of is not found in HJT or Pocket Killbox.

Here's the fresh HJT log:

 

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process.

Exit HijackThis.

Delete the folder C:\!KillBox.

Empty the Recycle Bin.

Run CCleaner.

Follow the directions for Virtumonde aka Trojan Vundo Removal,

Reboot

Post the VundoFix log and a fresh HijackThis log.

How is your computer running?

 

My computer seems fine now.

AVG scanned yesterday and for the first time found no viruses.

I'll attach a fresh HJT in case you see anything I need to get rid of.

Is there any way to check and make sure that there are no traces of that Winantivirus left on here?

Thank you so much for all you help and for directing me to free virus scanning!

Kim

 

Your HijackThis log is clean.

That was the intent behind running VundoFix. Please post the log from VundoFix.

 

VundoFix said it found no infected files.

Look2Me keeps showing up. I run the Look2Me Destroyer and it says it fixes it. The next day AVg finds it again.

I'm going to try and attach my event history from AVG.

 

That's because Look2Me is being found in Sytem Restore. No AV Cleaner and remove an infection in a Restore Point.

Flush all your restore points and create a new clean one for your system.

Disable And Enable System Restore
How to Protect yourself from malware!

Safe surfing.

 

To be honest, I didn't understand some of your post.
I turned off system restore, was NOT prompted to restart but did anyway. Ran AVG, it found nothing. Turned system restore back on and set a new restore point then.
Is that it? Am I done? Or is AVG going to find something tomorrow?
What do I do with the 314 infected files in the AVG virus vault?

 

Clean out teh Virus Vault, empty the Recycle Bin and run CCleaner.

 

I believe everything is fine now. I've ran two successful virus scans with 0 infected files!!
Thanks for all your help, you really got me out of a big mess and saved my from buying a new Antivirus software!!

Anything else I should do?

 

You're welcome, there should be nothing else to do.