please really removal here

ok here is the deal- i've been at this for 3 weeks now to no advail. hubby is about to throw this computer out the door and i need some help. this is the problem- i have gotten the virus adoginhispen, skitodayplease and the 88.80.7 something. i have went threw this thing with 3 people and and they can't figure it out. to date i have ran spybot s&d, ccleaner, hjt, awf, super antivirus, flashdrive fix thing, drweb cure-it, spyware blaster, atf cleaner, avg antispyware, vundofix, deldomain, killbox, combofix - all these i've ran. also kaspersky online, along with my regular mcafee security protector. here is the thing.... i am running xp with IE7. all updated, ect... when i open IE to myhome page, which is comcast, i can look in history file and immediatley look at history file and they've popped up upon loading. i have blocked them at the site in internet tools and everything. everyone is saying the system looks clean, but i want to know why they still are popping up and if this puter is still in jeopardy to identity theft, ect... i do some bill paying ect. and i dont want the puter comprimized. i'm on my laptop now, as to not get on the desktop and create anymore problems. but i do have to have this desktop fixed soon, as my daughter needs the laptop to go to college. thank you so much for any input you may have. just let me know what you need for me to do next and i will run everything. i'm not working at the moment, so i'm on here often to check messages.

 

Hi swimmom1,
Welcome to Major Geeks!

The problem you've described is a familiar one. No need to throw away the computer!

Please follow the instructions in the READ & RUN ME FIRST and attach the requested logs.

Since you've run some of these scans already, like Spybot S&D and Combofix, I would like to ask you to be sure that you have the current versions installed. During the past week, a buggy version of Combofix got out and so this has been replaced with an updated non-buggy version. It's important that you have the most recent version! For the moment, you can skip one of the following two scans, either MalwareBytes or SuperAntiSpyware. When you finish the instructions, please attach the logs.

Thanks.
abri

 

hi abri and thanks for the welcome and taking a look at my stuff. here is the results of the logs- i think that is all the ones that you needed. let me know if there are any more that you want- thanks again

 

Hi swimmom1,

The good news is, I don't see any evidence of the harmful files which accompany adoginhispen. The other good news is that it may be your own security which is causing you distress. You have a lot of security programs installed on your computer along with the McAfee Security Suite. I'm guessing that one of the settings on one of these programs, and I would start looking with McAfee, is set to prevent changes to your trusted zone, so that each time you make a change the security software will recognize the change and change it back. This could be a feature of the firewall associated with the security suite or with the antivirus/antivirus programs. See if you can find something like this and let me know if this resolves the problem or not.

Other than that, please do the following:

1) Open your Windows Live Messenger, go to Help -> Customer Experience Improvement Program and turn it off. That will stop you getting all those sqm files.

2) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

After you click fix, just close hijackthis.

3) Run CCleaner at the default setting with the Windows tab as the one on top.

abri

 

ok got the other stuff taken care of except the windows live messenger. i can't find anywhere in that computer. let me know which antivirus firewall you reccommend. i am going to get rid of half this stuff in here as soon as i take care of this problem. so if you didn't find any bad stuff from the virus, what would you recommend i do? should i go in and change passwords to my accounts that i pay online or something? i know that probably wouldn't be a bad idea anyways seeing what crap was on that puter. i do have one other quick ? through this process, my cd buner has quit running. it doesn't want to read anything. think that i have done something to it like erased a file to run/read things or what? or should i just check in the hardware section to find this out. i didn't know if maybe there was a file that i've deleted that lets the puter read my cd's and i've done something to it. thanks for your help- let me know what else i need to do.

 

Hi swimmom1,
You'd get better input from the hardware forum on the cd burner.

I don't know what all files you deleted prior to coming here. If you think your security was compromised, then it wouldn't hurt to change passwords, nevertheless, it would be good to find out why those files are popping back up before you go to all the trouble of changing your passwords. I'm still curious if it might be a security setting that is causing those files to keep coming back. If not, then I would have you look for other files that might be causing them to come back.

abri