Warning! Spyware threat detected! System error #1752

This is my first posting here, so I hope I'm doing this right and in the right place.

I have followed the seven steps, to the best of my ability, and I still have the blue screen and the error that was reported by firecypher on 4-4-06.

I ran in safe mode, unplugged from the Internet:
1) Ccleaner
2) Microsoft Windows malicious Software Removal Tool and got "No Malicious Software"
3) Ran Ad-Aware SE
4) Ran Spybot Search & Destroy & Immunized (No Teatimer)
5) Could run Microsoft Windows Defender (so I guess I don't have SP2 downloaded--like I should)
6) I downloaded latest Sun Java
7) Ran Bitdefender - log attached
8) Ran Panda Active Scan - log attached
9) Ran HijackThis - log attached
10) I also got the uninstall_list.txt from HijackThis

I saw that you had firecypher run ewido, so I'm in the process of doing that, too, but it isn't ready yet.

I hope I did this right. I don't know why my HijackThis log has an X on it. Hijack This is in my Program files in MyComputer, but it doesn't show up on the Program Menu.

Thank you.

 

Thank you for your help.

I plan on following all your suggestions, but a couple major things concern me.

1) re: step 3. Until a few days ago, I thought I only had only McAfee installed. I used the uninstall for Norton. Now neither Norton nor Symantec shows up in the control panel - add & remove programs. I thought it was gone, and then the old incomplete, unrunable, unupdated Norton showed up on my program list again this morning. So I used Explore and deleted it again, and it is supposedly sitting in my Recyle bin. Is that adequate for removal? I'm waiting to dump it until I hear back.

Now I found Live update 1.90-Symantec, last used 8-29-04. I attempted to remove it and got the message, "you still have some symantec applications registered with Live Update...." I don't know where they are. How do I get rid of this Norton/Symantec stuff?

I was planning on deleting McAfee and using one of the free ones that are suggested in your documentation about Keeping Your Computer Clean and Secure. Is that still advisable?

2) Uninstall the below old version of Sun Java since you already have the new version.
Java 2 Runtime Environment, SE v1.4.1_02

I tried this at one point yesterday and it wouldn't let me. I just attempted it again and get "The install Shield Engine (iKernel.exe) could not be launched. No such Interface supported.)

3) WexTech AnswerWorks is removed.

4) Is your copy of Ewido the paid version or the free trial version? If it s the free trial, how long ago did you install it.

It's the free version and I installed it Friday. It just updated itself this am.

4)What is this following that you installed from InterMute?
O4 - Startup: IMStart.lnk = C:\Program Files\InterMute\IMStart.exe

Is it a paid version or a free trial version or their security package?

I'm embarrassed to admit it, but it has been on my computer since I got it a year 1/2 ago, and it pops up once a day, asking me to purchase it. I haven't and I haven't figured out how to get rid of it. I think it is compliments of HP. It is not listed in the Control Panel - add remove as InterMute or I would have deleted it 1 1/2 years ago. I just found the file for InterMute in the Program files in My Computer. Can I simply delete it?

5) With regard to the BitDefender scan, I think I'm in the wrong place if I'm supposed to be able to read html. I don't know what is in my email Inbox, which is stored with SBCglobal.net. If you have a document somewhere that I can read to help me with this. I am pretty good at following directions.

Nevermind, I dumped it into Front page and I printed it out. All the things found in the Outlook Inbox were on drive G: a harddrive connected to my computer that came from an old laptop that a computer guy saved after the motherboard burned up. I saved the harddrive for documents basically. With that in mind, how should I manage the stuff on drive G:?

Since I can't access the email on G:, should I delete all of Outlook Express or does it matter?

6) Now I'm off to run the steps in SpywareStrike, Smitfraud, SpySheriff, SpyAxe & PSGuard Removal.

Again, thank you for your help and in advance for answering all my questions.

 

This has been a very interesting experience. The Warning message is gone, now and so is the blue screen ultimately, but now I have a white screen that won't let me select properties. "Not available." I thought things seemed better today, until I had all this problem with Panda ActiveScan (2.)

I do get this error message when booting up, " Task Panel exe - E60Cmmon.dll was not found."

1) I could not remove Norton by the automatic download. I'd click OK and find myself off the Internet, but I think I got it removed, following the 3 step instructions given if the automatic doesn't work, ie MSIFIX.bat, SymNRT.exe, SYMMSICLE...

2) I haven't been able to complete Panda Activescan today. About 1/3 through it asks to save as a Profile, I say okay to the first choice and it says there is a fatal error. Now I have 36 spywares and about 3 hacker programs. I did save it but the only format that it allowed was documento de texto.txt, so I hope you can read Spanish. I've attached that file, and have no idea where that came from. (no hablo espanol)

This is the error I got-- "Managed MAPI Service Catastrophic Failure. Unknown error."

I am attempting it again. I unhooked g:, the harddrive from my old laptop and selected local drives. I did get that completed and it also saved in documento de texto.txt. The complete report on this scan pf 041706-2.

3) I worked through the SpywareStrike, Smitfraud, etc. I will also attach my smitfiles.txt. I only have to delete one item in the list via Windows Explorer---
C:\WINDOWS\SYSTEM32\intell321.exe

4) Since I already worked throught the READ & RUN ME FIRST section, I didn't do it again. Should I?

5) I was able to remove Java 2 today, which I wasn't able to do yesterday.

Intermute seemed to float around more today, opened a couple times.



Thanks again.

 

I will follow your instructions ASAP, but wondered--this is probably a very stupic question. Since I've recently terminated Earthlink service, I probably should uninstall it in the control panel, right?

I don't think I'm careful enough about getting rid of stuff I don't need. Part of the problem is that I don't always know what I really do need.

Just for the record are the wrestling sites as contaminated as the porn sites?

Thank you.

 

I got everything done before I left for work, except delete this line

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

It was not there. As I mentioned before, I used the manual removal of Symantec items. Did I still leave some behind?

My computer boots up very slowly compared to usual (I read somewhere that Ewido makes it run really slowly--is it time to remove it?), and the desktop background is still white, but no Warning. It is unaccessible to change properties, giving this location,
file://C:\WINDOWS\warnhp.html not available.

Other than being slower at times, it seems functional, but I haven't used any work applications from this computer at home.

I have attached the latest HJT log. Thank you.

 

Well, I've finally had a chance to do step 8 as you directed. It says it added the fixadt.reg , then I got a Microsoft Antispyware notice that said it blocked the Internet Explorer URL: but I couldn't get down the rest, something to do with google and msn. When I restarted my computer, I was still unable to make changes to my white screen.

I tried to install Microsoft Defender (so I could uninstall Microsof antispyware), but it says I need Service Pack 2, which I thought I had, but eventently don't. Hence, part of my problems I guess.

I have attempted to uninstall Earthlink 5 times. It asks my if I'm sure, I say yes, and absolutely nothing happens. suggestions?

How do I limit all the stuff I'm running? I realize this is very basic, but what do I really need to have running with I start this computer, and how do I get rid of the rest of it.

Is it important that I keep getting all those HP downloads?

Also, could you please give me the file where I can get the information on keeping my computer clean, and running efficiently. I can't remember where I found it and I didn't print it out.

I'm attaching another HJT log to make sure it is still clean.

Thank you for all your help.

 

I forgot the HJT log. It's attached. Well, that's not working. Do I need to delect some of the earlier uploads?

Thanks again.