Help me get my computer back to normal...

C

Circuitbreaker8

Supreme [H]ardness
Joined
Jul 22, 2004
Messages
5,078
Well, about 3 days ago, I was just surfing the web using IE ( i know.. ) Anyways, my HDD started going crazy, my mouse would have that hour-glass icon for a whole, explorer.exe would go away, then come back, and guess what I see when my desktop comes back? ALL OF THIS CRAP got installed on my computer!!! I deleted most of it, but things like Ad Blaster and crap installed ITSELF onto my computer! I deleted everything I could, and I ran Ad-Aware multiple times, along with Spybot S&D. The main problems seem to be gone, but, everytime I want to use IE, I get a lot of random pop ups, which is a major blower, because some of the sites I go on require IE to work right. Also, whenever I restart my computer, it boots up normally, but on that baby blue "Welcome" screen takes FOREVER to load. Actually, it never does load, for me to get into windows, I have to hit CTRL+ALT+DEL and my windows explorer suddenly appears, just by hitting those keys. Any ideas? I wanna get rid of both of these problems...thanks!
 
your loaded with malware alright. Check out Ice Czar's post at the top of this forum. Also, look through my Malware Removal Guide. If you are still having trouble after going through the steps listed in removal, post your Hijackthis log for us to review.
 
Make sure you run Ad-Aware and Spybot fully updated in safe mode. Keep your eye on the results it comes up with, entries like Cool Web Search and VX2 can require special attention. You can also try the demo of Webroot's SpySweeper, it works pretty well.

There's a few seperate fixes for VX2, but i'm partial to the plugin lavasoft has for ad-aware, hasn't failed me yet. CWShredder works about 50% of the time for CWS, depends on how nasty of a varient you have. It can require getting down and dirty with the registry but I'll walk you through all that if it comes to it.

Scan and remove everything you can. Reboot, scan again. If you still have things coming up in your scans or if you're still seeing browser hijacks, run hjt (from your hard drive so it can make backups) and post the log up here and let someeone review it for you.

Edit: In fact, i'd recommend posting a hjt log when you're done regardless, better safe than sorry.
 
hijackthis.jpg
 
Sorry it took a while, was hard to look at the image and not get my cooresponding lines mixed up.

r3 - fix
02 - fix
02 - keep
02 - fix
02 - keep
03 - keep
03 - keep
04 - keep
04 - keep
04 - keep (cthelper)
04 - keep
04 - keep
04 - fix (updreg)
04 - keep
04 - keep
04 - keep (logi-mwx)
04 - keep
04 - keep
04 - fix
04 - keep (nvcpldaemon)
04 - keep
04 - keep
04 - keep (ctfmon)
04 - keep
04 - keep
04 - keep (msmsgs)
04 - fix
04 - fix
04 - keep
04 - keep
04 - keep

all 08's 09's - keep
all 016's - fix

Reboot after, rescan and repost your log.

Edit: the filenames are there just to make it easier to see which goes to which, the run list was pretty long.
 
bluey424, be sure to take steps to help ensurethat this does not happen again. IE, look at some of the prevention stuff mentioned by ice czar in the security FAQ thread.
 
You must log in or register to reply here.
Back
Top