Thanks for taking the time to look at the logs. I went to my sister's house and changed all my passwords, etc...will call the bank too. I suppose the only way is to completely reboot my system. The question is..do I just put in the operating cd I got when I got my computer and let it start over? Will that really erase all the traces of these viruses? One thread I read implied that the spysheriff would still come back...any ideas? Thanks again...

At this point spysheriff is the least of your worries.

Download haxfix.exe.
Save it to your desktop.
Double click on haxfix.exe to install haxfix. (standard installation path is c:\program Files)
When the installation is completed, make sure that the checkmark "Launch HaxFix" is placed.
A red "dos window" (dos box) will open.
This message will appear:
At this point please type the following: xptptt.dll
Press Enter to continue with the fix.

If an infection is found, you'll get a message to close all other open windows.
Close them, except the red dos window from haxfix and press Enter.
The computer will reboot.
After reboot find the logfile c:\haxfix.txt.

______________________________________________________________________

Please download Pocket Killbox by O^E.

• Save it to your desktop.
• Please double-click Killbox.exe to run it.
• Select:
  • Delete on Reboot
  • then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
  
  C:\Documents and Settings\Owner\Complete\Ashampoo Burning Studio 5.5.0.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Ashampoo Photo Commander 4.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Ashampoo UnInstaller Platinum Suite 1.0.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Ashampoo UnInstaller Suite Plus 1.32.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Corel Photo Album 6 Deluxe.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Norton Antivirus 2006.zip/Setup.exe
  
  C:\Documents and Settings\Owner\Complete\Norton SystemWorks 2006 Premier.zip/Setup.exe
  
  
  
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

_________________________________________________________________________
Post the contents of c:\haxfix.txt along with a new hijackthislog. And a new ewido log.

Well, completely reformatting the disc will remove EVERYTHING from it, including legitiate programs and such.

SO, for this reason, we recommend burning a CD/buying and using a memory key to save all the data, documents, etc that ya wanna keep.

Well, it's slightly more complicated then that, but generally, that's the idea.

Here's a very good set of instructions for help with it. More or less, you're going to have to print it out, as you won't be able to access internet while reformatting.

_________________


Acknowledgements: Thanks to DKnoppix and Crow for most the images and dgosling for helping get this setup.

This guide shows how to reformat your computer in case of a severe corruption or a severe malware infection where helpers cannot guarantee the security of your computer.

This guide is for reinstalling XP only. Do not use this guide if you are not reinstalling windows XP. Only use this guide if you are reformatting using the XP cd (not using a 'recovery partition' that some computer manufacturers use)

This guide is 'as is'. There are many circumstances which may change the success of your reformat.

Now then, let's get started:
Before you can reformat, you will need to have the following:

Prerequistes:
1. Your windows XP cd.
2. A means of backing up your most important data. Don't backup everything, the more you backup, the more chance there is that malware will get on your newly formatted computer. You might use another hard drive, some cd roms, or anything that holds data to backup your files.
3. There is a small chance you will need a floppy drive.


First Steps:
1. We need to make sure that your product key is still valid. Otherwise you might not be able to install windows. To do so,

Please go HERE (Microsoft website) using Internet Explorer (NOTE: Do not use Firefox or any other browser as they won't work)
- Click on Windows Validation Assistant
- Click on the Validate Now button.
- Be patient while the ActiveX loads, do not click on any links.
- Read the instructions on this page while it's loading. You will be prompted to install - click YES.
- Enter your product key then click continue

Make sure that your license key is legit. If it is NOT legit, do NOT reformat, contact Microsoft to see if a mistake has been made, and if not, tell your helper.


You can also use this tool to ensure validity.
Click here
Then hit "save"
Save the folder to your desktop. Then right click on the file and select extract all. Extract the folder to the desktop. Then open the folder and double click on xpinfo.exe
If all is well you should get something that looks like this:
http://i25.photobucket.com/albums/c7...icenturion.jpg


Then, backup your important files to another media. Do NOT save them on the same partition. I would personally suggest a cd-rom backup or a flash drive. You may want to make sure that you can open the files on another computer BEFORE reformatting.


Next, download these programs.
Save them on a CD or something, we will need them immediately after reformatting. Do not skip this step!

• SP2 can be downloaded here. Safe this file to a CD. If you are on dialup and this download is unbearably large, you can get a free copy from Microsoft here. The downside is that it will take awhile for the CD to get there.
• A firewall. There are many good ones out there, If you don't know of a good one to get, I personally suggest either Zone Alarms or Sygate Firewall
• The latest drivers for your computer (optional). Drivers allow Windows to use your hardware in the most effective manner. IF you need help finding what drivers you need, go to start->run->msinfo32.exe and that will tell you what hardware you have. Then go to the appropriate hardware vendor's website and download the correct drivers.
• A imaging software (VERY optional). Reformatting is a pain in the but isn't it... If you have a drive imaging software, you can literally take snapshots of your hard drive, and if something screws up, you can roll back the state of your hard drive to an earlier time. Two of the most popular drive imaging sofware utilities are Acronis True Image and Norton Ghost. Neither of these products are free, but they are well worth it in my opinion.

Checking the hard drive
Please go to start->run->diskmgmt.msc
you should see something like this:
http://i25.photobucket.com/albums/c7.../diskmgmt1.jpg
Highlight Disk 0 like I have done. Then you will see one or more partitions on the top half. Make a note of the size of the drive. Very important: Look and see if there's a hidden 'recovery' partition on your hard drive. If so, STOP!! because you will need to follow different instructions on how to reformat correctly.


Let's Reformat!

1. while your computer is still on, put in the XP cd
2. Turn off your computer
3. Turn on your computer. Your computer should go through a black and white screen called POST. Then one of 2 things will happen.
   You will either get a message like this:
   "press any key to boot off the CD"
   
   or your computer will boot windows normally. If you get that first screen, quickly! press a key, and boot off the cd. If you DON'T get that screen, reboot your computer, and continually press the f12 key. You should get an option screen. Use the arrow keys to highlight your CD drive, and then hit ok.
   
4. If everything goes well, you should get a blue screen with white letters. Windows will load from the cd. This takes awhile. Once it is loaded, you will see this screen:
   http://img114.imageshack.us/img114/5...nstall17xe.jpg
   
5. Hit the Enter Button.
6. You will then be presented with a EULA. Press f8 to agree to the EULA
7. Unless your previous windows version is really screwed up, you will get a screen like this
   http://img465.imageshack.us/img465/8...nstall35nn.jpg
   
   Press the ESC Key
8. Next you will get a screen similar to this:
   http://i25.photobucket.com/albums/c7...tipartview.gif
   You need to make some decisions. I do NOT like having only 1 partition on a computer. You can make your files safer by having them on a separate partition. Personally, I have 5 partitions on my computer for various things, but at minimum I would recommend making 2 partitions. 1 of them should be the normal c:\ drive like you're accustomed to, and 1 should be for your important files/programs. You're free to setup windows however you want though. It's your computer.
   
   No matter what you choose to do, you need to use the arrow keys and highlight the c:\drive
   Press the d button.
   Then press the enter at the warning prompt.
   Windows will give you a second warning prompt. Hit L to continue.
9. Your screen will now look like this:
   http://i25.photobucket.com/albums/c7...eatingpart.gif
   Press the C
10. Then you will be presented with this screen:
    http://i25.photobucket.com/albums/c7...eatingpart.gif
    This is where you need to decide how many paritions you wish to have.
    If you are unsure and just want to go the easy route, press the enter button. Now skip the instructions below in Purple, and continue on.
    If you wish to create multiple partitions, press the backspace key and change the size of your partition. Don't make it too small! I would recommend having at least 4 GB (4096 MB) on the first partition, and more if your hard drive is big enough. Then press the enter button.
    Then use the arrow keys and highlight the "unpartitioned space" Press the c button, and then type in how big you want the partition to be. Hit the enter key. You can repeat this process until you have as many partitions as you want.
11. Your screen should look something like this depending on how many partitions you have:
    http://i25.photobucket.com/albums/c7...gmultipart.gif
    Highlight the drive you want to install windows on. It SHOULD be the 1st one. (c:\)
    Then hit the enter button
12. Next you will get this screen:
    http://i25.photobucket.com/albums/c7...0/chooseFS.gif
    Select "Format the partition using the NTFS file system"
    Hit the enter button.
13. Your computer will format the drive. Wait until that's done.
    Windows will setup. When you see this screen:
    http://i25.photobucket.com/albums/c7...r0/reboots.gif
14. Then you need to take out your CD.
15. Your computer will reboot.
16. Windows Setup will continue from the hard drive. Follow the instructions, and voila! Windows will be reinstalled.

DO NOT CONNECT TO THE INTERNET UNTIL THE FOLLOWING STEPS ARE COMPLETE!!!!

• Put in the cd that contains service pack 2
• Install service Pack 2 by doubleclicking the setup file and following the instructions on the screen
• Once SP2 is installed, reboot, then install the drivers that you have found.
• Next, install the firewall and AV.

NOW CONNECT TO THE INTERNET.
Immediately go here:
http://windowsupdate.microsoft.com/

and get all the critical updates.
Don't forget to restart your computer!
Then update your AV and firewall.
Install all your other programs and documents.
Then (if you have an imaging software) make a snapshot of your computer. If something goes terribly wrong, you can always start from this point again instead of from the beginning.

Lastly, keep us updated on how it's worked.

Thanks again.

Reformatting may not be nessary, haxdoor can be removed, its just not always easy.

I tried the haxfix and killbox, but neither would download or work correctly-even in safemode. I have finally tonight got my computer up and running. I can't seem to find sygate anywhere, but I downloaded avg...any others I need? I also reinstalled ad-aware, spybot and xoftspyse. I want to thank you all for all of your detailed instructions and help. I couldn't have done it without your help!!

I wouldn't worry about Sygate now, they have been taken over by Symantec .