Member Avatar for rc38joe

:'( I have been fighting an issue on my XP Home system for about three or so weeks.......... I feel so stupid at this point, I was checking out my sons user area and came across some stuff he shouldn't have and was deleteing them and erase the disk system....
I came across a file named 1.exe aand I double clicked it by mistake, now my XP system hides all of my Virus software, won't let outlook connect and blocks my internet access. At the time of the infection I just had the Cox Security suite in place and Ad-Aware SE personal, now I have down loaded many of the different Virus / Spyware and Trojan horse removers an run them in safe mode, as they are hidden in regular XP Home. Althought they act like they are doing some cleaning, I don't ever seem to get my system back fully.

Can some one help my diagnose this issue.

Here is my current Hijackthis log file.............

Logfile of HijackThis v1.99.1
Scan saved at 3:32:24 PM, on 4/15/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Joe\Desktop\hijackthis.exe

O2 - BHO: (no name) - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - (no file)
O3 - Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1176607660142
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176607990407
O20 - Winlogon Notify: p4reg - p432.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Cox High Speed Internet Security Suite System Service (AuthSysSvc) - Authentium, Inc. - C:\Program Files\Cox\Applications\App\syssvcnt.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe

I tried reading all the tutorials but know I am missing something, the only way I get on the internet is in Safe mode.............

I have alot of the programs the tutorial say to use justr need some help in getting my system back, I already tried doing an XP repair with no help.......

Just very frustrating...........

  • 2 Contributors
  • 5 Replies
  • 161 Views
  • 1 Month Discussion Span
  • Latest Post Latest Post by joshSCH

Recommended Answers

All 5 Replies

Member Avatar for joshSCH

Have you tried a system restore? You used avast, and it didn't work ?? Avast, ad-aware personal, and spybot search and destroy are probably the best free virus/spyware software.

Even when you restart the computer, the virus still appears to be affecting your computer? I would suggest running the command 'msconfig' (Start-run-msconfig). Go to the startup tab, and disable the startup of any suspicious programs. Try running the previously mentioned programs in safe mode, do a 'thorough' scan.. and just see if it catches anything.

hmm.. Could you ask your son what the program was?

Member Avatar for rc38joe

Josh, thanks for your reply,

I looked at MSconfig and don't see anything out of the ordinary there, could the virus actually be names as one of the normal windows programs.

I try your suggestion and ran everything in Safe mode, and it initially removed a bunch of stuff and looked like the system was behaving better in normal mode, but its been not allowing me on the internet lately or even just seeing the other computers in my workgroup.

The only Restore disk I have is for ME, and I rather not go back to it....

I am thinking I need to just bite the bullet and do a disc wipe and reinstall XP from Scratch.........

Ahh my son claims he doesn't know where he was at when we go this bug ????? No help there................

Member Avatar for joshSCH

Josh, thanks for your reply,

I looked at MSconfig and don't see anything out of the ordinary there, could the virus actually be names as one of the normal windows programs.

I try your suggestion and ran everything in Safe mode, and it initially removed a bunch of stuff and looked like the system was behaving better in normal mode, but its been not allowing me on the internet lately or even just seeing the other computers in my workgroup.

The only Restore disk I have is for ME, and I rather not go back to it....

I am thinking I need to just bite the bullet and do a disc wipe and reinstall XP from Scratch.........

Ahh my son claims he doesn't know where he was at when we go this bug ????? No help there................

hmm.. Oh by 'system restore', I mean the XP program.
Start -> All Programs -> Accessories -> System Tools -> System Restore.
Chose the option 'restore my computer to an earlier time', and then pick a date to restore to (Make sure the date is some time before the infection of your computer)
This may fix your problem, assuming that you have system restore turned on..

You certainly have many more options other than reinstalling XP; however, if reinstalling would not be a problem.. then I would advise you to save all of your data on a dvd, cd, or flash drive... and then reformat and reinstall XP (Make sure you know the product key.. there are programs that would tell you what your product key is).

If reformatting and reinstalling would be too much of a hassle, you can try some more troubleshooting.. You say it's working properly other than the fact that it cannot connect to your network? Perhaps try troubleshooting your network.. If all else fails, you can always take it in and have professionals take a look at it (It's very hard to troubleshoot via this forum b/c we are not there and we cannot actually see what is happening..)

Member Avatar for rc38joe

Thanks for all the help, I got tired of messing with this and just did a clean install of XP Home from scratch, problem solved. I am running as much protection as I am able now.

How do I close this thread.

Thanks,

Joe Hunt

Member Avatar for joshSCH

ah, sorry you had to reinstall XP. I really hate when people use this last resort b/c it means the PC Techs failed to resolve the issue another way. But oh well.. I hope you don't run into any future problems..

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.