Member Panel

Hi there, before i start, plz go easy, i am new here!

It all started a few days ago. For the last year+ my internet had been going fine, and 1MB broadband is ace! Though all of a sudden i find soem very stange things happening!
Stuff like:

Limewire wont download faster than 3kb/s
WS-FTP wont upload stuff
Images dont display on internet sometimes
Internet explorer shortcut error
MSN Messenger, goes crazy, constantly signing in aand out, and not sending messages properly!

My PC has really had something horrible done to it, ive been told about a smmall bandwidth virus!

But AVG, Spybot S&D and Adaware SE. Found nothing!

Please help me people, MSN is the most annoying thing, but its everything else too!

I no for certain it aint the connection, cus my house i on a network, and my brothers is fine! i also said it just happened one day!

Please, Please help, i no some clever saint will help me!

Thanks very much in advance!

Matthew

Hi there Mattew , welcome to PCHF.


Let's have a look if there is some malware on youre pc.

If you follow the instructions in the "Prework" link below and attach the 2 resulting log files to a post here then we'll have a look at it for you.

ok mate!

had to download the programs on the Mac since my PC wouldnt let me, its really bad way atm!

Ill post logs when done mate, bare with me!

Thanks so very much, so far!

Matthew

here is the log file!

As i was doing this sokething is eating aay at my icons, the images are disappeaing steadily!

Its getting worse it seems

Please Help!

Matthew

Let's have a look at this for you.




Before fixing things with HijackThis Please Do the Following:



Show hidden files and folders:

For XP:

1. On the Tools menu in Windows Explorer, click Folder Options.
2. Click the View tab.
3. Under Hidden files and folders, click Show hidden files and folders.
4. If you see a warning message, click Yes.
5. Click Apply.
6. Click OK.

Disable System Restore to prevent re-infection.
(If you have/use it. You can turn it back on when youre PC is clean).

How to disable system restore:

WinXP.

1. Click the Start button.
2. Right-click My Computer, and then click Properties.
3. On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.

Clean up unneccesary files and folders

Please download CCleaner

And download this tool but don't run it yet:

http://sarc.com/avcenter/venc/data/adware.istbar.html

And please download AproposFix.exe - but again do NOT run it yet.

http://swandog46.geekstogo.com/aproposfix.exe



Now uninstall "SurfAccuracy" in add/remove programs.


Then boot in safemode (hit f8 when booting up)

Once in Safe Mode, double-click aproposfix.exe and unzip it to the desktop.
Open the aproposfix folder on your desktop and run RunThis.bat. Follow the prompts.

Also now run the Symantec istbarfix tool.



Click Start>Run and type in: services.msc
Click OK
In the Services window find:

A78ddcktnowa

Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK
Open HJT and click config > misc tools > ?delete an NT service?
Copy and past:

A78ddcktnowa

Click OK.




and then fix these with hjt:



Then delete the folder in bold , and do a manuall search for:

h32ert2.exe and delete what you find.

Then run Ccleaner.

Reboot and post a new hjt log and along with the entire contents of the log.txt file in the aproposfix folder by attaching them to a post please.

Show hidden files and folders: Already Done

Disable System Restore to prevent re-infection: Already Done

Please download CCleaner: Already Did

Started in Safe Mode

IST Bar Mender: Ran It, found nothing
AproposFix.exe: Ran it, successful

Now uninstall "SurfAccuracy" in add/remove programs: NOPE, not there!

Then boot in safemode (hit f8 when booting up)

Click Start>Run and type in: services.msc
Click OK
In the Services window find:

A78ddcktnowa

Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK

Couldnbt do that! Wasnt on the list! Couldnt find it anywhere!

Where do I go next mate! I have really enjoyed this so far, but still no improovement! Your advice is excellent!

Please help mate!

Cheers
Matt

Did you also do the rest?