Hi this is my original post on 9/19- original post link http://www.bleepingcomputer.com/forums/ind...;hl=IUSER_Admin
Ok 9/4/08 I turned on pc and there was another user that I did not createname (IUSER_Admin). I deleted it several times for it to just come back. I have been over the last few days doing steps located on this page http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
but when I got to step 6, the application downloaded but would not run it says the file is not a valid win32 application. Ok, so what should I do now. Also, I use Panda internet security 08 and it updates fine but does not find anything, then when I went to the panda web site and done the online scan from there it finds something. I do not know if this has anything to do with anything. I have emailed Panda like 15 times about everything that has been going on since the 4th and I only recieved one reply telling me they thought it was something named "smitfraud" and that it was harmless and to remove it I would need to go to a pc tec and have them check out the system. Also, all of these applications that have been downloaded and used from topic 34773, do I need to unistall them now? Well So I decided to try to correct things by using info on this website. Some other info, if it helps, winXP is what I am running. I am not that computer savy so any help is much appreciated. Thanks.
Ok I have done what was said to do in the reply to original post. But While running spybot it continues to find the same thing every time I run it. I click fix problem and the next time I run it it finds the exact same thing. Here is info about that.
Win32.Delf.rtk: [SBI $3898DFCC] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $E47F11F3] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $C2C0258A] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $68C12074] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $B426EE4B] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $9299DA32] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $D7F84781] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $F3FA5EED] Settings (Registry key, nothing done)
Win32.Delf.rtk: [SBI $2CB34E58] Settings (Registry key, nothing done)
Ok so here are my questions. I have noticed in some of the hjt logs posted there is personal info, like name of pc or owner name, how to I keep from posting this information, and is there anything else in the hjt log that could be an identity problem? I have tried to change user information for my pc and in certain areas it displays all old users(like for documents) that have been created for this pc.
Thanks ahead of time for any help on this problem. I never did get the stinger to download right. Until I hear from someone about what spybot keeps finding & about the pc I.D info I will not download hjt.
Edited by KoanYorel, 24 September 2008 - 08:31 AM.
Post nerged with original thread because no HJT LOG