Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got the conduit virus; got rid of it stuck n safemode w debugging 2 many startup


  • Please log in to reply
1 reply to this topic

#1 pinkrose1160

pinkrose1160

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:23 PM

Posted 04 May 2013 - 03:02 PM

Hi there everyone! I've been to this forum so many times in the past I decided today to become a member so you can put a annoying problem asker? (think I coined a new word) with a face!

 

Well here's what's goin on. I'm runnin vista on a 32-bit system on a Dell 530s Inspiron computer. Two weeks ago I downloaded an update from Microsoft to my HP 1610 PSC, (Printer). Well during my updates flight thru cyber space to my computer the Hijacker virus Conduit/WiseConverter  :ranting:hitched a ride on the tail wings and happily sailed into my system corrupting most of my Windows folders in my C: drive and D: drive, while it's evil Damien babies propagated themselves into my registry and other dark corners of my system that were unbeknownst to me until now. Well some of them at least.

 

I am now good buddies with the following programs, that I've run to have the little demons evicted which I hopefully did successfully:

1. Sbybot

2. Rkill

3. malwarebytes

4. HiJackthis *does excellent work and love the name!

5. FileASSASSAIN

6.AND WHATEVER ELSE I COULD FIND AS AN EXTERMINATOR!

 

Well that problem seems to be cleared up for the moment. Although running this computer in Safe Mode without any malware protection is leaving the door wide open, I'm sure to all the friends and cousins of Conduit  and it's many henchmen and Damien :devil: babies. So, I need to find a solution to this problem pretty quick or I'm probably gonna be lookin at the blue screen of death.

 

So back to my current problem. After removing the Hijacking virus, it sadly left in it's wake a total file and program carnage of my system.

 

C: drive apparently has some components missing and folders added to it like my HUGE personal folder now stuck in the STARTUP menu file that's reeking havoc and constantly popping up a warning it has too much junk in it! Which of course might have a lot to do with the "stuck in safe mode with debugging" that I can only access the internet in. Still can't figure that one out. Why not safe mode with networking? :scratchhead:  hmmm... 

 

My D; drive is a MESS! I tried to download a USB modem and driver for my Android phone through the USB cord and the wizard couldn't find the file where it was supposed to download them to! I sat and looked at the D: drive forever, stupidly contemplating moving folders around once I looked up on IE where they were supposed to be and thought, ya know girl you do that and this computer will take its last breath and turn blue.

 

So I refrained and here I am at your very helpful website for ignorant I.T., wannabes like me!

 

I guess what I need to know, (first of all please tell me there is something I can run diagnostically without having to do manual surgery on my poor crippled system that I would probably end up diggin a hole in the back yard to lower it into, if I did something manually to it.) I said that real fast...just an FYI.

 

I also suppose I need to let you know what I've tried so far in trying to correct my startup menu and my program files that are currently in a mess. I'm just so curious, what it is that's keeping it in safe mode!!! So here's what I've run or tried:

 

1. regedit and prompts

2. msconfig and prompts

3. sysinternals and prompts

4. CCleaner

5. Problem Reports and Solutions

6. Microsoft FixIt Center

7. Immunet 3.0

8. Karen's power tools

9. Reboot

10. 3-4 Backup and Restore's

11. Just about every option the DOS program has in Safe Mode.

 

Ok...one last question. Could you just please tell me or give me a small little list of the ABSOLUTELY NECESSARY programs I need to run in Startup? Of course at my own risk I understand! Not a litigious person here, computer's almost dead anyway, this is its last shot.

 

Any new ideas you can offer me will be GREATLY appreciated!

 

And now I'm going to sign-off in the usual manner of most of your time honored, faithful friends and patrons of this wonderful website which I'm now a proud member of!

 

HELP ME! HELP ME PLEEEEEEEEEEEEEEEESEEEEE!! I CAN'T TAKE IT ANYMORE! I DON'T KNOW WHAT ELSE TO DO!!! HELLLLPPPPPP!!! SOB SOB! SNIFF, SNIFF.....hiccup...please? :hysterical:  :hysterical: 

 

Thanks so very much! -margie AKA pinkrose1160 :kiss:  p.s. you may wanna rethink the emoticons it seems I may have some sort of addictive usage problem with them.

 



BC AdBot (Login to Remove)

 


#2 pinkrose1160

pinkrose1160
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:23 PM

Posted 04 May 2013 - 03:20 PM

Oh, HERE'S A COPY OF MY STARTUP THAT I COULD SEE! I know a lot of this can go and actually I thought i had deleted a lot of these things in Add/Remove programs, cause now I'm thinking one of them is a virus, (Media Fairy Pro) well if it's not...with a name like that it should be. Anyway, I know there are other programs that run in the background but can't remember right off hand how to get to them. Could someone just delete the ones i don't need and maybe write it some that I do? Please? Thanks so very much! margie
 
No HKCU:Run ehTray.exe Microsoft Corporation C:\Windows\ehome\ehTray.exe
No HKCU:Run FileHippo.com FileHippo.com "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
No HKCU:Run Google Update Google Inc. "C:\Users\Russell\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Yes HKCU:Run GoogleDriveSync Google "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
Yes HKCU:Run HijackThis startup scan Trend Micro Inc. C:\Program Files\Trend Micro\HiJackThis\HijackThis.exe /startupscan
No HKCU:Run Media Fairy Pro "C:\Program Files\Media Fairy Pro\MediaFairyPro.exe" /opentotray
Yes HKCU:Run Sidebar Microsoft Corporation C:\Program Files\windows sidebar\sidebar.exe /autoRun
Yes HKCU:Run Windows Media Center Microsoft Corporation RunDLL32.exe C:\Windows\eHome\ehuihlp.dll,BootMediaCenter
Yes HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe
Yes HKCU:RunOnce FlashPlayerUpdate Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex
No HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
No HKLM:Run Adobe Reader Speed Launcher Adobe Systems Incorporated "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
No HKLM:Run dscactivate C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
No HKLM:Run ECenter C:\Dell\E-Center\EULALauncher.exe
No HKLM:Run Immunet Protect Immunet "C:\Program Files\Immunet\3.0.8\iptray.exe"
No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run MSC Microsoft Corporation "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
No HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe
No HKLM:Run TkBellExe "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
Yes HKLM:Run Windows Defender Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Yes HKLM:Run Windows Mobile Device Center Microsoft Corporation %windir%\WindowsMobile\wmdc.exe
Yes HKLM:Run WPCUMI Microsoft Corporation C:\Windows\system32\WpcUmi.exe
Yes HKLM:RunOnce SpybotSnD Safer Networking Limited "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
Yes Startup Common NETGEAR WNDA3100v2 Genie.lnk NETGEAR C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
No Startup Common VPN Client.lnk C:\Windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico -user_logon
Yes Startup User VZAccess Manager.lnk Smith Micro Software, Inc. C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users