1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PC up and runnig no task bar but vivamex and zinblog still hanging around pls help

Discussion in 'Windows - Virus and spyware problems' started by tino2003, Apr 27, 2007.

  1. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    Okay, we'll have to do this the hard way...

    Go to Start Menu and open up My Computer. In the Address Bar (where the URL would be if you were accessing a website) copy and paste the following:

    C:\WINDOWS\regedit.exe

    Regedit should come up, follow the instructions above. I'll look at your Uninstall List in a while, kind of preoccupied right now :)
     
  2. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    I could not acces it when I click my computer. That brought up my C and other drives. So I went back and open a web site and inserted the address C:\WINDOWS\regedit.exe Got a disallowed message.

    Accessing the source C:\WINDOWS\regedit.exe has been disallowed.

    Thanks
     
  3. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    Copy this post into a Notepad or Word document and save it on your desktop to look at as we go through the fix. This is because we will be in Safe Mode. Also, follow directions in this post instead of my last one.

    Damn Viva TermeX... so thorough...

    We will have to do this the very hard way, then....

    Disable System Restore.

    Open the Start Menu, and open "All Programs". Go to Accessories > Notepad.

    Now, paste the following quotebox exactly as it appears (without the word "Quote:") into the Notepad document:

    Go to File > Save As. Type "FixReg.VBS" in the File Name box, and in the "Save as Type" box, change "Text Documents (*.txt)" to "All Files". Save it anywhere you want, such as the desktop.

    Reboot your computer into Safe Mode (use the F8 method, it is easier). When you have started up in Safe Mode, double-click on FixReg to run the file.

    Open Regedit via Start > Run or C:\Windows\regedit.exe. Double-click on HKEY_LOCAL_MACHINE. Then:

    1. Click on the + beside SOFTWARE.
    2. Click on the + beside Microsoft.
    3. Click on the + beside Windows.
    4. Click on the + beside CurrentVersion.
    5. Click on Run.
    6. Many files should appear in the right. Look for the following:

    Task Manager = "%Windows%\svchost32.exe"

    7. Right-click on the file and press "Delete".

    If you don't find the file, don't panic :)

    8. Scroll all the way back up in the left panel and double-click on HKEY_CURRENT_USER. Follow steps 1 and 2. Then, press the "i" key on your keyboard and look for Internet Explorer; press the "+" button beside it. When that folder has opened, press the "m" key and click on "Main". In the right pane again, right-click on this entry and press "Delete":

    Window Title = "Viva TermeX !"

    9. Now, find HKEY_CURRENT_USER>Software>Policies>
    Microsoft>Internet Explorer. When you get there, click on "Control Panel". In the right, delete:

    HomePage = "1"

    10. Follow step 9, except with HKEY_CURRENT_USER>Software>Yahoo>
    pager>View as the path. When you get there, click YMSGR_buzz and delete:

    content url = "http://www.{BLOCKED}cities.co.jp/thanatos18388"

    11. Almost there! Follow step 10 but at the last step, click on YMSGR_Launchcast and delete

    content url = "http://www.{BLOCKED}cities.co.jp/thanatos18388"

    12. Close Regedit :)

    Do not reboot into normal mode yet.

    This procedure restores the Internet Explorer home page to the default settings.

    1. Close all Internet Explorer windows.
    2. Open Control Panel. Click Start>Settings>Control Panel.
    3. Double-click the Internet Options icon.
    4. In the Internet Properties window, click the Programs tab.
    5. Click the Reset Web Settings… button.
    6. Select Also reset my home page. Click Yes.
    7. Click OK.
    8. Now, restart your computer, this time without Safe Mode.

    Now, go here and scan. When the scan finishes, post a log/report of that scan. Also, post a fresh HijackThis logfile.
     
  4. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Cannot turn off "System Restore" it is greyed out. I went ahead to safe mode but "RegEdit" is not there.
     
  5. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    What do you mean by "RegEdit is not there"? I don't understand. Could you explain?
     
    Last edited: May 5, 2007
  6. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    You instructions......

    Reboot your computer into Safe Mode (use the F8 method, it is easier). When you have started up in Safe Mode, double-click on FixReg to run the file.

    Open Regedit via Start > Run or C:\Windows\regedit.exe. Double-click on HKEY_LOCAL_MACHINE. Then:

    It is not there to click on.
     
  7. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    Regedit and HKEY_LOCAL_MACHINE are different things. HKEY_LOCAL_MACHINE is a folder in Regedit. Go to Start > Run and type Regedit. Press enter. If you cannot do this, open My Computer. Go to the C drive, and double click on the WINDOWS folder. Regedit should be there. If not, then report back to me.
     
  8. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Yes, it is there.
     
  9. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    Then do the steps that I told you before :)
     
  10. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Sept #4 Click on "Current Version
    Step #5 Click on "Run" is not there.

    Clicking on Current Version brought up "Ëxplorer".
    clickiing on Explorer brought up "Browser".
     
  11. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
    Do the other steps and post a fresh HijackThis log. Ignore that for now.
     
  12. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Fredil, isn't that the reason we are at this point because the other steps did not have the links to go forward?
     
  13. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Fredil I was getting paranoid from all this and had to take a break. I am refreshed now. Can you give me the dates of the steps you are referring to?
     
  14. Fredil

    Fredil Regular member

    Joined:
    Jul 19, 2006
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    26
  15. scorpNZ

    scorpNZ Active member

    Joined:
    Mar 23, 2005
    Messages:
    4,261
    Likes Received:
    63
    Trophy Points:
    78
    All hp machines come with two partitions the small FAT32 partition contains your system recovery options,on boot up do you see at bottom of screen this wording F10-RECOVERY OPTIONS there is also this in the program files list "PC HELP & TOOLS" both are used to give 3 types of recovery
    1-system restore
    2-system recovery but leaves folders of 3rd party software intact but will still need to be re-installed
    3-destructive system recovery=full reformat
    look in your comps manual or the help section in the programs list for recovery options if pushing F10 on boot does'nt work,or go to HP's website for your comp and look up "how to" perform system recovery so it's back to factory shipped condition

    my advice do a full destructive reformat you can also get a free cd of SP2 from microsoft to save downloading it thru auto updater,save anything you need to rom or external hdd,any emails that contain attachments should be deleted unless you can run them in sanboxie or in a virtual partition in case they are responsable for original infection,when reformatt is finished make sure you have firewall enabled go directly to microsoft update and DO NOT LEAVE untill the comp is completely updated after numerous restarts as per instruction from update site,then go get antivirus avg is free,then go get "spyware terminator" ad-ware real time scanner it's free also.

    PS: @ Fredil you've done your best but it seems tino is more a beginner in computer stuff as the instruction you've given should've fixed it in your first few posts it's now been x amount of days as well
    regards
    scorp

     
  16. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Yes Scorp, you can cay that haha. I am a beginner because I am not involved in pc repair. It was ok when it was MS DOS but since Windows was created I got left behind hahaha. I execute my searches, respond to emails etc that's it. I know how to do a system restore but cannot risk losing any anything, I have too many importment website favorites to use any type of system restore. But thanks very much for your help.
     
  17. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    Gredil, I will retry everything you gave me over the weekend when I am not so busy. I think your last instruction gave me an inkling of what I am looking for.

    Thanks
     
  18. scorpNZ

    scorpNZ Active member

    Joined:
    Mar 23, 2005
    Messages:
    4,261
    Likes Received:
    63
    Trophy Points:
    78
    Anything you want to keep can be burnt to a cd or dvd,preferably a cd-rw or dvd-rw

    System restore & system recovery are two different things and should not be confused,a system restore only reverts to a restore point to a previous time or day and nothing is lost (imo it's a waste of hdd space...lol..),a system recovery wipes the hdd clean i.e reformat



    When you get the comp back in order go to tech republic and sign up, also sign up for the following emails from them, this will put you on the road to teaching yourself about xp and any other computers,you'll find numerous articles can be downloaded and saved,for small screenshots of tips use mwsnap it's a free screen capture software,there's heaps of other downloads at download.com or freewarefiles.com or major geeks


    ok at tech republic sign up for these,don't argue or i'll come over and kick your ass :p
    daily digest
    IT News Digest
    windows xp


    below is a link to a stack of useful tips from pc mechanic,just search thru the links at left side of page and use the screen capture utility to make captures of any area with the mouse
    http://www.pcdailytips.com:80/

    Lastly invest in another hdd you can use norton system works professional 2004 or just get norton ghost or use acroins true image,these softwares are for copying your original hdd to a new one,which means you can have a complete backup of your system,simply switching hdd's can have you back up and running in seconds if the first hdd turns to custard as has happened,using this method to copy a hdd of 100GB's of data will take less than an hour ,ok below is a link to a site that specialises in ghosting or more correctly "drive imaging" http://radified.com/cgi-bin/yabb2/YaBB.pl
     
    Last edited: May 10, 2007
  19. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    I will work on that, thanks.
     
  20. tino2003

    tino2003 Member

    Joined:
    Apr 27, 2007
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    16
    ScorpNZ thanks. That is too technical to save to cd or dvd I would have to read up on instructions to refresh my memeory. When I first both the machine I was excited about writing to CD and DVD but I got involed in the mortgage industry and have been trying to be successful with that. Now I don't have time to read up on all that stuff. What I am getting from Fredil I can cope with. I gave you my excuse please don't come kick my ass? lol.
     

Share This Page