Another 8 step problem & win32/heur virus

[manu060475]

I need help.

I tried to do the 8 step, but I'm not able to do anti-malware and SuperAntiSpyware.
I followed the first step, mentioned for misterzacho. I run combofix.exe.

I hope I deleted my P2P correctly, if not, it's not intenially (?). I'm just not sure.

try to attach those information and hope someone can help.

Problems I have, include restore point not working, my cd/dvd drive not working, web address bar changes, sometimes I'm not able to go to my pages, or error - link is broken.

just try to push my post up.
Can anyone help?

ok, just tried Anti-malware and superAntiSpyware and it worked
Logs are attached.

 

[touch]

Hello manu060475

Update malwarebyte, run a complete scan. Have it to fix what it find

Please attach fresh hijackthis log, along with new malwarebyte log

NB. If you haven´t removed Bittorrent, do it now, before posting the log´s

 

[manu060475]

Thanks touch, finally someone answers.

I did remove bittorrent, but it still comes up in my lists. I'm no longer able to use it, it's just an empty icon on my programm lists.
I tried to remove AVG as well, just to get maybe Avira, it doesn't let me.

I just bought an external harddrive today, hoped to transfer my fotos and some very important files, but it comes up with a message saying: Windows - No disk, Exception Processing Message x00000013 Parameters 75b6bf7c 4 75b6bf7c 75b6bf7c. No idea what that means either. It starts to annoy me, as it keeps coming up every single minute. Can't do something without closing it and it still comes up.

I'm not able to save that malwarebytes log, but it says:
Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 3

29/04/2009 6:56:02 PM
mbam-log-2009-04-29 (18-56-02).txt

Scan type: Full Scan (C:\|)
Objects scanned: 149597
Time elapsed: 30 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Do I actually fix anything on that hijackthis program?

 

[touch]

We´ll leave AVG for now, as you have some infections you´ll have to get rid of.

Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe
And save to the desktop.

Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
File::
C:\WINDOWS\system32\rundll67.exe
Folder::
C:\Program Files\DNA

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[manu060475]

ok, done all this. file is attached.

what do I have to do now? Touch are you here? Can you help?

 

[touch]

I´m here.

The log looks clean. Tell how things are running, and ready to replace AVG ?

 

[manu060475]

got my avg running. should I better change to Avira?

clean logs? Does that mean I'm save to use internet with my logins? Banking as well?

Thank you so much.

 

[touch]

Avira or Avast. Because AVG Free does not contain Anti-Rootkit protection - you decide

It should be safe to use the internet.

 

[manu060475]

thanks again,

 

[touch]

My pleasure

You should Create a New Restore Point to prevent possible reinfection from an old one.
The easiest and safest way to do this is:
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.

Please download OTCleanIt
Save it to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
How did I get infected in the first place

 

[manu060475]

I've done those 2 steps as well.

everything seems to be fine, except my nero express and nero burning rom, they're not existing anymore. Can't find my disc to re-install. I've found a roxio dvd burning software. Is that as good? Do you know?

 

[touch]

It used to be good, And still get good reviews