Getting a lot of popups

[sunny1120]

Can you guys please help me with the following.

I was getting lot of popup windows all of a sudden on my laptop yesterday .When i ran yahoo spyware it showes lot of Tracking cookies and also darksma downloader.

Luckily i found this website and performed all the 8 Steps to clean Spyware and now i do not see Darksma but still see lot of Tracking cookies also do not see lot of pop up windows now(Still getting).

attaching all the Logs here.Can you guys please let me know if my laptop is treated now or still infected.

Really appreciate your help.

Thanks
Sunny

Moderator edit:
Removed pasted log
All logs must be attached

 

[Bobbye]

Sunny, I'd like to make an observation- it may be a while before someone can get to your logs. I looked at them You are badly infected and you have WAY too many programs and processes loading! It takes hours to go through logs of such a length- Franky I don't know that I've even seen a computer with so much "stuff" on it!

Some of the infections found require a reboot to remove. Did you do that?
There is malware in the System Restore points. Do Not use system restore.

You are running an enormous number of Lenova processes. Are you using all of them? Or did they just come with the computer?

You also have both McAfee and Symantec antivirus. You should only have one AV program.

You show connections through both Comcast and Verizon and you have a VPN through Nortel.

It might do you well to review the programs you have installed in Add/Remove Programs in the Control Panel> Uninstall those you don't use. If you don't know what a program is or does, look it up and decide if you're using it.

 

[sunny1120]

spyware/Virus

Thanks Bobbye.

All the Lennovo processes came with the computer. I have not installed any process.
I had Symantc antivirus and i have un installed it and installed Macafee.I do not know why the log is still showing symantec info.

Yes, i use Nortel VPN connection to connect to the client.

I have uninstaqlled all the unused programs as far as i know(except the ones which came with the Laptop) before generating the Hijakthis Log.

Before running the Hikack this log i ran Malaware bytes and Super antispyware and currently i do not get any popups.

Please suggest me to get rid of thease infections.Really appreciate your help.

Thanks
Sunny

 

[rf6647]

It appears that you did not react to the findings in MBAM. A restart of the computer was needed. This explains HJT scan still detects it.

MBAM > vopyzx.dll (Trojan.Vundo) -> Delete on reboot.
HJT....> O20 - AppInit_DLLs: vopyzx.dll

Update MBAM & SAS.

Scan with MBAM - twice. React to 'reboot' if present in the log. The repeat will confirm the cleaning & inform if other infections have been uncovered.

Scan with SAS & HJT.

Post logs & describe progress & symptoms still present.

 

[sunny1120]

updated HJT Log

Thanks rf6647.

Please find the updated HJT log as an attachment.

Ran HJT after removing the programs which i know and after running MBAM and SAS .

Please let me know if this log looking any better.

appreciate your help.

thanks
Sunny

 

[rf6647]

From a malware perspective, your HJT log shows the threat removed. Additionally, O17 entries associated with IPs controlled by Verizon were removed. I cite this because O17 changes are almost never needed and most often are a direct threat. Sometimes they are an 'easy' accommodation and a sacrifice of some security. I do not expect this will effect your internet connections with Verizon sites.

It appears you chose to remove Symantec/Norton protections. This link is the 'Scrubber tool' that removes all remants.

I borrow the text from Blind Dragon for clearing System Restore from infected copies ( this is the pretty view)

clear system restore points
 This is a good time to clear your existing system restore points and establish a new clean restore point:
 Go to Start > All Programs > Accessories > System Tools > System Restore
 Select Create a restore point, and Ok it.
 Next, go to Start > Run and type in cleanmgr
 Select the More options tab
 Choose the option to clean up system restore and OK it.
This will remove all restore points except the new one you just created.

Bobbye may revisit your startup applications if you express the desire to continue pursuing it. The HJT O4 list is a starting point. Go after the fluff stuff first. Each application under menus for properties/tools/options/etc. should offer a tick-box to withhold it from the startup list and another tick-box to turn off automatic updates. Choose this link if you want to do it yourself

 

[sunny1120]

Thanks a bunch and Next steps please

Thanks a lot rf6647 and Bobbye.You guys really saved me.struggled 2 days before visiting this site.

rf6647, as you said Will be clearing the infected restore points and create a new one.

Bobbye,Can you please help me when you get a chance with the startup applications from the latest Hijack log to see if every thing is fine?

Also i am not getting any popups now. That means is this laptop cured?

Really apreciate your help.

thanks
Sunny