Malware, adware and trojan help

Status
Not open for further replies.
Hi-
My computer's been hit by some nasty stuff and I'm trying to clean it off. I was looking for some expert advice on my logs and what to do next.
I use Firefox exclusively, but I started getting pop-up ads in IE a few days ago. Also, my bottom taskbar and desktop would disappear. I could restore the system but the same problems would happen again.
After discovering this site, I followed the directions on Julio's preliminary removal instructions, with the following exceptions:
I skipped step 3 (online virus scanner)
I couldn't run Ad Aware in safe mode, so I ran it in regular mode before doing my HJT scan.
Panda found no rootkits.
Attached are the HJT, Combofix and AVG logs.
I don't have any symptoms now, but I am completely freaked out that I've still got a trojan hanging around. I want to avoid reformatting if possible, as I don't have anything high security on my computer.
Thanks a million!!!
Alex
 
Delete these files/folders, as follows:

* Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):

File::
C:\WINDOWS\system32\vkntwobg.ini
C:\WINDOWS\system32\fsbpnkjd.ini
C:\WINDOWS\system32\toyhkvtl.ini
C:\WINDOWS\system32\efcdcax.dll.vir

* Save this as CFScript on the desktop.
* Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!

CFScript.gif


* ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang

-----------

Download Superantispyware (SAS) SUPERAntispyware Free Edition

Install it and double-click the icon on your desktop to run it.
* It will ask if you want to Update the program definitions, click Yes.
* Under Configuration and Preferences, click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked:
  • Close browsers before scanning
  • Scan for tracking cookies
  • Terminate memory threats before quarantining.
  • Please leave the others unchecked.
  • Click the Close button to leave the control center screen.
* On the main screen, under Scan for Harmful Software click Scan your computer.
* On the left check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK.
* Make sure everything in the white box has a check next to it, then click Next.
* It will quarantine what it found and if it asks if you want to reboot, click Yes.
* To retrieve the removal information please do the following:
  • After reboot, double-click the SUPERAntiSpyware icon on your desktop.
  • Click Preferences. Click the Statistics/Logs tab.
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • It will open in your default text editor (such as Notepad/Wordpad).
  • Save the notepad file to your desktop by clicking (in notepad) "File" "Save As"
* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
* Please add the log as an attachment along with a new HijackThis log in the next post.

-----------

Please post a new HijackThis log also.
 
Delayed reply

Sorry, my internet went down right after running the superspyware and getting all the logs.
Anyway, here is the superantispyware and HJT log.
If you have any ideas about the internet issue (details follow) feel free to comment.
After loading and running superantispyware my wireless internet went funky...my computer would say that it was connected, and it would have a valid IP address, everything would seem fine with the connection but when I would open Firefox it would seem to be loading my homepage, say done and the page would be completely blank. I think I'm connected because my widgets and programs will update, but for some reason my browsers aren't getting content. I tried IE also and it was the same thing.
Anyway...thanks for your help and happy holidays.
Alex
 
Status
Not open for further replies.
Back