gibnihtmus, I'll help with the malware. The scan that you were instructed to run served no purpose at this point:
1) I have noticed that there is no antivirus program running
Good security demands, in part, that you have an up-to-date antivirus program. This protects the system against viruses, Worms and some Trojans. Without this protection, the system is more vulnerable to attacks. Since you do not have an antivirus program, please consider installing one of the following programs- Note: You should have only one antivirus program.
Both of the following programs are free and known to be good:
Avira Free
OR
Avast Home
Please reboot the system after the installation is complete.
Once the programs is installed, you should
check for updates immediately.
2) P2P or 'file sharing Warning:
I see that you are using
BearShare File Sharing Client
Note: Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall
BearShare File Sharing Client for the following reasons:
- As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
- Malware writers use these program to include malicious content.
- Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
- The 'sharing' also includes malware that the shared system has on it.
- Files that are illegal can be spread through file sharing.
Please read the information on
P2P Warning to help you better understand these dangers.
3) The system has Spybot, which is a spyware/adware program. It run a
Real Time Protection (for spyware)
TeaTimerthat you will need to disable while scanning:
- Right click the TeaTimer icon in the system Tray
- Then click Exit Spybot-S&D Resident
- (One you are clean you can restart TeaTimer by going to C:\Program Files\Spybot - Search & Destroy, and double clicking on TeaTimer.exe
There are several Trojan Vundo files: Please do the following:
4)] Please download ComboFix HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it. Then sve to your desktop.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Double click on the setup you saved to the desktop to Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
5)Run Eset NOD32 Online AntiVirus Scanner HERE
Note: You will need to use Internet Explorer for this scan.
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt Please include this on your post.
6)Rescan with HijackThis
Summary in order of importance:
[1]. Get running antivirus program in system.
[2]. Remove P2P pragram
[3]. Disable TeaTimer
[4]. Run Combofix ( attach report)
[5]. Run Eset scan (attach log)
[6], Rescan with Hijackthis (attach new log)[/u]
Include the reports and logs for all of the above in your next reply.