nevermind, saw the answer to my question in one of the pictures.

Make sure to disable any AV or Spyware protection before running this tool

Ok, here are the combofix and HJT logs

Attached Files

	combofix log.txt (21.6 KB, 1 views)
	hijackthis log.txt (14.1 KB, 1 views)

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version. Then reboot into safe mode by rebooting then start tapping the F8 key you will get the advance option select safe mode then load run the program
• Once the program has loaded, select "Perform Full Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

I have the same problem as Dave. Can you check to see if my HJT log is clean. The windows doesn't pop up anymore after I ran malwarebytes twice, and then deleted helper.sig and the folder. However, my computer restarts randomly.

Thanks.

Attached Files

	hijackthis.log (13.6 KB, 1 views)
	mbam-log-08-23-2008 (13-09-53).txt (8.1 KB, 0 views)
	mbam-log-08-23-2008 (15-03-52) v2.txt (2.6 KB, 0 views)

Here is the MBAM log

Attached Files

mbam-log-08-24-2008 (09-16-12).txt (1.4 KB, 10 views)

HKEY_CLASSES_ROOT\main.bho.1 (Trojan.BHO) -> No action taken.

Ok, so what do I do with that and these?

Files Infected:
C:\Program Files\Common\helper.dll (Adware.BHO) -> No action taken.
C:\System Volume Information\_restore{E4FBD1B3-1970-40BB-936B-F702FFF64F9F}\RP1646\A0757445.vxd (Adware.Winad) -> No action taken.
C:\System Volume Information\_restore{E4FBD1B3-1970-40BB-936B-F702FFF64F9F}\RP1648\A0758353.dll (Adware.BHO) -> No action taken.
C:\System Volume Information\_restore{E4FBD1B3-1970-40BB-936B-F702FFF64F9F}\RP1648\A0759353.dll (Adware.BHO) -> No action taken.
C:\System Volume Information\_restore{E4FBD1B3-1970-40BB-936B-F702FFF64F9F}\RP1648\A0760353.dll (Adware.BHO) -> No action taken.

I just rebooted and helper.dll is gone but helper.sig and _helper.sig still remain

Do a Google search for {AFD4AD01-58C1-47DB-A404-FBE00A6C5486}
and follow the link to my blog (it should be one of the first links; probably the second one), where you will find a method to get rid of this pain.

I am not allowed to post links yet, so I have to apologize for the indirect approach.

xxdanielxx, any word? Should I trust Metallica and go to his blog? I havent yet...just seems fishy to me

Ask Daniel who is teacher is at GeekU.

I can't post any direct links because on this board you have to have 5 posts first.
But I have been fighting malware since 2002 and have been awarded by Microsoft with a MVP award.

Dave, once helper.dll was gone. I just deleted helper.sig and the folder and it never came back. However, I'm not sure if the virus is gone still. I'm trying to get someone to verify my HJT log.

Yes

Cool, Ill head over there and check it out...


Ok, got the program and script and ran it...here is the log

Attached Files

BFUlogdeepdive.txt (1.5 KB, 2 views)

Its gone!! Finally! Thank you xxdanielxx and Metallica! I really appreciate it! Sharkie, go to Metallicas blog to remove helper.dll and .sig. If you have any other bugs get the programs xxdanielxx told me to do and run them.

Again, thank you both!!!

You're welcome.

anytime I will be back after I am done with training.

Hi, I have been struggling with the same problem! Is there someone who could give me some advice as what to do please? My computer's performance is getting worse and worse.


I just ran hijackthis and am attaching the log file. Please could someone take a look at it!

Attached Files

hijackthis 12-12-08.txt (9.0 KB, 1 views)

Please open a new thread for your computer problem. Be specific about the symptoms you're seeing