I have a machine infected with the System Security malware. I have attached the logfiles from my HJT scan and the malwarebyte scan. Any help would be greatly appreciated.

Attached Files

	hijackthis.log (12.0 KB, 2 views)
	mbam-log-2009-02-19 (22-39-08).txt (1.4 KB, 4 views)

Perform the TechSpot 8-Step removal process exactly:

UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions

then get back to us with your logs for someone to analyze.

TechSpot 8 steps: http://www.techspot.com/vb/topic58138.html

Skip no steps (do not install another virus scanner if you already have one, ask me before installing a Firewall).

Most importantly update MalwareBytes and SuperAntiSpyware!

Do the above but first since you already have MBAM run it again as it found and removed some of the System Securty Malware but may find more on another run.

Then get SAS run and log posted!

mike

OK, I did all eight steps. I have attached the requisite logs.

Attached Files

	mbam-log-2009-02-20 (11-15-10).txt (834 Bytes, 2 views)
	hijackthis.log (11.9 KB, 1 views)
	SUPERAntiSpyware Scan Log - 02-20-2009 - 10-35-58.log (1.7 KB, 1 views)
	Symantec risk history.txt (6.0 KB, 2 views)

OK that finished them off!

To be sure do the 2 operations below...

Download SDFix to Desktop.

http://downloads.andymanchesta.com/R...ools/SDFix.exe

On Desktop run SDdFix It will run (install) then close.

Then reboot into Safe Mode

As the computer starts up, tap the F8 key several times.

On the Boot menu Choose Safe Mode.

Click thu all the prompts to get to desktop.

At Desktop
My Computer C: drive. Double-click to open.

Look for a folder called SD Fix. Double-click to enter SD Fix.

Double-click to RunThis.bat. Type Y to begin.

SD Fix does its job.

When prompted hit the enter key to restart the computer

Your computer will reboot.

On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.

Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Attach the Report.txt file to your next post.
=========================================
Download ComboFix

NOTE: If you have had ComboFix more than a few days old delete and re-download.

Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike