Avira found TR/VB.aqt.58

[sirpa]

Some weeks ago avira antivir found the trojan TR/VB.aqt.58 and it said it deleted it. but now my computer keeps freezing during the startup (sometimes it works though), sometimes I get a note saying that windows couldn't be loaded due to a hardware or software failure and I get some options (insert windows installation disc/ run safe mode/ start normal mode if the power went off during startup). I attached the logs from the 8 steps and the antivir log.
please help.
oh, um, I'm using windows vista.

 

[B00kWyrm]

Just a suggestion...
You might get more results from the board if your results were posted in English instead of German.

AFAIK... Board rules are "English only".
And my scant German only allows me a cursory understanding of your logs.
With my being a hobbyist rather than an IT professional,
my helpfulness to you would be limited to begin with.

 

[sirpa]

ah, right, i didn't think of that. thank you for the hint ^_^
and sorry for being so unperceptive. i'll do the logs again.


here are the english logs

 

[kimsland]

Close all open programs
Run HijackThis scan only
Check the following entries
Then select Fix
Close HijackThis and restart

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-25/4 (file missing)
O9 - Extra button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-15/4 (file missing) (HKCU)
O13 - Gopher Prefix:

Download Combofix to your desktop.
Lots of info on its use h e r e
Direct download h e r e

Locate the downloaded Combofix. Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)
ComboFix will also restart your computer (eventually) and then (eventually) create a log

Save this log file to be attached to a new reply

Restart

Then do another scan with HJT (scan and log file) and attach this to a new reply as well

 

[sirpa]

thank you for helping me and sorry for not having replied so long. i'll check the thread more often now

 

[kimsland]

Looks clean to me :grinthumb

You can check and fix these three in another HijackThis scan, just to make your system start a little faster

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

Clear & Reset System Restore's Cache

Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply, and then OK

Un-install Combofix

• Click START then RUN
• Now type Combofix /u in the runbox and click OK
• 
• Your Antivirus may prompt you to continue - ok

(Note: 1 space after ComboFix in that uninstall command)

Restart

All done

 

[sirpa]

thank you so very much, you're a saint

i wish you a joyful easter time/ pleasant weekend!