Good Day! Please review my HijackThis log - pop-ups are killing me!

[icepulse]

Hello to all on the boards.

I've just been struggling to remove some NASTY Vundo Malware from my rig, and nothing is helping me! I've run VundoFix and HouseCall, AVG, Ad-Aware, Spybot.... nothing is keeping this away. Keep getting browser pop-ups, on sites that don't have 'em. (i.e. Google).

Could anyone please analyze the attatched HJT log file, and suggest something? Thank you very much in advance.

Oh, I'm running XP Pro SP 2.

 

[kitty500cat]

Hello and welcome to TechSpot.

You're running HijackThis from the wrong location. You need to move the DO IT.exe file into its own folder, such as C:\Program Files\HijackThis.

Then go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.

Regards

This thread is for the use of icepulse only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.

 

[icepulse]

OK. It took me half the day, but here we go.

Please note that I followed all instructions to a "T", but the AVG Spyware would only allow a "delete" option, although I checked "Quarentine" as my default action. It shows 54 cookies, all found within a single ".ar" file. consequently, the delete failed. Please see attached my AVG Antispyware, Combofix and HJT logs attached. The AVG Antirootkit scan yielded no result at all.

Thanks again.

 

[tomrca]

these can be fixed.

O2 - BHO: (no name) - {65B70876-49E3-4584-8100-36D3AB06B394} - C:\WINDOWS\system32\vtstu.dll (file missing)
O2 - BHO: (no name) - {A831AB69-2707-4357-829B-B8F8EEF63F1C} - C:\WINDOWS\system32\ddccb.dll (file missing)
O2 - BHO: (no name) - {AD8B61A8-2B10-4A79-B694-D5E3BFB9CDE6} - C:\WINDOWS\system32\vturr.dll (file missing)
O2 - BHO: (no name) - {CFEE714A-2809-4BD1-B85C-02E31F9AC408} - C:\WINDOWS\system32\vtsqn.dll (file missing)

Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. Especially If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc.

O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - Crogram FilesPlotSoftPDFill\DownloadPDF.exe

16 - DPF: {5879B3B0-566E-4ECB-9B77-9A8A5E62AAB8} (DeviceMon Class) - http://www.blackberry.com/DST2007/patch/desktop/DSTUpdateLoaderUSB.cab

please post the avg antispyware log

 

[icepulse]

Thank You All!!!