Help with malware/virus

[JJ1]

i tried to run 8 step and only thing i was able to run were superantispyware and ccleaner. viruscan and malwarebytes error out. can some please help? heres a hijackthis log

 

[kimsland]

Run HJT again with Scan Only
Check (tick) the following entries and then select FIX

O4 - Global Startup: Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)

O20 - AppInit_DLLs: c:\windows\system32\sejuvoma.dll,humerago.dll

Close HJT

Restart

Now try running and updating Malwarebytes and SUPERAntispyware
Then provide all 3 logs again

Note: I'm not a biggy on McAfee, actually I just don't like it
My feeling is you should uninstall it normally, then run the >> McAfee Removal Tool
Restart

Update (being the key word ) to the much better Antivirus >> Free Avira
Download; Install; Update; Run a full scan > And then watch how Avira finds and removes Viruses that McAfee missed

I'd do that

 

[JJ1]

thank you for your response. i installed antivir and it still didnt run. i was able to get malwarebytes to launch by changing extension so here are the 3 logs. thx

malwarebytes and superantispyware will not clean those files

 

[kimsland]

Please uninstall SUPERAntiSpyware, through Control Panel > Add/Remove Programs

Then run IE Reset Fixit Tool:

Or manually from here https://www.techspot.com/vb/post682762-2.html
Then restart Internet Explorer


Combofix:

• Download Combofix to your desktop.
• Disable your Antivirus (as Combofix will remove any found malwares)
• Double click ComboFix & follow the prompts.
• A window will open with a warning. Just follow the prompts
• When the scan completes it will open a text window. Please attach that log back here

Also restart and provide a fresh HJT Scan log

2 Attachments required
Note: HJT Scan must be done after Restart

 

[JJ1]

everything is running now thx

heres log.

 

[Bobbye]

O4 - Global Startup: Corel Desktop Application Director 8.LNK = C:\Corel\Suite8\Programs\DAD8.EXE

The process DAD8.exe is a legitimate process for the Corel Desktop Application Director 8. It doesn't need to be removed, but doesn't need to start on boot and run in the background.

 

[kimsland]

everything is running now thx

No probs :grinthumb

I didn't look at the 1 log though

But if you are happy with that , then all done

 

[JJ1]

dad8 is back and all is good. thx for your help

 

[kimsland]

Glad to hear See you next time :grinthumb

 

[kritius]

What about that ComboFix log? Do you also really want to leave ComboFix on their system??

 

[kimsland]

There's no Combofix log. I can only work from logs. I cannot remove what isn't there

 

[kritius]

I know that, you asked them for it earlier, if ComboFix was run you want to see the log. If it wasn't run then you at least want to remove it.

 

[kimsland]

I tried to explain this to Bobbye in PM too
If the member is happy with the result, and does not want to follow what I have stated, then who am I to argue with them
Maybe someone else was there and fixed it all up, or maybe he just doesn't want anymore support
I'm happy with that, if they are. Personally I would have felt best they just followed what I asked, but again they're not interested it seems. So be it.

 

[kritius]

You don't ever want to leave ComboFix on someones computer though, that is the point, too many bad things can happen with it.

ComboFix /Uninstall is all it takes to remove it.

 

[kimsland]

But the log hasn't been viewed yet

Anyway enough of this bickering, we agree to disagree as per usual

 

[Bobbye]

JJ1 (dad8?) you shoiuld remove the cleaning programs> please follow this:


Uninstall ComboFix.exe And all Backups of the files it deleted

• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  

Remove all of the tools we used and the files and folders they created

• DownloadOTCleanIt by OldTimer
• Save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.

The tool will delete itself once it finishes.

If you are prompted to Reboot during the cleanup, select Yes.


You should now set a new Restore Point to prevent infection from any previous Restore Points. The easiest and safest way to do this is:

• Go to Start > All Programs > Accessories > System Tools and click "System Restore".
• Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
• Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
• Click "OK" to select the partition or drive you desire.
• Click the "More Options" Tab.
• Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

More details and screenshots for Disk Cleanup in Windows Vista can be found here.

Stay clean! Let us know if you need more help.