Infected Virus, Followed Guide, See Logs

[Wob]

I followed the 'Viruses/Spyware/Malware, preliminary removal instructions' guide to the tee and I am still having the same symptoms.

At first I had thought that it was the same Vundo Trjoan that I have had before and I used bbayles. googlepages.com/antivundo.html to remove it, I no longer get the symptoms of that particular trjoan(unable to load high-traffic web sites.). Now my symptoms are not as easy to point out, it just seems like everything is slower, multiple tabs open on one explorer causes firefox to crash. Internet and computer are both very slow, I can't find a .exe in processes that's connected to any virus.

I am almost positive that I know exactly where the virus came from, the exact file if that makes any difference.

 

[Wob]

Just a little update here. Over the last few days I have been running my AVG System Scan, SSD, SuperAntiSpyware, CC Cleaner, VundoFix, and MalwareBytes every day and they never show any found infections.

It just came to my attention that when I try to load certain forums, such as this form my firefox will crash. This does not happen on all websites, mainly just forums, I am able to browse most websites fine, just really slow. My computer in general is still somewhat slow but when browsing it is very slow. Once again, any help would be greatly appreciated, I can post the new logs if someone requests that, they should be close to the same as the ones posted above. Thanks.

 

[rf6647]

Here is a bump.

Timestamp for HJT log indicates it was run before malware was quarantined.

Malware Removal Procedures have been updated.

No one has confirmed my view that FireFox has performance issues. This view is based on posts @TS and not personal experience. It could be that FF is finding deficiencies at web site not meeting standards.

 

[Blind Dragon]

I am having no issues with firefox at all - and that's while downloading a huge file, streaming music, and working on my website with file transfers going - all through firefox except the filezilla transfers

my page load time here is under 1 sec

Especially if you are crashing firefox - I would say we need to check what version you have as they just released an update - or it could be related malware messing up firefox browsers

rf6647 is correct though you need to do a fresh hijackthis

================================

I didn't notice until just now that you ran combofix already

FireFox -: Profile - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\qb4cuhoy.default\
FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npDyyno.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF -: plugin - C:\Program Files\Yahoo!\Shared\npYState.dll

That looks like a fake profile setup with fake plugins, but you tell me?

----------------------------------------------------------------------------
Next, these don't look like folders I would want in my %system%:
C:\WINDOWS\system32\evil.5
C:\WINDOWS\system32\evil.6
C:\WINDOWS\system32\evil.4
C:\WINDOWS\system32\evil.3

 

[Bobbye]

Just a little update here. Over the last few days I have been running my AVG System Scan, SSD, SuperAntiSpyware, CC Cleaner, VundoFix, and MalwareBytes every day and they never show any found infections.

You System Restore points are infected. This showed in the mbam log. They need to be removed.
Registry Keys Infected: 2
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 66>>> most are System Restore
Control Panel> System System Restore tab> CHECK 'turn off system Restore'> Apply> OK> Reboot> Turn SR back on by removing check.

Those 'Evil files are: (Trojan.Vundo) > Quarantined and deleted successfully in mbam.
\VundoFix Backups were also quarantined and deleted.

SuperAntispyware showed you clean.

Combofix removed a significant number of files.

I am also having no problem with latest Firefox. Suggest you run a new HijackThis log to see if any entries remain to be removed. Also suggest you drop ALL the Firefox add-ons, then reinstall one at at time, check system. I'm guessing one or more of those add-ons are causing the crash.