Laptop infected with trojan and adwares

[darrylizm]

Hi,

My laptop had been infected with trojan and adwares, one of which was recent and was particularly active. Symptoms included weird pop ups, disrupting of home pages and thus slowing down surfing speed. I was worried there might be some backdoor trojan. I am using currently using IE and Windows Vista Home Edition 2007.

I have gone through this forum's prescribed 8 steps of clearing the viruses, which is fantastic and seem to be working. I have attached the scan logs here, if anyone would like to analyse and offer further suggestion. I might reformat my laptop just to be safe but would like to check with the experts here first before doing so.

Thanks in advance.

Cheers,

Dar

 

[kimsland]

It's a mess !

Uninstall your AVG Antivirus (Note: AVG7 is now old anyway)
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe

Uninstall Ad-aware (as per stated in the guide)

Run Startup Control Panel and remove any not required startups: (should be most!)

Install Avira free AntiVirus

-> No action taken on MBAM scan, for found issues

Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected. <========= Not Done

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"

By the way, you will need to then restart, and run (and attach) a new HJT log

 

[darrylizm]

Hi again,

Thanks fr the advice.

I think I've probably attached the wrong version of the log earlier today. After uninstalling AVG and installed Avira, and ran the anti-malware scan, my log shows zero infection. And I double checked my earlier log and realised that all of them have been quaruntined and deleted or reboot and deleted.

I ran another hijackthis, as attached here.

Majority of the symptoms seem to have disappeared. I reckon that things are in good shape? Should I proceed to reformat just to play it safe?


Thanks,
Dar

 

[kimsland]

I reckon that things are in good shape? Should I proceed to reformat just to play it safe?

Your choice

Run IE-Reset: https://www.techspot.com/vb/post682762-2.html

Then run Combofix

Download Combofix
Lots of info on its use h e r e
Direct download h e r e

Save it to a location that you can easily find later (in Safe Mode) ie directly to C drive

Restart your computer to Safe Mode (by repeatedly pressing F8 on your keyboard before Windows starts)
Log into your Administrator account
Locate the previously downloaded Combofix
Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)

Once Combofix has finished, save the log file to be attached to a new reply
Restart back to Normal mode, and attach the Combofix log