My system got infected

[jessa_jr]

Hi there good day. My pc is infected with a downloader and a win32 virus. I already scanned it using hijackthis, combofix, avg anti-spyware and avast but my system is still infected.

I found a downloader and fix it when I scanned it using avg anti-spyware but I can fix the problem and still the system is infected. And also the virus disable my add remove program and the system restore setting and I can't turn it off.

Attached is my hjt log.

Thanks in advance.

 

[howard_hopkinso]

Your system is infected with a variety of malware.

Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

If after reading the above, you wish to clean your system, do the following.

Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

Also, let me know the results of the Panda Antirootkit scan.

Regards Howard

This thread is for the use of jessa_jr only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[jessa_jr]

Logs

Here are my logs.

And also I can't remove the google toolbar in the add remove program

Kindly help thanks

 

[howard_hopkinso]

I don`t know why you found it necessary to post log files I didn`t ask for and not to post the results of the Panda Antirootkit scan that I did ask for.

It also appears you haven`t run the Vundofix tool from the instructions. Why is this? I suggest you run it ASAP.

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code:

File::
C:\WINDOWS\system32\drivers\mqpnlalgipov.sys
C:\windows\system32\xlibgfl254.dll
Folder::
C:\FOUND.015
C:\FOUND.014
C:\FOUND.013
C:\FOUND.012
C:\qoobox

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.

Regards Howard

This thread is for the use of jessa_jr only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[jessa_jr]

fresh logs

Im very sorry for not following the instruction I thought that the other logs will help you to easily determine the virus.

And I already scanned it using vundo fix before I post the logs and the panda Anti-rootkit dont scanned any rootkit at all.

Thanks hope to get back from you as soon as possible

Regards

 

[howard_hopkinso]

All clean.

Delete the following folder.

C:\qoobox

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of jessa_jr only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[jessa_jr]

Thanks

Thank you always

Regards

This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

Only the original thread starter can do this. Anyone else, will be ignored.