Security toolbar 7.1

[canisay]

ok first off im new here so hello. and now to my issue my other laptop which i have disconnected from the net has been infected with security toolbar 7.1 windows defender found trojans and removed them successfully then i restarted into safe mode and deleted a file called "activex" to get ride of the IE toolbar that appeared and sent my homepage to some maleware website with like 3 pop-up warnings about infection.
after i did all this i ran several scans on my computer using upto date McAfee and windows defender. i use my computer for internet banking (i have change all my passwords already)and some military sensitive file storage.... nothing secret but i would rather not worry it was getting out. my computer is a dell inspiron running Vista. now before i reconnect to the net should i reformat my hard drive and reinstall my OS since i use my comp for banking and such, and if so how do i do that i know alittle bit about computers but i am by no means on the advanced level. any help would be much appreciated my computer came with these discs

1 drivers and utilities reinstalling portable computer software
2 OS reinstalling vista
3 application reinstalling dell media direct
4 McAfee
5 microsoft works
6 soundblaster for vista
7 roxio
8 snapfire plus

 

[Tedster]

1. Turn off system restore. (some viri are self-regenerating)
2. run your anti-virus and spybot (report what they say)
3. Post your results.

 

[canisay]

ok virus scan came up with nothing... and windows defender came up with a browser modifier. i only thought i would ask cause i read on a post if you use your computer for internet banking or anything personal like that, that most back door trojans cannot be found or completly removed, and that there will always be some part of it in my system. i've had credit card info stolen over the net before and it sucks just trying to make sure i don't let it happen again thanks again for your help

oh and computer is freezing up. screen will go black with mouse still visable and moveable

and i just found a exploit-byteverifiy trojan that is Quarantined

(Moderator edit: Posts merged. Please use the edit button, rather than replying to your previous post where there are no other replies in between. If bumping the thread, please wait at least 24 hours for a reply.)

 

[momok]

Hi canisay and welcome to techspot. =)

I suggest you do the following before doing anything else

Important: Please read this thread HERE before deciding if you should CLEAN or FORMAT your system

Should you decide to that cleaning your system is the best option, please go to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.
Do follow all the instructions exactly.

Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread.
Do not copy and paste your logs if not they will be removed.

Our experts here will tend to your queries thereafter.

Also, please provide the results of the Antirootkit scan


Regards,
momok =)

This thread is for the use of canisay only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.

 

[canisay]

ok well i figured i would try to clean my system before i format my HD. here are my HJT, and combofix logs, didnt see a avg log option but it said nothing found

 

[momok]

Hi,

That HijackThis log is from safe mode; I would need one from normal mode. Please post that in your next reply.

I don't see any signs of Security Toolbar in your ComboFix log; it looks fairly clean. What unusual symptoms are you facing?

Regards,
momok

 

[canisay]

umm the security toolbar was removed when i went into safe mode and found the hidden file it was installed in and deleted it then disc clean up/recycle bin clean up, then restarted and it was gone. i was just needing some reasurance that nothing was getting stolen from my system, caused by the trojan that was found (trojan zlob) ... i dont wanna get my banking info stolen kinda paranoid about that. here is the HJT when it ran it came up with an error but then ran fine i think said something about file rights

 

[momok]

Hi,

That Hijackthis log is an old one from safe mode. I need one from normal mode, meaning you should scan it whilst in normal mode and then save the log, and post that new log here.

Regards,
momok

 

[canisay]

ok maybe this one??? i hope it says boot mode normal

 

[momok]

Hi,

Your logs look clean now.

1. Please download and run CCleaner via step 9 of the instructions HERE.
   
   
2. Delete all files in AVG Antispyware Quarantine folder. (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine)
   
   
3. Turn off system restore (XP/ME only). Learn how to do that HERE.
   This will remove all the remaining nasties from your old restore points.
   
   
4. After that turn system restore back on.
   This would have created a new safe and clean restore point for your system.
   
   
5. Often times, an infection can occur again not due to the incompetence of programs, but because of user habits.
   May I recommend you to read this article.
   This can help to prevent future infections.

Should you have any further problems, please post in this thread.


Regards,
momok =)

This thread is for the use of canisay only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[momok]

Thread closed. Should the original starter require it to be reopened, please PM a mod.