Trojan removal

[newddewd]

Hi guys, I'll take the oppurtunity to introduce myself at the same time, as this is my first post. I'm not that big of a techy, but I've been lurking your site for a bit of time now, and this is where I get most of my info.

Well last night, I was trying to download directX the newer version and I downloaded something completly diffrent from lack of paying attention and I have scaned my computer 3 or 4 times, and Symantec does say the trojan was removed but still I get pop-ups of Spyware downloads. I also have an Icon on the notification area of my toolbar.

Here's what hijackthis had to say. And I'm not sure whatelse I can do. My taskmanager was locked also, but I have fixed that problem.

 

[kritius]

Ok first off, welcome, how are you doing?

Second off, bad news you are infected,
Unknown
O21 - SSODL: apdqnxp - {B145DA39-A64B-4F2A-A84C-85C0BB72A53B} - C:\WINDOWS\apdqnxp.dll
O21 - SSODL: btrklfr - {3D7E8CD3-6F35-4DC9-BCF8-BEA38822462B} - C:\WINDOWS\btrklfr.dll
Added by a variant of the MyGeek/CPVFeed adware.

Have HJT fix these entries,
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O21 - SSODL: apdqnxp - {B145DA39-A64B-4F2A-A84C-85C0BB72A53B} - C:\WINDOWS\apdqnxp.dll
O21 - SSODL: btrklfr - {3D7E8CD3-6F35-4DC9-BCF8-BEA38822462B} - C:\WINDOWS\btrklfr.dll

You need to download SDFix.
SDFix Instructions:

* Run the SDFix.exe by double clicking on it.
* Allow it to install into the default location which is normally c:\SDFix
* Now please reboot your computer into Safe Mode (see here)
* When you have booted into safe mode, open the C:\SDFix folder and double click RunThis.bat to start the script.
* Type Y to begin the cleanup process.
* It will remove any Trojan Services or Registry entries found and then prompt you to press any key to Reboot.
* Press any Key and it will restart the PC.
* When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
* Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
* Attach the Report.txt file to your next message.

Once these steps are complete it would be in your best interests to follow all the steps HERE

 

[newddewd]

Used SDFix, and it seems the problem is gone! Thank you very much

Here's the log from SDFix, how's it look?

EDIT: do you deem a Format/Reinstall necessary? I do SOME online banking, but only check funds and pay phone bill.

 

[kritius]

I would run Hijackthis and post a new log so we can see how its looking now, also just to be on the safe side I would do the 15 steps in the sticky I mentioned earlier, that will show up any problems.

 

[newddewd]

I don't want to format and reinstall though, as I have school and it would be more of a pain then anything else.

 

[kritius]

Your log looks clean.

Had any more problems at all?

 

[newddewd]

Your log looks clean.

Had any more problems at all?

Nope, and thank you very much for your help

 

[kritius]

Your very welcome,

Some final things to finish off,

Update your Java Runtime Environment

* First try going to Start -> Control Panel -> double click Java
* Select the Update TAb at the top
* Click the Check for Updates button at the bottom
* If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
* After it installs the newest version Go back to Control Panel -> Add/remove programs
* Uninstall any older versions of Java


If for some reason you couldn't update through the above instructions.

* Click the following link
Java Runtime Environment 6 Update 5
* The 4th option down is the one you want (click Download)
* Check the box to agree to terms of service
* Check the box for your operating system and click 'Download selected'at the bottom
* After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
* Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


If you have any further virus/spyware problems, please post in this thread.

 

[newddewd]

Sounds good, and again thank you very much. You have been extremly helpfull. I hope to be able to contribute half the knowledge you got going lol.