Virus background and locked out of most actions

[veevz21]

about 3 weeks ago my backround changed without me doing anything to a warning message warning me about being infectd, with a pop up contimually coming up saying download this whitch takes me to antivirus 2009. i have read through most of the threads and been through the 8 steps and still no luck. i have managed to install malwarebytes but there is a message appears when i try to install superantispyware and update java saying the administrator has not allowed me to install such products. i have however got the logs for malwarebytes and hijackthis which i have attached.
this pc is not my main pc and no bank details or personal info is stored on this pc to my knowladge but i do not have the origional disk so i would really appreciate the help to stabilize my system again. PLEASE HELP.
thank u for your time and hope to hear from u soon.

Thanks again

Martin

 

[touch]

Hello Martin

You have some remnants from AVG8, I´ll therefore suggest you run this uninstall tool:
AVGRemove Tool


Update Malwarebytes' Anti-Malware, run a complete scan, and have it to fix what it find

Then please download Combofix:
http://subs.geekstogo.com/ComboFix.exe

And save to the desktop.

Close all other browser windows.

Please connect all your external hard drive/flash drive before running Combofix, if you have any

Double-click on the combofix icon found on your desktop.

Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

When finished, it will produce a logfile located at C:\combofix.txt.

Attach the contents of that log in your next reply, along with new malwarebyte log, and a fresh hijackthis log

 

[veevz21]

hi and thanks for the speedy reply

have followed the steps u have mentioned and please find the logs attached.

one thing that did concern me was when running combofix it told me to disable AVG8 which i had already uninstalled using the removal tool and could not find any program regarding AVG.

once again thanks for the help. hope to hear from u soon.

Martin

 

[touch]

I can not find a reasonable explanation why AVG8 are in the combolog

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)


Then ->


Open notepad and copy/paste the text in the quotebox below into it:
Copy the entire contents of the Quote Box below to Notepad.
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
File::
c:\windows\system32\wezavova.dll
c:\windows\system32\fabapufu.dll
c:\windows\system32\hejivego.dll
Trusted Zone::
Domains::

http://i266.photobucket.com/albums/ii277/sUBs_/Combo-Do.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe, and post/attach back the resulting report, along with fresh hijackthis log, and tell how things are running now ?

 

[veevz21]

hi again,

everything seems to be running good again. the background has stopped and so has the pop up. im able to open task manager again now and defragmanter works. WOOOOHOOOO!!!

the logs are attached below.

once again thank u so much for your help. i am presuming i am now fixed ( which i am very greatfull of ) but if i need to do anything else please advise

Cheers

Martin

 

[touch]

That´s good news Martin - good job

The logfiles looks clean to Me.

We will now clear your existing system restore points and establish a new clean restore point:
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.



Uninstall ComboFix

Go to Start->Run, and type in ComboFix /u
Make sure there is a space between ComboFix and /u
Click Enter

This will ->
Uninstall ComboFix. Delete its related folders and files.
Reset your clock settings. Hide file extensions.
Hide the system/hidden files.

I also suggest you read Tony Klein´s article :
http://www.spywareinfoforum.com/index.php?showtopic=60955


If you have any comments or questions, feel free to post back