[ulf the wolf]

Hello there! I've just registered to this forums as I've stumbled upon it through a google search on just what the heck is a matter with my computer. I ran into a thread, http://www.geekstogo...us-t198352.html , that seemed to be experiencing the same issues as me. My firefox stopped running and my internet altogether seemed to be crapping out. Tons of pop ups and I've just never ran into this sort of thing. My computer is protected with Bitdefender Total Security 2008, but apparently this isn't good enough.

I followed all the steps in the second post of the thread I pasted above. I followed all the instructions given to the user 'mhilliard_13' in hopes that this would help me out.

Attached hereto, for your review, are the logs created by these programs:

- Malwarebytes' Anti-Malware
- SUPERAntiSpyware Free for Home Users
- Deckard's System Scanner (DSS) / And Hijackthis Log


Please help me out! Thanks a ton. My computer has never been as messed up as it is right now... poor girl...

Attached Files

•  extra.txt   15.35KB   200 downloads
•  main.txt   41.07KB   144 downloads
•  mbam_log_5_28_2008__13_32_41_.txt   3.58KB   105 downloads
•  SUPERAntiSpyware_Scan_Log___05_28_2008___15_28_13.txt   626bytes   103 downloads

[Advertisements]

^^ bump ^^

I think I've provided everything needed for the experts in this forum. Let me know if theres anything else needed.

[ulf the wolf]

^^ bump ^^

I think I've provided everything needed for the experts in this forum. Let me know if theres anything else needed.

[ulf the wolf]

Anyone!? I'm desperate to get my computer in good health...

[Tal]

Hi Please don't bump your topics as it makes it harder for us to see that there are no replies.

Before we proceed to clean your computer from malware, let's go over some points that will help both me and you, and prevent causing damage to your computer:

• Please don't be afraid to ask questions! No question is considered dumb here. It's better to be safe than sorry!
• Please follow the steps exactly in the same order posted. If you can't perform a certain step, or you're unsure on what to do, please stop and let me know.
• NEVER fix anything in HijackThis or other programs on your own! This can be very dangerous and cause harm to your system. If you see a certain entry or program you're unsure about, please don't hesitate to ask!

You may also want to Track This Topic. This feature of the forum will send out an email to the email address you've signed up with as soon as I reply, so you can be notified of my reply. To do this, please locate the Options menu, located just under the New Topic and New Reply icons. Once you've found it, click it, and choose Track This Topic from the dropdown menu (the first option). In the page that appears after you have clicked Track This Topic, select Immediate Email Notification, then click Proceed.

In first glance there is nothing wrong with the machine, however there are the remains of Vundo and several files that indicate the newest variant of Vundo 'visited' your computer. Let's delete some files and get an online scan.

Step1 : Deleting files with OTMoveIt

Please download the OTMoveIt2 by OldTimer. Please note: If you already have OTMoveIt on your system, please replace it with this newer version.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  C:\WINDOWS\system32\jjjjhfym.exe
  C:\WINDOWS\system32\TsDKknnn.ini2

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Step2 : Correcting orphaned entries with HijackThis

Please re-open HijackThis and click Scan. Put a check next to the following entries presented in the window: (Do NOT click Fix yet!)

O2 - BHO: {3b44e8c1-ed86-04cb-de34-516ac5b8068c} - {c8608b5c-a615-43ed-bc40-68de1c8e44b3} - C:\WINDOWS\system32\nvvxmtgq.dll (file missing)



Now, close all other windows but HijackThis, including Explorer windows (folders) and this window, and click Fix. Note: It is vital you close all other windows, otherwise the fix will not succeed.

Step3 : Online Scan with Kaspersky

Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  Extended (if available otherwise Standard)
  
  • Scan Options:
  Scan Archives
  Scan Mail Bases
• Click OK
• Now under select a target to scan:Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

Summary

In your next reply, please include the following:

• New DSS log - it will only produce main.txt - please post it and not attach it if possible.
• Kaspersky Log.

Regards,

Tal