Malware Removal Help!

Hello I am new to these forums. I HAVE read and followed the "generic" steps to getting rid of adware/spyware etc, but are still in need of some help. This all started with my Norton Antivirus picking up a virus called "Downloader", which it deleted but kept picking up backup files of that virus. I ran all of the neccesary programs listed in the forum post and im pretty sure SpyBot - Search and Destro y got rid of that one for good. Anyways, I used BitDefender, Panda ActiveScan, and HijackThis and have the logs attached. Bitdefender picked something up which I do not know what it is but it says it was deleted.

"BehavesLike:Win32.ExplorerHijack" <--- From Bitdefender log.

Panda Active Scan picked up 8 listings, but 5 of those were Internet Explorer cookies (I have been using Firefox for a while and have now switched all users to using Firefox as the default). I followed all the procedures for preparing the logs. Hopefully someone can get this fixed for me

 

Sorry double post but after browsing the forums for a while I noticed I had the same additional problem as someone else. When Internet Explorer opens it redirects me to |www.syssecuritysite.com| I don't use Internet Explorer anymore but this seems to be a problem so I will post.

Thanks in advance!

 

Follow the directions for SpywareQuake & SpyFalcon Removal Procedure.

Post a fresh HijackThis log along with the smitfiles report.

 

Okay I have done those steps, although I never found any of those files that were specified. Except for possibly one of these which my Norton Antivirus picked up and SpyBot - Search and Destroy deleted, which I remember from before (can't remember exactly).

• %System32%\hp???.tmp ( where ??? is any 3 random characters
• %System32%\hp????.tmp ( where ???? is any 4 random characters)
• %System32%\ld??? .tmp ( where ??? is any 3 random characters)
• %System32%\ld???? .tmp ( where ???? is any 4 random characters)

Also when I log onto my user, everything starts up and then windows explorer opens to the system32 folder all the time. Whats up with that? One final note on the smitRem tool. Everything went fine until the disk cleanup process. It calculated the amount of space on the C: drive but I don't think it did the cleanup because nothing happened after it finished calculating. Anyways the logs are attached and thanks for the help so far

 

Your HijackThis log is clean.

How is your computer running?

 

It is running fine. I don't think there is any other malware on the system. Thanks alot for the help! Just one more question. Should I keep all these tools that I have downloaded or just get rid of most of them? I am gonna keep hijack this but all those other adware scanners?

 

You can delete and unistall any tools you don't need/wamt.

Lets flush all your restore points and create a new clean one for your system.

Disable And Enable System Restore
How to Protect yourself from malware!

Safe surfing.

 

Thanks alot for your help!