malware trojan pax.cax/virtumonde /downloader.swizzor

Could you please attach the log from SUPERantispyware even though you say it found nothing.

Where was AVG finding these threats?

In the mean time I shall review your logs and get back to you with a set of instructions as soon as possible.

Thanks for your patience during this time.

Kestrel13!

 

The main problem is that you are running two anti-virus at once.

You must only have one installed as you are reducing the effectiveness of each of them by doing this. It also can cause malware to go by unnoticed and it slows a PC down tremendously.

Decide whether you wish to keep hold of AVG Free 8.0 (which is out of date and needs upgrading to 8.5) or Symantec Anti-virus. If you decide to be rid of Symantec ensure that you use this special removal tool:

Please give the Norton Removal Tool (SymNRT) a run > reboot your machine and then run it again for good measure.


1. Please go to add/remove programs and uninstall the following out of date Java:

• Java(TM) 6 Update 12

2. Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix exit HJT.


3. Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
• If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below code box into it

(make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
c:\windows\is-10E4R.exe
c:\windows\is-10E4R.lst
c:\windows\is-10E4R.msg

Registry::
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
  
  
  
  
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

4. Now reboot your machine and install the most current and up to date version of Java available here at the below link:

Java Runtime 6


5. Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Combofix.

6. Let us know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

Recycler is the Windows Recycle Bin however recycled is not valid

I'm not seeing any more malware in your logs.

Please explain what operations are slow! For example answer the below:

• Is boot up slow?
• Is shutdown slow?
• Is browsing/surfing slow?
• Is downloading slow?
• Is running any application?
• Is it also slow in safe boot mode?
• Also are any process showing in Task Manager to be using a lot of CPU time?
• Anything else slow?

 

This I would like to kill, but let's first check the properties of the file and see if it has a signature. Let me know.

The combo of AVG and ZoneAlarm is probably what is causing the slow start up.
But to investigate further I would suggest that when this thread is finished you visit the software.