Tried to use instruction to remove malware

You are using an old version of combo. Please download a current version from the Read and Run First instructions. We also need these logs:
MBAM
RootRepeal --- if it runs
C:\MGLogs.zip --- from running the C:\MGTools.exe

Also attach the C:\Qoobox folder.

 

Your add/remove list is missing in the newfiles log. Did you once have AVG Anti-Spyware Clean Driver installed? If so, it is broken.

It looks like the scans took care of most of it. Let's just remove a few leftovers:

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
C:\32788R22FWJFW.1.tmp
c:\documents and settings\Alexandra\Local Settings\Application Data\Xjowo.bin
c:\documents and settings\Samantha\Local Settings\Application Data\Xjowo.bin
C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe
C:\WINDOWS\Uwohodo.dat
C:\WINDOWS\Xjowo.bin

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\ComboFix.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!


Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  Vista/Windows 7 users right-click and select Run As Administrator.
• If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123tdk.com).
  
  • If you do not see the file extension, please refer to: How to view hidden, system files & folders!
• Click the Start Scan button.
• Do not use the computer during the scan
• If the scan completes with nothing found, click Close to exit.
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_14.17.05_log.txt) will be created and saved to the root directory ( usually Local Disk C ).
• Attach this log to your next message

 

I am not familiar with Avanquest System Suite 11 so I am not sure how to disable it. You might want to uninstall it until we are finished.

 

There is no evidence in your Qoobox log to show that Combo removed any programs. I am at a loss as to what may have happened to them. One suggestion would be to go back to a restore point before you started all this. You would have to download all the scanners again, but it may be easier to do that than to try to restore your programs. We could then remove the malware without running Combo.

 

That log also does not show any programs removed. Let me know if you can do a restore.

 

You need to post that question in the software forum. They can help you try to do a system restore. You may need to use the Recovery Console to do that. If you are successful, come back to this thread so we can check for any restored malware.