Apparent Adware Trojan

It started with a pop-up saying I had a hard disk error, and needed to reboot. Then, my desktop icons started disappearing, and so I restarted and did not have any (I believe now the folders were just hidden), so I backed up to a checkpoint earlier in the day, and restarted and now I had my shortcuts but I checked the event log and there was a problem with the restore from checkpoint and all my checkpoints had been deleted.

Now, when I start my machine it seems to be normal but all of a sudden, before I ever bring up IExplore or anything, I start getting music or mainly adds coming through my speakers. Then, after a while, I get a pop-up saying Internet Explorer has had a problem with running a script. If I check Task Manager it does not show Internet Explorer running. Also, in watching Task Manager after bringing up my machine, the storage used by Explorer keeps getting bigger and bigger and then the ads start coming.

I downloaded and ran a number of malware programs and most of them found nothing but malwarebytes did find a couple of trojans which it removed. But, this did not stop the problem.

I've looked at and tried a few other things but feel I have come to the point where I need expert help and, that is where you guys come in (if you can).

hijackthis.log attached

Sincere thanks in advance!

Zaratoughda

 

I just noticed the intructions you gave Insane111 so if you want me to do the same just say so and I will refer to that thread and proceed as instructed there.

 

TimW... it looks like we got this one under control.

I am attaching the two logs from malwarebytes that I ran before I came here for reference as they indeed found some things. The second running was not long after the first but it was a full scan and found another trojan.

I have attached the SuperAntiSpyware log though it didn't find anything.

I ran malwarebytes again after this but it didn't find anything additional.

It was ComboFix that apparently fixed the problem. Looks like this one is the heavy hitter. The log is attached.

Need to post another reply with the other two logs.

Zaratoughda

 

The logs from the last two programs are attached.

In task manager I have not seen the memory usage for explorer go above 30M so far and have not had any ads come up so far so, so far so good though I will probably have to watch it for a day or two.

But.... you guys RULE! Would have been impossible for me to isolate something like this (hmmm... ABSOLUTELY impossible and I am a computer engineer).

Many thanks for the help. I will be sure to recommend this site to others that I know.

Zaratoughda

 

OK, went through the procedure and everything seemed to work fine. The REGEdit took and HJT removed the selected entries.

I had already created a folder in keeping SAS and MWB and also CCleaner which I might have occasion to use over time for browser redirection problems. I had also decided that ComboFix was too dangerous to be kept around and had just deleted it from my desktop (I have recycle bin auto delete) and, couldn't find any trace of it in registry or in add/remove programs. HJT and anything else other than the three programs I saved were not listed in add/remove programs.

So, seem to be all set here with a new (and clean hopefully) system restore point.

Thanks again for your expert help!

Zaratoughda