cant get rid of malware please help :(

ok i have run through this SpywareStrike, Smitfraud, SpySheriff, SpyAxe & PSGuard Removal and the reports are attached.

still getting spyware infection report from windows, run ad aware, spybot, spy blaster and the bits from the link above.

any help would really be appreciated

cheers

 

A BitDefender and HijackThis log are also needed. Please post both.

 

oh sorry about that, i also seem to have something that stops my windows security virus detection too.

and now if that wasnt enough nortons has picked up w32.alcra.b virus and cant get rid of it

thanks for you help though

 

You are strongly advised to do the following immediately:

1. Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned.

2. Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.

3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.

Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passords and transaction information.

You are running HijackThis directly from teh ZIP file. Unzip HijackTHis to C:\Program Files\HJT.

Empty the Norton Quarintine Folder.
Empty the Recycle Bin.
Empty the Norton Protected Recycle Bin.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Scan and have HJT Fix the following:

Download
- Pocket Killbox
- ExplorerXP

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Using Search in the Start Menu search for the following:

Delete every instance found.

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Follow the directions for Running WinPfind by OldTimer.

Post WinPFind.txt and a fresh HijackTHis log.

 

eeeek!!!

well ive done all the things u said to do and here are the logs u wanted

 

Scan with HijackThis and Fix the following:

Are you connected through a router?

Post a fresh HijackThis log.

 

ok done that and heres the new log file

and no im conneted through a adsl modem via usb connection
using nortons antivirus, nortons internet security professional and all the spybots, spyblaster, adaware, ccleaner and all the other stuff u recomened
so not even sure how it got on here

cheers again

 

OK, that would mean that the 017 line entry is related to your ADSL connection.

Your log is clean.

Disable system restore, then enable system restore. This will flush all your restore points and create a fresh clean restore point.

Safe Surfing.

 

thanks for that, i actually formatted in the end as i needed to get on with work lol

but thanks anyways