cleaning out my system..

Please be more specific!

• What trojan?
• When/how often is it found.
• What is finding it?
• Where is it being found (give file names and also the location of the file)? If you are going to tell me it is in C:\System Volume Information, then don't bother. You need to read your documentation for your antivirus program. Files in System Restore cannot be removed until System Restore is disabled.

 

But all of these items have already been removed according to your logs!

As far as reading your antivirus documentation is concerned, what I meant is that no antispyware, antivirus, .....etc program can remove things that are in System Restore (that's what the System Volume Information folder is). You must disable System Restore (see step 8 of the READ ME), reboot, run a new scan, and then enable System Restore again. Do this toggling of System Restore now before continuing.

Anytime you run a scan, be sure to either save a complete log or write down exactly what is found and where it is found. Without that information, we cannot always help you. Just telling us you have a trojan problem is not useful. Just telling us you have a Zlob problem is more helpful, but not as helpful as giving us a log by the program that is detecting it and showing us where it is. And when you say CounterSpy is finding Zlob and the log shows that it deleted it, all we can say is that your problem was fixed.

Let's fix a few issues!

Now uninstall the below software:
Internet Explorer Secure Plug-in
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Mozilla Firefox (1.5.0.11)
Security Messenger
Viewpoint Media Player

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Then install the current version of FireFox from: Mozilla Firefox



Attach a new log from CounterSpy now and show me that it is still finding the malware.

Now also attach a new log from ShowNew.

 

You're welcome.

You can uninstall CounterSpy now since we are finished with it.


Your log is clean. If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you run Avenger, you can delete all files related to Avenger now.
7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
8. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
9. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!