DesktopTrojan.Win32.BlackBird.exe

Started the computer today and found I have a Trojan. It changed the wallpaper - or at least I think it was the Trojan - to indicate that I should click the text to perform a scan. I was suspicious so didn't and ran AVG Antispyware, AVG Virus scanner, Spybot, Spyware blaster but no results

Searched my C drive and found the BlackBird.exe above. Searched the internet with little success but found a post here showing many of the same files. I manually placed:

C:\Documents and Settings\Owner\DesktopTrojan.Win32.BlackBird.exe
C:\Documents and Settings\Owner\DesktopFWebdEditor.exe
C:\Documents and Settings\Owner\Desktopfwebd.exe
C:\Documents and Settings\Owner\Desktopfkwp2.0.exe
C:\Documents and Settings\Owner\Desktopfkwp1.5.exe
C:\Documents and Settings\Owner\Desktopfilemanagerclient.exe
C:\Documents and Settings\Owner\DesktopEditorFKWP2.0.exe
C:\Documents and Settings\Owner\DesktopEditorFKWP1.5.exe
C:\Documents and Settings\Owner\Desktopblackbird.jpg

into the AVG virus vault.

Everything seems back to normal and I haven't had any negative results from
any of the software I have scanned with. However, I am getting "avwjslqb.exe" trying to get by my firewall.

It shows up in the HijackThis log:

O4 - HKLM\..\Policies\Explorer\Run: [FJ6JEv5lHo] C:\Documents and Settings\All Users\Application Data\gtkxmtif\avwjslqb.exe

And it shows up in the Windows prefetch files: "AVWJSLQB.EXE-03465567.pf"

I haven't been able to find any info on this file. Any ideas or advice?

System is Windows XP. This is a little beyond my skill level.

Thanks.

 

Welcome to MajorGeeks.com!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

Read & RUN ME FIRST Before Asking for Support