Malware Intercepted but now theres RunDLL errors

First off I'd just like to say Hi and thanks for such a useful forum , Second I need a little help .

Well it started off when I woke up and 'woke up' my computer. I saw on the bottom right of my screen that some malware has been intercepted by my iolo scanner and I had three RunDLL errors on my desktop (1st pic) with my taskbar missing. So I thought it was nothing an acknowledged the warning and continued with a rest to get my task bar back. But after the restart the RunDLL errors where back and I can't seem to get rid of them. Theres also times when I go to use a program and it causes my taskbar to disappear leaving me with a black bar at the bottom (2nd pic). I had previously done something stupid and downloaded a bunch of stuff while I was trying to stay awake and I must not of noticed what exactly I was doing. Now before I do something like a system restore and reinfect myself :/, can anyone help me with a more reasonable solution :confused

1st pic:
http://i110.photobucket.com/albums/n82/xMUSICxMANx/RunDLLerrors1.png
2nd Pic:
http://i110.photobucket.com/albums/n82/xMUSICxMANx/crap.png

 

Hi xMUSICxMANx
Welcome to Major Geeks!

Please follow the instructions in the READ & RUN ME FIRST and attach the requested logs with your next post.
Thanks.
abri

 

Well, when I posted this I still had RunDLL problems but my taskbar was staying put. After doing what was requested the RunDLL files disappeared . Could you please take a loot and see if I'm all set. Thanks again for your time .


Also can I erase the .db, .ini, .jpeg files and ComboFix? Or should I save them?

 

Hi xMUSICxMANx,

I'm glad things are better. I would like for you to do the following:

1) Go to add/remove programs and uninstall the below:

Viewpoint Media Player
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1

2) Reboot after uninstalling the above.

3) Install the current version of Sun Java from: Sun Java Runtime Environment



4) Do you know what this is?


O4 - HKCU\..\Run: [ThePrivacyGuard] "C:\PROGRA~1\THEPRI~1\THEPRI~1.EXE" /startup


If the above entry is not one you want, please run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the above line but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now. (If you run analyse.exe/HighjackThis, just close it when you're finished)

Other than the above, I don't see further malware. Please run the final cleanup instructions:

abri

 

Well the Privacy guard was from an old Ip changer/ hider I once used but don't need anymore so thanks for letting me know how to get rid of it. I did everything stated in the above but Run CCleaner since I don't have it, but I do have Iolo's System mechanic (I'll goahead and run it after I type this) and I couldn't uninstall Hijak This because it said the following:

I haven't touched any thing to do with uninstalling it until now, its that ok that is says that, if so should I just remove it? Also thanks for the guide, I know the exact reason why I got the malware and its not happening again. I use firefox with script/ flash/ and java blockers and I got it by downloading things while I was up for 28 hours. Thanks again for all your time and this forum is great .

 

Hi xMUSICxMANx,

You can delete HijackThis by running it (oddly enough). Here are the instructions:

As for CCleaner, it is an incredibly valuable tool for keeping your computer cleaned of the kinds of files websites like to put on your computer. If you can, I recommend downloading it and running it everytime you leave the internet for the day. It's important to make sure that you don't download things to a temporary location as those are the files CCleaner gets rid of. Also, if you are used to using the History in your browsers, CCleaner will get rid of that as well, so you either have to uncheck this option or you have to change over to using bookmarks.

I'm glad things are working well now and wish you safe surfing.
abri

 

Alright thanks ... Just one question, I actually just skipped uninstalling after the error and went ahead and deleted it , should I re download it and uninstall it?

 

No, it's fine.