Malware reports: Please help diagnose

Firstly I would just like to say what a great website, this must have THE most comprehensive malware removal advice anywhere on the web.

Secondly I have followed through all of the steps on this thread -

http://forums.majorgeeks.com/showthread.php?t=35407


Some symptoms of my problem have been -

AVG reporting the TrojanHorse Generic2.EOJ virus
Sbypot S&D finding multiple entries relating to Smitford

Multitple pop up Notice Dialogues when running IE notifying me to run a 'System Integrity Wizard' and that my computer is not protected and to install 'Drive Cleaner'

Also my IE gets redirected and pop ups appear for winantivirus


Attached are all my scan files as directed in the afformentioned help (there are also files relating to this attached to the next post as I can only attach 3 files to this post), I would greatly appreciate any help,

Thanks.

 

The rest of the files as I mentioned

 

sorry forgot these files

 

Please follow the steps here: Virtumonde aka Trojan Vundo Removal

Once you have completed this post back here with a new HJT log, a new newfiles log and the vundofix log.

 

thanks very much for your help, sorry about the multiple posts,

did what you said and my reports are attached, there is no Vundofix log though? Where would I find that?

 

The vundofix log will be in the root of c: c:\vundofix.txt

 

Thanks got it - see attached

 

Using add/remove programs which can be accessed from the control panel, uninstall the following:

Download and install Sun Java Runtime Environment 5.0 Update 9

Download

- Pocket KillBox

Extract to its own folder somewhere that you will be able to locate later.

IMPORTANT: You should print or save the below locally, so you can refer to them while offline. You must exit all browsers before running the below steps and it would be best if you actually physically unplug your cable to the internet, reboot, and do not run anything but what I give you to do. Also it would be good to exit all processes and items in your System tray.

Do the above before continuing! Okay unplug your cable now.

Make sure you have rebooted in Normal Mode (do not open any other processes)



Run HijackThis. Click the 'Do a system scan only' button.

Once the scan has completed click Config

Click Misc Tools

Click Open Process Manager

Terminate the following processes by selecting them from the list and clicking Kill Process

Click back to return to the scan results.

Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.


Now run Pocket Killbox:

Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.


Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

REBOOT to Normal Mode.

Let me know how things are running now

Post a fresh HijackThis log, a fresh newfiles log and a fresh activescan log.[/QUOTE]