new hijack this log

Hi. I've been malwared again and I have these dam programs that wont remove from add remove programs.
2 of them are some java2 programs a ninemsn program and a yahoo program.
I have run cc cleaner and spybot (with updates) and adaware but the programs are still there. Is there a program I can buy that will get it all off and keep it off?
Anyway here is a hijack this file to look at if you can help.(hope it loads)

 

Ok thanks for the link I followed the proceedure upto 6C and bitdefender and panda active worked so that was good
I am going to try and attach my results from the scans if you would be able to advise me on my next step that would be great I am going to purchase a whole new security package to better protect my pc.

 

one more attachment sorry.

 

Yeah for some reason counterspy didnt work. I will try and download it again but it takes time to get a stable system running to be able to download anything. I will also run HJT again and post this log. It will have to wait untill I get home from work though.
This is a strange problem though cause sometimes the pc doesnt boot up and just freezes in the middle of loading windows with a blank screen. I boot up in safe mode and run cccleaner and spybot and adaware but they dont seem to find anything then I boot in normal mode and ccleaner finds heaps of stuff and I delete all those and can run for a bit but sooner or later I am back to squar one again.

regards

Scott

 

I had to run the old versions cause I couldnt even open up windows without being in safe mode. Sorry I will go thru the whole process again I just forgot to run the AVi instead once I can get onto the internet again I'll download it and start again. Thanks

 

I had huge issues with the malware and only just managed to open up windows etc after alot of mucking about. any way heres the getrunkey and shownew files of updated versions.

 

here is the hjt file do I need to ad the AVG file?

 

Ok I will do that tonight when I get back from work. I'll need to figure out how to find the AVG results though does it save them in a particular file?
Thanks again

 

ok I have run avg again and have the results aswell as a new hjt log so far the pc seem stable. But I have noticed 2 new networking symbols in the bottom right hand corner of the desktop and I also have a suspicious icon that thinks its ie but wont let me delete it. I saved a screen capture and tried to indicate the icons using text i am not good with hilighting things on the pc sorry. I will attach these and see if they tell you anything more. oh and I cannot find any attackshield files on my pc but I did delete it from hjt.

Thanks again.

 

Hi I had issues with tcp/ip being deleted for some reason and everytime I tried to run AVG in normal mode it failed to run. all my quick launch tabs on the bottom toolbar are missing now and HJT cannot delet attack sheild or kodak or ipod plus there are a couple of other thing I tried to delete that stayed on. anyway heres the last runs you asked for.

 

and here is the hjt log

 

I thought I had done everything as per the instructions. I'll have to have another read but I could not find the sdhelper function when I ran spybot.
I'll have another go at a complete clean again.

Thanks

 

I had a look for msconfig but it wont come up when I type it in the command prompt or when I search for it in explorer either.

 

one more quick question. should I uninstall norton and install one of the free av's and firewall you have listed in protecting yourself from malware? and if I do should I download it first then cut off the internet connection then remove norton before installing the other programs?

 

Hi. Thanks for the info about norton etc. yes I was going to post you the new logs but as I couldnt find ms config and couldnt perform every step as you explained I wanted to wait untill I got a reply from you about the msconfig problem and the AV advice. I'll go ahead and see if I can not find ms config. I'll also install the AV and get rid of norton and by the time I have done all this it will be another day at the PC.but its worth it to beat these damn programs.
in my exploration of my pc I found that there is a .dll cache in win32 and I also found several folders and folder extention with nothing in them so I deleted them I probably should have written them down. I think I'll have to start taking notes as I go around deleting stuff.

 

I typed what you said and it came back with an error.
"cannot find the file 'msconfig' (or one of its componants). Make sure the path and file name are correct and that all the required libraries are available"
My OS is win2000 pro by the way.

 

Ok I removed norton and tried to load AVG free AV but it came back with an error saying it was not a valid win32 app. so I craped my daks thingking I'd be all open to attack and downloaded Avast instead so its working and came back with this message after the first scan.
c:/winnt/system32/pskavs.dll is infected with win32:ctx
should I delete this? as it says its in windows files?
Also I have zone alarm now to thanks for that. still cant find msconfig though.

 

Hi. I ran all the stuff again except msconfig (i still cant find it) I also have 2 network connections in my network and dialup connections folder and they wont let me delete them.
Anyhow heres the logs so far.

Thanks again

 

yeah I know that deleting internet connections is a bad idea but I have 2 new ones that I didnt install myself. Anyways I disabled them since they wont let me delete them. Sorry I didnt realise I was using an old version I know that must be anoying I will go aherad and fix that. I am not sure my pc is completely clean (nor will it ever be) but I have the 2 unknown internet netwrk conections and various trogen spyware things that show up on each scan.
once I have the newer version of shownew and have time to go thru the steps again I'll post the required logs and see what you think of the state as is of the pc.

Thanks again you guys are great!

 

I thought I had updated the shownew program after I reconnected to the internet anyway I have done it this time and will post another shownew.as for the network connections there in the control panel under network and dial up connections. I cannot delete them I did rename them and disable them. Here is the screen capture. I also have seen changes to certain icons on my pc things such as kodak quick launch and microsoft word etc I will try to show what I mean.
Thanks for all the help