please help - internet virus/malware

my basic problem was some virus-trojan downloader and ads.js which appeared as soon as i got connected to the internet on opening either IE or opera. it was detected by kaspersky and AVG8 as i tried both separately but could not be deleted and appeared on opening each internet page.

i followed ur advice for malware removal
great work folks.
ur advice was followed diligently by me.

there were 2 problems though
super antispyware, spybot n malwares was installed properly as advised

there was some problem with combofix.
as soon as i typed in RUN & clicked OK, it showed that its an old version and that i had to update to a newer version.

since i had switched off all antivirus and antispyware, i just connected to internet and downloaded, without any protection at that time.
hope that has not damaged the good work done by the other 3 wonderful programmes.

the second problem with combofix was that as soon as i started the newer version that i downloaded and changed its name to combo-fix, it would not accept the change in name when i typed OK and the programme was not running.

i then changed the name back to combofix ithout the "-" and in the RUN as well and then combofix worked and created a log.

then ran mg tools too.

i am attaching all the logs.
if u can, please go through the logs and let me know if there is a mistake or if still some malware is there.

also what further do i need to do further, whether to uninstall any of these programmes now form my laptop and which of these to keep.

please help me out.
thanks

how do i attach the mg logs file, i have attached the maximum 3.

 

my logs for scan/ please help

adding the mg logs.
i think there was some problrm with combofix, plz help me with that

 

again the same problem inspite of following malware removal guide.
as soon as i opened the internet AVG 8 showed
"Threat detected
free.idcards.info/day.js
Exploit MDAC Active X code execution (type 268)"

this keeps on appearing on each and every internet page that i connect
im tired of it sir.
please help me out of this virus which seems to have no end.

Do i need to get a system format done.
Im a doctor and have a lot of books and patient info on the laptop which i might loose.
please help me.

 

please help me.
my internet connection is again showing the threat as soon as i open any internet page.

AVG 8 shows" Threat- free.idcards.info/day.js
Exploit MDAC Active X code execution (type 268)

im a doctor and have lots of books and patient information on my system.
do i need to format ????

please help me fast

 

thank you sir for replying fast.
me actually a doctor, am an anaesthetist and into critical care.
yes, i had actually downloaded lots of stuff from torrent sites including medical books and loads of music.

ok sir, will follow the advise given by you and attach the logs later on.
but presently want to thank you for the fast reply and the good work u guys r doing.

i think i would rather add another title to ur site - computer doctors?????

well that message that i get right now on opening the IE browser the threat still persists with each and every internet page.
i will follow ur advise and attach logs for reviewing.

thanks guys, good job, keep it up.

 

sir,

the regedit changes were a success and i followed all the instructions as to how u advised

im attaching the combofix and mglogs for ur perusal.

sir, still on opening ech IE page or opera page i keep on getting this same popup which shows that threat is detected and this is how it shows

Web shield Alert
accessed file is infected
Threat detected

Threat:v.freefl.info/day.js
Threat name: Exploit MDAC Active X code execution (type 268)


this keeps on on appearing at each and every page and at times while the page is being opened the threat is detected 4-5 times which they i have to click ok.

also no antivirus including kaspersky or AVG gives an option to delete it.

this opens only on connecting to the net and not on offline web pages.

sir, im unable to understand the problem and please help me with that.
lookingforward for ur instructions.

the combofix file is not getting attached sir

 

sir this previous message was detected on opening each and every IE/ opera page by AVG 8

Web shield Alert
accessed file is infected
Threat detected

Threat:v.freefl.info/day.js
Threat name: Exploit MDAC Active X code execution (type 268)

I then uninstalled AVG and am using kaspersky 2009 now.
also started using mozilla firefox.

now Kaspersky 2009 still detects something like this, as a pop up on each and every IE/mozilla firefox page and it shows as

Application firefox(or IE/opera): contains links to web page http://v.freefl.info/day.js, used to steal passwords, credit card numbers or other confidential data. Denied.

view report

the report of kasersky 2009 shows it as anti-phishing event and access denied.

In the explorer bar of firefox, the site name appears for a flash of a second and then disappears or is blocked and the site or webpage that i want to connect to, opens up with the above mentioned pop up.



sir, the kaspersky antivirus, super antispyware, spybot & malawarebytes anti malwares fail to detect any virus, trojan, spyware or malware on the comp.

what do i do next sir. is my computer hacked and is the only option left is formatting and will that too help me get rid of my problems.

please help me sir, seems like no end to this problem.

 

sir,

im attaching the logs of kaspersky 2009, the system security and the online security

i tried to get the patch "MS02-065: Buffer overrun in Microsoft Data Access Components can lead to code execution" as advised by you but the page requested for download could not be found.

also for the SP 3 update they have advised for activating automatic updates but sir, that is already activated and all the automatic updates have been installed by me.

do i still need to get SP 3 or SP 4 and the others like SP4 hotfixes download.

are these downloads are about 365MB .
is it the right file to download.

also im not using any router.
it is a direct broadband cable connection that i use.

thanks for all the previous advise.
kindly let me know what to do next and what about the reports of kaspersky scans - they still show these pop ups on each and every mozilla/IE page - Applicaton firefox - contains links to web page http://v.freefl.info/day.js, used to steal passwords, credit card numbers or other confidential data. Denied.


thanks for all the help

 

1 remaining attachment sir

 

thanks a lot for such an early response.

i will download the SP3 pack and install that.

about these pop ups, yes sir, they r still there, kaspersky is detecting them and shows it has denied the access.

im attaching the logs of yesterday and today sir. and this event is still happening.

is there something else that i need to do???

sir, even as i opened the new page to attach the following log, this antiphishing event according to kaspersky was again detected and showed on my screen as a pop up.

 

thanks for all the help.
u guys r doing a great job.