trojan downloaders... Arghh

Ok.. Let's start with the fact that I know enough about computers to do well turning the thing on! I did a free online scan that detected 9 Trojan downloaders on my computer. I suspected something was up because my Ad-Aware scans keep flagging a file in system32 (c:\windows\system32\tuwxvpfi.exe) but I couldn't get rid of it.

I read and attempted to follow all the instructions on your "READ ME" page. This is what I got:

 

I have been unable to attach the stuff from Bit Defender. The attachment manager gives me an error when I try. I know you need this to help me, so if you have any suggestions about how to fix this, I'm all ears.

Thanks

 

What is the error message. We need that log.

 

It says it is an invalid file. I can click on it and open it, but not attach it. I am sure I saved it incorrectly. It is saved as an html. Can I change is some how?

 

OK.. It should be right now.

 

What happened when your tried to run Panda SctiveScan? There is no log.

 

It told me there was nothing found. I ran it after bitdefender which said it deleted those files. When I rebooted and reran bitdefender, they were there again. But, when I rebooted after running bitdefender the second time, the scan said there were no infected files found.

 

Download
- Pocket Killbox

<< The installed version of Java on this compter is out-dated. Install Java Runtime Environment (JRE) 5.0 Update 7 available from http://java.sun.com/javase/downloads/index.jsp. Uninstall all older versions of Java on your computer, before installing the latest version of Java. >>

Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines:

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click Delete Selected Temp Files

Then after it deletes the files click the Exit (Save Settings) button.

NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue..

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open Windows Explorer navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log and a new log from ShowNew

 

Ok... Sorry I took so long. I have been out of town.

 

Run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

Flush all your restore points and create a new clean one for your system.

Disable And Enable System Restore
How to Protect yourself from malware!

Safe surfing.