WinCodecPRO Multiplying Infection...

Experts: Please Help!!!

Now a second (backup) machine is infected! This time with Win32/FakeAlert.ADQ!

I had initially posted here explaining a multiple virus infection on my network (server) PC [http://forums.majorgeeks.com/showthread.php?t=188112] which prompted me to use an office laptop as my primary connection to the internet. It is the laptop I am trying to correct as it seems to be “less” (?) infected than the PC, if there is such a state…
So now, two machines are on the fritz and most of time I have to use my ppc to view email.

I have tried Smitfraud which claims to be able to fix desktop hijackers but it didn’t work and the infection remains. The WinCodecPro hijacker gives multiple pop-ups from their new tray icon, changes my background wallpaper to a huge warning to download their fake product, but most annoyingly changes the screen resolution to the minimum. I have performed the steps normally requested before posting in the forum and the logs are attached below.

Please Help – if I can get the laptop back to normal it should assist in fixing the first PC!

Thank You!!!!!

 

TimW --

Thank You for your response to my "other" computer problem.

There was no report of a "virus" by either McAfee or AVG. This was a desktop hijack where WinCodecPro changed the wallpaper on the desktop to their own, directing user to known bogus software site. I meerly Googled what was on the desktop to figure out what it was and immediately tried to clean up with what was suggested, Smitfraud. Media codec may have been effected in that no sound would play and desktop background and resolution would be reset every 5 minutes or so. I used Smitfraud in an attempt to fix the machine but the activity persisted for 2 days. It seems to have disappeared now though I fear it is still present, lurking, waiting to pop up again. Considering that the activity persisted after using Smitfraud I thought it still present. I did use the "Read and Run Me First" which may have done the trick - but then why would the activity continue for 2 days after performing the clean up?

What do you think I should do? (after removing the extra (AVG) antivirus)

Thank You!!!!

 

Tim --

I used all the materials in the "Read Me First" as the instructions described. There are no traces of the thing in my scans and all activity has stopped! I might keep my fingers crossed, but I think I got it with the tools recommended here. So I'm now concentrating on the infected PC which continues to multiply infections according to AVG, won't let combofix run and has begun talking to the user (advertisements of some sort) without
anyone logged on or any programs known to be running.

Thanks so much for coming to my assistance here!!!!!