Cleaning Malware

[mikex]

He folks,

I have a machine I can not get completely clean. I run Adaware, Spybot, Prevx1, Free AVG, Trendmicro House call (online scanner), F-Secure online scanner, Smitfraudfix, Ccleaner, Cleanup, and JV16.

I can leave this machine on and I will get a new browser with spam type ads about one per hour. All the above scanners are up to date. I check for updates daily then scan. I have Sys restore off and set to 0%. I was getting hits in there even after I turned Sys restore off.

Looking for advise....

HJT and a copy of AVG virus vault log is posted here.

M

Also used Mutilate File Wiper (free trial) to wipe free space this past weekend.

M

Edited April 18, 2007 by mikex

[shanenin]

I have had good luck using panda active scan . It will not remove the spyware, but it will tell you what files are bad. I then use killbox or just delete them in safemode.

You could also try the free version of spyweeper.

[TheTerrorist_75]

Wait for someone to walk you through your log. You have a couple of unidentified files.

[shanenin]

I am no expert in this area and tend to "shoot from the hip". the following entry appears bad. Delete with caution :-)

O2 - BHO: VPNS System - {9FA1AA9E-7ECF-4f3b-AC23-7F09E01298E4} - C:\WINDOWS\dxdiag.dll

http://www.castlecops.com/tk32323-iesettin...dxdiag_dll.html

Edited April 18, 2007 by shanenin

[Matt]

Hi mikex, I just replied to your hjt log.

[Pete_C]

And once you get cleaned ; go back in your antivirus and look up what you have removed.

Check online to see if there are additional manual follow up steps to complete the fix. Often there are additional registry keys which may not be deleted by the standard AV scan and fix even though they should have been Either a specialized removal / repair tool is required or manual removal.