Help!! How to stop all the Popups, Adwares and Trojans??!!!

Forget those.
Let's see, if we can get rid of bad guys through HJT.

Go Start>Run, type in:
services.msc
Click OK.
Services window will open.
Look for Viewpoint Manager Service
Right click on it, click Stop
Right click again, click Properties, and under Startup type set it to Disable from drop-down menu

Go Start>Control Panel>Add\Remove, and:
Uninstall any of the following programs associated with Viewpoint:
    * Viewpoint Manager
    * Viewpoint Media Player
    * Viewpoint Toolbar

Restart computer. Post new HJT log.

I'll be back in 10-15 minutes.

[Malware Removal Specialist]

Go to C\:Combofix and look for the log in there.

If it isn't there then run it again with Norton turned off.

Taken From BleepingComputer

NORTON ANTIVIRUS
Please navigate to the system tray on the bottom right hand corner and look for a sign.

• right-click it -> chose "Disable Auto-Protect."
  
• select a duration of 5 hours (this assures no interference with the cleanup of your pc)
  
• click "Ok."
  
• a popup will warn that protection will now be disabled and the sign will now look like this:

You succesfully disabled the Norton Antivirus Guard.

Go to C\:Combofix and look for the log in there.

If it isn't there then run it again with Norton turned off.

Taken From BleepingComputer

NORTON ANTIVIRUS
Please navigate to the system tray on the bottom right hand corner and look for a sign.

• right-click it -> chose "Disable Auto-Protect."
  
• select a duration of 5 hours (this assures no interference with the cleanup of your pc)
  
• click "Ok."
  
• a popup will warn that protection will now be disabled and the sign will now look like this:

You succesfully disabled the Norton Antivirus Guard.

Found the log for ComboFix. There was also another txt file called "pend" where I found the ComboFix txt file, so I included it.

I looked on my taskbar/system tray and all I see is the time (currently 22:20), the SuperAntispyware icon, Intervideo WinCinema Manager (which I never use), Safely Remove Hardware icon, and the Volume icon.

Also, when I disabled SAS before running Combofix, the Norton Antivirus icon was not on the taskbar either, which is why I was surprised to see the Norton Alert pop up after the reboot.

So is there any other way to disable Norton?? Should I uninstall SAS just in case?
........

Again, I apologize for all these questions, but should I be following both your and Broni's instructions. Are they going to complement each other??

[file cleanup - saving space - attachment deleted by admin]

[Malware Removal Specialist]

Is that the whole combofix log?

It is cut off at the bottom. (the first one)

Yeah that's it... I think it was cut off since ComboFix was preparing the log, and Norton Alert popped up and SAS started up by itself.

.........

I just uninstalled Viewpoint Manager and Viewpoint Media Player. Right now, I'm waiting to find a way to disable Norton and SAS so they won't interfere if I need to Combofix again.

[Malware Removal Specialist]

When you get Norton disabled, run combofix again and post the whole log it gives you.

You can stop Norton in the services if the tray icon has disappeared. Just remember to turn it back on after we are done.

See but that's the thing. I didn't see the Norton icon so I assumed it was off. But when I ran ComboFix and rebooted, Norton just detected ComboFix and said it was a bad script.

So I'm sure I can't use ComboFix again unless Norton and SAS are really disabled until I enable them again.

........

Also, when I rebooted to Normal mode today, this thing popped up each time after I login.

RUNDLL with the message "Error loading C:\WINDOWS\system32\tpueedfx.dll

The specified module could not be found"

What the heck is this??

Update: I went into SAS and change my preferences so that it doesn't automatically start when Windows start.

And then I went to Start>Run, and used "services.msc". I looked for Norton, and click "stop", and "disabled" it's automatic startup.

I'm going to run ComboFix again, hopefully reboot with a new log, and then do another Hijackthis log.

[Malware Removal Specialist]

C:\WINDOWS\system32\tpueedfx.dll is a left from the vundo, which is why I need the whole combofix log.

I try Combofix again and the Norton alert came up again. So I rebooted again, just to make sure all the changes are in place.

Here is another Hijackthis log

And I will try the Combofix again.

....

Also, don't know if this is important for later, but I cannot use my CD and DVD drive at all (even prior to getting the popups, adwares, etc). So if I have to remove anything, and restore them later, I cannot use backup cds, etc.

The only way I can transfer data is with my Ipod, through a usb (or d/l the software from the web).
....

[file cleanup - saving space - attachment deleted by admin]

Darn it, the Norton Alert popped up again when I tried running ComboFix.

Guess changing its status to "stopped" and disabling it's from auto start in the SERVICE WINDOW didn't work.

Hopefully, we can find a way around this, or find the solution in HJT.

[Malware Removal Specialist]

Open HijackThis and select Do a system scan only then place a check mark next to:

O4 - HKLM\..\Run: [1cbf3279] rundll32.exe "C:\WINDOWS\system32\tpueedfx.dll",b
O4 - Global Startup: MA111 Configuration Utility.lnk = ?

Close all windows except for HijackThis and click Fix checked

Exit Hijackthis.

Locate and delete the file tpueedfx.dll  located at:

C:\WINDOWS\system32\tpueedfx.dll


Please download DrWeb CureIt & save it to your desktop.

Scan with DrWeb-CureIt as follows:

• Double-click on drweb-cureit.exe and then click Start.
  
• An Express Scan of your PC notice will appear.
  
• Under Start the Express Scan Now Click OK to start.
  • This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
• Once the short scan has finished, Click Options > Change settings
  
• Choose the Scan tab and UNcheck Heuristic analysis and click OK
  
• Back at the main window, select the Complete scan button.
  
• Then click the Green Arrow Start Scanning button on the right and the scan will start.
  • Click Yes to all if it asks if you want to cure/move any file(s).
• When the scan is done.
• In the Dr.Web CureIt menu on top left, click File and choose Save report list.
  
• Save the DrWeb.csv report to your Desktop.
  
• Exit Dr.Web Cureit.

• Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

[/COLOR]

• After reboot, Right-click the Dr.Web log on the desktop and choose Open With > Notepad
  
• Copy and paste that log in the next reply

.
Next post please add:
Dr Web log
New Hijackthis log

Exit Hijackthis.

Locate and delete the file tpueedfx.dll  located at:

C:\WINDOWS\system32\tpueedfx.dll

Where exactly do I go to delete this?


Also, I only have 1.11 gb of space left. Does this matter at all?