STill trying to get rid of virus

[SuperDave]

Download DeFogger by jpshortstuff and save it to your desktop.
 
* Double click DeFogger.exe to run the tool.
* The application window will appear.
* Click the Disable button to disable your CD Emulation drivers
* Click Yes to continue.
* A 'Finished!' message will appear.
* Click OK.
* DeFogger will now ask to reboot the machine...click OK.
 
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
 
Do not re-enable these drivers until otherwise instructed.



Now delete the copy of ComboFix you have and download a new copy of ComboFix and run the scan. Post the log it creates.

If you already have ComboFix be sure to delete it and download a new copy.

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
 
Double click combofix.exe & follow the prompts.
Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix

[Helpme220]

Hey sd , the link for Defogger by jpshortstuff you sent didn't work . Just would be able to hilight didnt bring me to web site. Can you please send it again .
Thanks
Help me 220

[fullbug]

You can find the Defogger program here- http://www.jpshortstuff.247fixes.com/Defogger.exe

[evilfantasy]

Link fixed. Please see above.

Thanks fullbug.

[Helpme220]

Hey guys . here is the defogger log . For some reason the combofix doesn't want to work cant get a log or anything . I hope this will be helpful.
Thanks to alll
Helpme 220

[Saving space, attachment deleted by admin]

[SuperDave]

Try to run the Gmer RootKit Detector in Reply 13

[Helpme220]

Hey sd tried running gmer exe. got the blue screen saying windows was shutting down to save the computer from damage . It gave me this message Page_Fault_in_NONPAGED  Area. What is the nxext step if the gmer.exe wont work?
Thanks
Helpme 220

[SuperDave]

I tried running it myself and got a BSOD. I'm will have to check this out with Evil. Could you run ComboFix again and give me another log?

[Helpme220]

Hey took awhile but here is my new combofix log. Cmbofix wouldn't run so i had a hunch and ran rkill.exe and then combofix would run . Is that normal ?well here it is .
Thank you again for all you work on this .
helpme 220

[Saving space, attachment deleted by admin]

[SuperDave]

That log looks much better. Is your computer working any better? Let's try this scan.

ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the <<Back button then click Finish.

In your next reply please include the ESET Online Scan Log

[Helpme220]

Hey guys here is my eset log . Computer seems to be running better . no hijacking my browser and it seems to be running faster .Is there anything I need to do to restore my computer back . Or can I  run everything theway it is . I remember something about turning cd drivers off and needing to restore later . Its been a long day  Hopefully this is the final piece . Also if this is it , what are some of the steps do I need to take to keep my computer running smoothly . Thank you again for all your help and patience
Helpme 220

[Helpme220]

Sorry forgot to attach log . here it is

[Saving space, attachment deleted by admin]

[SuperDave]

That looks good. If there are no other issuse, it's time to do some clean-up. You can uninstall HTJ but you can keep SAS and MBAM. Update them and run them about once per week.

* Click START then RUN - Vista users press the Windows Key and the R keys for the Run box.
* Now type Combofix /uninstall in the runbox
* Make sure there's a space between Combofix and /Uninstall
* Then hit Enter

* The above procedure will:
* Delete the following:
* ComboFix and its associated files and folders.
* Reset the clock settings.
* Hide file extensions, if required.
* Hide System/Hidden files, if required.
* Set a new, clean Restore Point.

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

Uninstall GMER

Click on Start > Run and type in or copy/paste all of the Red text into the Run box.

%windir%\gmer_uninstall.cmd

Click OK to remove GMER.

To re-enable your Emulation drivers, double click DeFogger to run the tool.

* The application window will appear.
* Click the Re-enable button to re-enable your CD Emulation drivers.
* Click Yes to continue.
* A 'Finished!' message will appear.
* Click OK
* DeFogger will now ask to reboot the machine, click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

Now you can delete DeFogger from your desktop

Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smooth.

Safe Surfing!

[Helpme220]

Cool i will run those tomorrow . One question this all started when I ran an update for adobe . I deleted it a while ago should I try to download that to see if it will mess up my computer before Iuninstall all these programs
Just wondering
Thanks again
Helpme 220

[SuperDave]

Adobe is a safe program. It was probably just a coincidence that your problems started at that time. You will probably need Adobe sometime in the future.