BleepingComputer.com: Malware on Friends Computer

Hi all I'm posting here as my last resort for help I'm trying to help a friend clean her computer but so far it keeps coming back. Firefox and IE on her computer constantly show this popup from: http://holidaycontest.s3.amazonaws.com/home.html that says she won a $1000 Walmart Gift card. I could just block it I suppose by it makes me suspicious that there are other things lurking. Here's what I've tried so far:

Running spybot search and destroy several time including on restart (it found and removed virtumonde)
Uninstallilng firefox / reinstalling
disabling all plugins in firefox
removing all extension keys from the firefox extension settings in the registry
running trend micro house call
running combofix it reported "Bootkit TDL4 was found and disinfected"
installing and running chrome, oddly it was not able to connect to the internet it just hung
firefox also was having a problem hanging on connecting to the internet until I started it in safe-mode this made me suspicious about plugins

I know your forum says don't run combofix unless you know what you're doing but generally I do know what I'm doing, but I'm getting beaten here. Any help is greatly appreciated.

Thank you,
-Eric

This post has been edited by Blade Zephon: 08 December 2010 - 11:17 PM
Reason for edit: Disabled link ~BZ

You are not alone, brother. I have the same symptoms. It seems to have started today. Along with opening the tab for a "gift card" it also seems to be a search hijacker. My Google results were hijacked to a different site. Any help from the community here would be greatly appreciated.

Thanks
Larry

Hello.

@ Inolte: Please start your own topic to avoid confusion.

@esteimle: For the benefit of others who may read this thread, please note the following:

ComboFix (CF for short) is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

You may find this topic informative - ComboFix usage, Questions, Help? - Look here

***************************************************

The issues on your system will require a more in-depth examination than can be performed in this forum. Please read the information in this guide, and follow all the steps beginning with step 6. After you have followed the steps in that guide, I would like you to start a new thread HERE and include a link to this thread. Additionally, please post the ComboFix log that was generated when you ran the tool, so that your helper can analyze it.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient. The MRT is very busy, so it could be several days (5-7 days is the average wait right now) before you receive a reply. But rest assured, help is on the way!

~Blade

Any news guys??