Jump to content

Recommended Posts

Despite running Malware Bytes and removing some malicious programs, my laptop still seems to be infected. Logs are pasted below. Much appreciation for the assistance and recommendations.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6559

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

5/14/2011 4:38:22 PM

mbam-log-2011-05-14 (16-38-22).txt

Scan type: Full scan (C:\|E:\|F:\|)

Objects scanned: 309690

Time elapsed: 1 hour(s), 42 minute(s), 21 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 5:05:40 PM, on 5/14/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Alltel\GoBoingo\AlltelWifi.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Dell Video Chat\DellVideoChat.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Online Armor\OAhlp.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Online Armor\oaui.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost #[iPv6]

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Advertising Cookie Opt-out - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files\Sensible Vision\Fast Access\FAIESSO.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe

O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [FATrayAlert] c:\Program Files\Sensible Vision\Fast Access\FATrayMon.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe

O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [GoBoingo] C:\Program Files\Alltel\GoBoingo\AlltelWifi.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\oaui.exe"

O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmode

O4 - HKCU\..\Run: [Google Update] "C:\Users\Jodi\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: FastAccess - c:\Program Files\Sensible Vision\Fast Access\FALogNot.dll

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: FAService - Sensible Vision - c:\Program Files\Sensible Vision\Fast Access\FAService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Online Armor Helper Service (OAcat) - Emsi Software GmbH - C:\Program Files\Online Armor\OAcat.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE

O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe

O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Online Armor (SvcOnlineArmor) - Emsi Software GmbH - C:\Program Files\Online Armor\oasrv.exe

O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--

End of file - 14002 bytes

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Thank you for your reply. The logs are posted below.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6611

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

5/18/2011 6:19:43 PM

mbam-log-2011-05-18 (18-19-43).txt

Scan type: Full scan (C:\|E:\|F:\|)

Objects scanned: 310552

Time elapsed: 1 hour(s), 45 minute(s), 32 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Jodi at 19:50:20.52 on Wed 05/18/2011

Internet Explorer: 7.0.6002.18005

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Sensible Vision\Fast Access\FAService.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe

C:\Windows\system32\SLsvc.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\Online Armor\OAcat.exe

C:\Program Files\Online Armor\oasrv.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\RUNDLL32.EXE

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Alltel\GoBoingo\AlltelWifi.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Online Armor\oaui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Dell Video Chat\DellVideoChat.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Online Armor\OAhlp.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Windows\system32\wuauclt.exe

c:\program files\windows defender\MpCmdRun.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Users\Jodi\Desktop\dds.scr

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = <local>

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Advertising Cookie Opt-out: {8e425eb4-adbd-4816-b1e8-49bb9decf034} - c:\program files\google\advertising cookie opt-out\opt_out.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\program files\sensible vision\fast access\FAIESSO.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [sightSpeed] "c:\program files\dell video chat\DellVideoChat.exe" -bootmode

uRun: [Google Update] "c:\users\jodi\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10m_ActiveX.exe -update activex

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [FATrayAlert] c:\program files\sensible vision\fast access\FATrayMon.exe

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [FAStartup]

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [GoBoingo] c:\program files\alltel\goboingo\AlltelWifi.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"

mRunOnce: [Launcher] c:\program files\dell datasafe local backup\components\scheduler\Launcher.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: FastAccess - c:\program files\sensible vision\fast access\FALogNot.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: igfxcui - igfxdev.dll

SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~1\oaevent.dll

LSA: Notification Packages = scecli FAPassSync

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\jodi\appdata\roaming\mozilla\firefox\profiles\dg905zik.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\jodi\appdata\local\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\users\jodi\appdata\roaming\move networks\plugins\npqmp071505000010.dll

FF - plugin: c:\users\jodi\appdata\roaming\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\users\jodi\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\jodi\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

============= SERVICES / DRIVERS ===============

.

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? COH_Mon;COH_Mon

R? FACAP;facap, FastAccess Video Capture

R? gupdate;Google Update Service (gupdate)

R? gupdatem;Google Update Service (gupdatem)

R? McComponentHostService;McAfee Security Scan Component Host Service

R? PTDLBus;PANTECH UM175AL Composite Device Driver

R? PTDLMdm;PANTECH UM175AL Drivers

R? PTDLVsp;PANTECH UM175AL Diagnostic Port

R? PTDLWWAN;PANTECH UM175AL WWAN Driver

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? AESTFilters;Andrea ST Filters Service

S? AntiVirSchedulerService;Avira AntiVir Scheduler

S? AntiVirService;Avira AntiVir Guard

S? avgntflt;avgntflt

S? CtClsFlt;Creative Camera Class Upper Filter Driver

S? DockLoginService;Dock Login Service

S? EraserUtilRebootDrv;EraserUtilRebootDrv

S? FAService;FAService

S? FontCache;Windows Font Cache Service

S? OA009Ufd;Creative Camera OA009 Upper Filter Driver

S? OA009Vid;Creative Camera OA009 Function Driver

S? OAcat;Online Armor Helper Service

S? OADevice;OADriver

S? oahlpXX;Online Armor helper driver

S? OAmon;OAmon

S? OAnet;OnlineArmor Service

S? SBSDWSCService;SBSD Security Center Service

S? SftService;SoftThinks Agent Service

S? SvcOnlineArmor;Online Armor

S? Symantec AntiVirus;Symantec Endpoint Protection

S? yksvc;Marvell Yukon Service

.

=============== Created Last 30 ================

.

2011-05-18 19:58:29 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{56208fe4-a2f7-41be-8654-3a44dd8f1014}\mpengine.dll

2011-05-14 21:04:36 -------- d-----w- c:\program files\Trend Micro

2011-05-14 16:49:24 -------- d-----w- c:\users\jodi\appdata\roaming\Avira

2011-05-14 16:45:42 1611 ----a-w- c:\windows\system32\drivers\etc\mvps.bat

2011-05-13 02:39:32 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-05-13 02:39:32 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-05-13 02:24:06 -------- d-----w- c:\users\jodi\appdata\local\Mozilla

2011-05-13 02:23:15 -------- d-----w- c:\program files\SpywareBlaster

2011-05-13 01:40:43 -------- d-----w- c:\users\jodi\appdata\roaming\OnlineArmor

2011-05-13 01:40:43 -------- d-----w- c:\progra~2\OnlineArmor

2011-05-13 01:38:56 39048 ----a-w- c:\windows\system32\drivers\oahlp32.sys

2011-05-13 01:38:56 25192 ----a-w- c:\windows\system32\drivers\OAmon.sys

2011-05-13 01:38:55 29312 ----a-w- c:\windows\system32\drivers\OAnet.sys

2011-05-13 01:38:55 205864 ----a-w- c:\windows\system32\drivers\OADriver.sys

2011-05-13 01:38:32 -------- d-----w- c:\program files\Online Armor

2011-05-13 01:01:32 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-05-13 01:01:30 -------- d-----w- c:\program files\Avira

2011-05-13 01:01:30 -------- d-----w- c:\progra~2\Avira

2011-05-11 16:02:22 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-04-27 23:04:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-04-27 23:04:43 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-04-27 23:04:32 876032 ----a-w- c:\windows\system32\XpsPrint.dll

.

==================== Find3M ====================

.

2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll

2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll

2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll

2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys

2011-03-02 15:44:27 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-02-22 14:13:01 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33:12 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-02-22 13:33:09 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-02-18 16:38:42 834048 ----a-w- c:\windows\system32\wininet.dll

2011-02-18 15:45:02 78336 ----a-w- c:\windows\system32\ieencode.dll

2011-02-18 14:49:21 389632 ----a-w- c:\windows\system32\html.iec

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 6.0.6002

.

CreateFile("\\.\PHYSICALDRIVE0"): Access is denied.

device: opened successfully

user: error reading MBR

.

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll

c:\windows\system32\drivers\iastor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x81E84912] -> \Device\Harddisk0\DR0[0x86409AC8]

3 CLASSPNP[0x8B7A88B3] -> ntkrnlpa!IofCallDriver[0x81E84912] -> \Device\Ide\IAAStorageDevice-1[0x854CF028]

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }

user != kernel MBR !!!

.

============= FINISH: 20:10:54.39 ===============

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

The logs are posted below. My system is still running so very slow, despite all this cleaning. Another weird thing is that when I close the browser, the window actualy takes another five seconds or so to close...but not really sure if this any significance or not. Based on these scans and logs, what is your opinion about whether or my system is free of any malicious programs or viruses?

Thanks for your help!

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)

# OnlineScanner.ocx=1.0.0.6522

# api_version=3.0.2

# EOSSerial=7f56dbd8ee2ba04aa1ed7df3c74c7036

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-05-27 12:37:02

# local_time=2011-05-26 08:37:02 (-0500, Eastern Daylight Time)

# country="United States"

# lang=9

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=512 16777215 100 0 956127 956127 0 0

# compatibility_mode=1797 16775165 100 94 0 42042952 0 0

# compatibility_mode=5892 16776573 100 100 0 143057175 0 0

# compatibility_mode=6401 16777213 66 100 0 3418739 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=180100

# found=0

# cleaned=0

# scan_time=7019

Results of screen317's Security Check version 0.99.12

Windows Vista Service Pack 2 (UAC is disabled!)

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

Avira AntiVir Personal - Free Antivirus

Symantec Endpoint Protection

Online Armor 5.0

McAfee Security Scan Plus

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

CCleaner

Java 6 Update 24

Out of date Java installed!

Adobe Flash Player

Adobe Reader 9.4.2

Out of date Adobe Reader installed!

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Norton ccSvcHst.exe

Windows Defender MSASCui.exe

Spybot Teatimer.exe is disabled!

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

Tall Emu Online Armor OAcat.exe

Tall Emu Online Armor oasrv.exe

Tall Emu Online Armor oaui.exe

Tall Emu Online Armor OAhlp.exe

Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe

Windows Defender MSASCui.exe

windows defender MpCmdRun.exe

``````````End of Log````````````

Link to post
Share on other sites

  • Staff

Hi,

Likely that all of your security is (at least partially) to blame:

I notice that you are using more than one antivirus program (Antivir, Norton, and McAfee). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Link to post
Share on other sites

  • Staff

Hi,

Likely that all of your security is at least (partially) to blame.

I notice that you are using more than one antivirus program (Antivir, Norton, and McAfee). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.

Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Link to post
Share on other sites

I uninstalled Antivir and McAfee per your recommendation, though I am interested in your thoughts on which program is better - Antivir or Symantec?

Also, I followed the steps in the "So how did I get infected in the first place?" forum, and downloaded Antivir, Online Armor, Spyware Blaster, MVPS HOSTS, Spybot Search & Destroy, MBAM, and Windows Defender. I also updated ActiveX controls to PROMPT for "Download signed and unsigned ActiveX controls", and to DISABLE for "Initialize and Script ActiveX controls not marked as safe"....is this combination of programs both compatible and optimal for protection?

Here is the link for the PCPitstop tests:

http://www.pcpitstop.com/betapit/sec.asp?conid=24393168

Thank you!

Link to post
Share on other sites

  • Staff

I would keep Avira personally (I actually use Microsoft Security Essentials) instead of Symantec.

If you choose to remove Symantec, I suggest running their removal tool from here after you uninstall it from Add or Remove Programs.

PCPitStop noted several things that you can do to improve the shape your computer is in.

Pay particular attention to these items:

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.