4jojo5 Posted May 14, 2011 ID:429223 Share Posted May 14, 2011 Despite running Malware Bytes and removing some malicious programs, my laptop still seems to be infected. Logs are pasted below. Much appreciation for the assistance and recommendations.Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.orgDatabase version: 6559Windows 6.0.6002 Service Pack 2Internet Explorer 7.0.6002.180055/14/2011 4:38:22 PMmbam-log-2011-05-14 (16-38-22).txtScan type: Full scan (C:\|E:\|F:\|)Objects scanned: 309690Time elapsed: 1 hour(s), 42 minute(s), 21 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:05:40 PM, on 5/14/2011Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v7.00 (7.00.6002.18005)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Sensible Vision\Fast Access\FATrayMon.exeC:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\Sensible Vision\Fast Access\FATrayAlert.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Alltel\GoBoingo\AlltelWifi.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Dell Video Chat\DellVideoChat.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\Online Armor\OAhlp.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Windows\system32\wuauclt.exeC:\Program Files\Online Armor\oaui.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exeC:\Windows\system32\SearchFilterHost.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost #[iPv6]O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Advertising Cookie Opt-out - {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} - C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files\Sensible Vision\Fast Access\FAIESSO.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dllO4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hideO4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exeO4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [FATrayAlert] c:\Program Files\Sensible Vision\Fast Access\FATrayMon.exeO4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resumeO4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exeO4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenterO4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exeO4 - HKLM\..\Run: [GoBoingo] C:\Program Files\Alltel\GoBoingo\AlltelWifi.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /minO4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\oaui.exe"O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\scheduler\Launcher.exeO4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - HKCU\..\Run: [sightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmodeO4 - HKCU\..\Run: [Google Update] "C:\Users\Jodi\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')O4 - Global Startup: McAfee Security Scan Plus.lnk = ?O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.htmlO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: FastAccess - c:\Program Files\Sensible Vision\Fast Access\FALogNot.dllO20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllO23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exeO23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exeO23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exeO23 - Service: FAService - Sensible Vision - c:\Program Files\Sensible Vision\Fast Access\FAService.exeO23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exeO23 - Service: Online Armor Helper Service (OAcat) - Emsi Software GmbH - C:\Program Files\Online Armor\OAcat.exeO23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exeO23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXEO23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exeO23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXEO23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exeO23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: Online Armor (SvcOnlineArmor) - Emsi Software GmbH - C:\Program Files\Online Armor\oasrv.exeO23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXEO23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)--End of file - 14002 bytes Link to post Share on other sites More sharing options...
Staff screen317 Posted May 18, 2011 Staff ID:430637 Share Posted May 18, 2011 Hi and welcome to Malwarebytes.Please update MBAM, run a Quick Scan, and post its log.Next, download DDS by sUBs and save it to your Desktop.Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply. Link to post Share on other sites More sharing options...
4jojo5 Posted May 19, 2011 Author ID:430828 Share Posted May 19, 2011 Thank you for your reply. The logs are posted below.Malwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.orgDatabase version: 6611Windows 6.0.6002 Service Pack 2Internet Explorer 7.0.6002.180055/18/2011 6:19:43 PMmbam-log-2011-05-18 (18-19-43).txtScan type: Full scan (C:\|E:\|F:\|)Objects scanned: 310552Time elapsed: 1 hour(s), 45 minute(s), 32 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected).DDS (Ver_11-03-05.01) - NTFSx86 Run by Jodi at 19:50:20.52 on Wed 05/18/2011Internet Explorer: 7.0.6002.18005.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exec:\Program Files\Sensible Vision\Fast Access\FAService.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exeC:\Windows\system32\SLsvc.exeC:\Program Files\Dell\DellDock\DockLogin.exeC:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\WLTRYSVC.EXEC:\Windows\System32\bcmwltry.exeC:\Program Files\Online Armor\OAcat.exeC:\Program Files\Online Armor\oasrv.exeC:\Windows\System32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exeC:\Program Files\Avira\AntiVir Desktop\avguard.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exeC:\Program Files\Avira\AntiVir Desktop\avshadow.exeC:\Windows\system32\taskeng.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Dell DataSafe Local Backup\sftservice.EXEc:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\RUNDLL32.EXEC:\Program Files\Spybot - Search & Destroy\SDWinSec.exec:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Dell Support Center\bin\sprtsvc.exeC:\Windows\System32\WLTRAY.EXEC:\Program Files\Dell\QuickSet\quickset.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Sensible Vision\Fast Access\FATrayMon.exeC:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exeC:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\IDT\WDM\sttray.exeC:\Program Files\Alltel\GoBoingo\AlltelWifi.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Avira\AntiVir Desktop\avgnt.exeC:\Program Files\Online Armor\oaui.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Dell Video Chat\DellVideoChat.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Online Armor\OAhlp.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Skype\Plugin Manager\skypePM.exeC:\Program Files\DellTPad\HidFind.exeC:\Windows\system32\wuauclt.exec:\program files\windows defender\MpCmdRun.exeC:\Windows\system32\NOTEPAD.EXEC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exeC:\Program Files\Windows Live\Toolbar\wltuser.exeC:\Users\Jodi\Desktop\dds.scrC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com/uInternet Settings,ProxyOverride = <local>BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No FileBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: Advertising Cookie Opt-out: {8e425eb4-adbd-4816-b1e8-49bb9decf034} - c:\program files\google\advertising cookie opt-out\opt_out.dllBHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\program files\sensible vision\fast access\FAIESSO.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dlluRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRunuRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimizeduRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"uRun: [sightSpeed] "c:\program files\dell video chat\DellVideoChat.exe" -bootmodeuRun: [Google Update] "c:\users\jodi\appdata\local\google\update\GoogleUpdate.exe" /cuRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /backgrounduRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10m_ActiveX.exe -update activexmRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exemRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exemRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [FATrayAlert] c:\program files\sensible vision\fast access\FATrayMon.exemRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resumemRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"mRun: [FAStartup] mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"mRun: [Apoint] c:\program files\delltpad\Apoint.exemRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcentermRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exemRun: [GoBoingo] c:\program files\alltel\goboingo\AlltelWifi.exemRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /minmRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"mRunOnce: [Launcher] c:\program files\dell datasafe local backup\components\scheduler\Launcher.exemPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)mPolicies-system: EnableLUA = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.htmlIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLNotify: FastAccess - c:\program files\sensible vision\fast access\FALogNot.dllNotify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dllNotify: igfxcui - igfxdev.dllSEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~1\oaevent.dllLSA: Notification Packages = scecli FAPassSync.================= FIREFOX ===================.FF - ProfilePath - c:\users\jodi\appdata\roaming\mozilla\firefox\profiles\dg905zik.default\FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/FF - prefs.js: network.proxy.type - 0FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\users\jodi\appdata\local\google\update\1.3.21.53\npGoogleUpdate3.dllFF - plugin: c:\users\jodi\appdata\roaming\move networks\plugins\npqmp071505000010.dllFF - plugin: c:\users\jodi\appdata\roaming\move networks\plugins\npqmp071505000011.dllFF - plugin: c:\users\jodi\appdata\roaming\mozilla\plugins\npgoogletalk.dllFF - plugin: c:\users\jodi\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll.============= SERVICES / DRIVERS ===============.R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86R? COH_Mon;COH_MonR? FACAP;facap, FastAccess Video CaptureR? gupdate;Google Update Service (gupdate)R? gupdatem;Google Update Service (gupdatem)R? McComponentHostService;McAfee Security Scan Component Host ServiceR? PTDLBus;PANTECH UM175AL Composite Device DriverR? PTDLMdm;PANTECH UM175AL DriversR? PTDLVsp;PANTECH UM175AL Diagnostic PortR? PTDLWWAN;PANTECH UM175AL WWAN DriverR? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0S? AESTFilters;Andrea ST Filters ServiceS? AntiVirSchedulerService;Avira AntiVir SchedulerS? AntiVirService;Avira AntiVir GuardS? avgntflt;avgntfltS? CtClsFlt;Creative Camera Class Upper Filter DriverS? DockLoginService;Dock Login ServiceS? EraserUtilRebootDrv;EraserUtilRebootDrvS? FAService;FAServiceS? FontCache;Windows Font Cache ServiceS? OA009Ufd;Creative Camera OA009 Upper Filter DriverS? OA009Vid;Creative Camera OA009 Function DriverS? OAcat;Online Armor Helper ServiceS? OADevice;OADriverS? oahlpXX;Online Armor helper driverS? OAmon;OAmonS? OAnet;OnlineArmor ServiceS? SBSDWSCService;SBSD Security Center ServiceS? SftService;SoftThinks Agent ServiceS? SvcOnlineArmor;Online ArmorS? Symantec AntiVirus;Symantec Endpoint ProtectionS? yksvc;Marvell Yukon Service.=============== Created Last 30 ================.2011-05-18 19:58:29 7071056 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{56208fe4-a2f7-41be-8654-3a44dd8f1014}\mpengine.dll2011-05-14 21:04:36 -------- d-----w- c:\program files\Trend Micro2011-05-14 16:49:24 -------- d-----w- c:\users\jodi\appdata\roaming\Avira2011-05-14 16:45:42 1611 ----a-w- c:\windows\system32\drivers\etc\mvps.bat2011-05-13 02:39:32 -------- d-----w- c:\program files\Spybot - Search & Destroy2011-05-13 02:39:32 -------- d-----w- c:\progra~2\Spybot - Search & Destroy2011-05-13 02:24:06 -------- d-----w- c:\users\jodi\appdata\local\Mozilla2011-05-13 02:23:15 -------- d-----w- c:\program files\SpywareBlaster2011-05-13 01:40:43 -------- d-----w- c:\users\jodi\appdata\roaming\OnlineArmor2011-05-13 01:40:43 -------- d-----w- c:\progra~2\OnlineArmor2011-05-13 01:38:56 39048 ----a-w- c:\windows\system32\drivers\oahlp32.sys2011-05-13 01:38:56 25192 ----a-w- c:\windows\system32\drivers\OAmon.sys2011-05-13 01:38:55 29312 ----a-w- c:\windows\system32\drivers\OAnet.sys2011-05-13 01:38:55 205864 ----a-w- c:\windows\system32\drivers\OADriver.sys2011-05-13 01:38:32 -------- d-----w- c:\program files\Online Armor2011-05-13 01:01:32 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys2011-05-13 01:01:30 -------- d-----w- c:\program files\Avira2011-05-13 01:01:30 -------- d-----w- c:\progra~2\Avira2011-05-11 16:02:22 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat2011-04-27 23:04:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll2011-04-27 23:04:43 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll2011-04-27 23:04:32 876032 ----a-w- c:\windows\system32\XpsPrint.dll.==================== Find3M ====================.2011-03-10 17:03:51 1162240 ----a-w- c:\windows\system32\mfc42u.dll2011-03-10 17:03:51 1136640 ----a-w- c:\windows\system32\mfc42.dll2011-03-03 15:42:03 739328 ----a-w- c:\windows\system32\inetcomm.dll2011-03-03 15:40:07 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll2011-03-03 15:40:05 542720 ----a-w- c:\windows\apppatch\AcLayers.dll2011-03-03 15:40:05 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll2011-03-03 15:40:04 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll2011-03-03 13:25:11 2041856 ----a-w- c:\windows\system32\win32k.sys2011-03-02 15:44:27 86528 ----a-w- c:\windows\system32\dnsrslvr.dll2011-02-22 14:13:01 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll2011-02-22 13:33:12 1068544 ----a-w- c:\windows\system32\DWrite.dll2011-02-22 13:33:09 797696 ----a-w- c:\windows\system32\FntCache.dll2011-02-18 16:38:42 834048 ----a-w- c:\windows\system32\wininet.dll2011-02-18 15:45:02 78336 ----a-w- c:\windows\system32\ieencode.dll2011-02-18 14:49:21 389632 ----a-w- c:\windows\system32\html.iec.=================== ROOTKIT ====================.Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.netWindows 6.0.6002 .CreateFile("\\.\PHYSICALDRIVE0"): Access is denied.device: opened successfullyuser: error reading MBR .Disk trace:called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll c:\windows\system32\drivers\iastor.sys Intel Corporation Intel Matrix Storage Manager driver1 ntkrnlpa!IofCallDriver[0x81E84912] -> \Device\Harddisk0\DR0[0x86409AC8]3 CLASSPNP[0x8B7A88B3] -> ntkrnlpa!IofCallDriver[0x81E84912] -> \Device\Ide\IAAStorageDevice-1[0x854CF028]kernel: MBR read successfully_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }user != kernel MBR !!! .============= FINISH: 20:10:54.39 =============== Link to post Share on other sites More sharing options...
Staff screen317 Posted May 20, 2011 Staff ID:431770 Share Posted May 20, 2011 Hi,Please visit this webpage for instructions for running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofixWhen the tool is finished, it will produce a report for you.Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.-screen317 Link to post Share on other sites More sharing options...
4jojo5 Posted May 25, 2011 Author ID:433281 Share Posted May 25, 2011 Hello,The logs are below - thank again for your help.4jojo5ComboFix 11-05-24.01 - Jodi 05/24/2011 22:29:06.1.2 - x86Microsoft Link to post Share on other sites More sharing options...
Staff screen317 Posted May 26, 2011 Staff ID:433728 Share Posted May 26, 2011 Hi,Next, please run a free online scan with the ESET Online ScannerNote: You will need to use Internet Explorer for this scan.Tick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the ActiveX control to installClick StartMake sure that the options Remove found threats and the option Scan unwanted applications is checkedClick ScanWait for the scan to finishUse Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txtCopy and paste that log as a reply to this topicNext, download my Security Check from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Let me know how things are running now and what issues remain.-screen317 Link to post Share on other sites More sharing options...
4jojo5 Posted May 27, 2011 Author ID:433826 Share Posted May 27, 2011 The logs are posted below. My system is still running so very slow, despite all this cleaning. Another weird thing is that when I close the browser, the window actualy takes another five seconds or so to close...but not really sure if this any significance or not. Based on these scans and logs, what is your opinion about whether or my system is free of any malicious programs or viruses?Thanks for your help! ESETSmartInstaller@High as CAB hook log:OnlineScanner.ocx - registred OK# version=7# iexplore.exe=7.00.6000.16386 (vista_rtm.061101-2205)# OnlineScanner.ocx=1.0.0.6522# api_version=3.0.2# EOSSerial=7f56dbd8ee2ba04aa1ed7df3c74c7036# end=finished# remove_checked=true# archives_checked=false# unwanted_checked=true# unsafe_checked=true# antistealth_checked=true# utc_time=2011-05-27 12:37:02# local_time=2011-05-26 08:37:02 (-0500, Eastern Daylight Time)# country="United States"# lang=9# osver=6.0.6002 NT Service Pack 2# compatibility_mode=512 16777215 100 0 956127 956127 0 0# compatibility_mode=1797 16775165 100 94 0 42042952 0 0# compatibility_mode=5892 16776573 100 100 0 143057175 0 0# compatibility_mode=6401 16777213 66 100 0 3418739 0 0# compatibility_mode=8192 67108863 100 0 0 0 0 0# scanned=180100# found=0# cleaned=0# scan_time=7019 Results of screen317's Security Check version 0.99.12 Windows Vista Service Pack 2 (UAC is disabled!) Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! Avira AntiVir Personal - Free Antivirus Symantec Endpoint Protection Online Armor 5.0 McAfee Security Scan Plus WMI entry may not exist for antivirus; attempting automatic update. Avira successfully updated! ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware HijackThis 2.0.2 CCleaner Java 6 Update 24 Out of date Java installed! Adobe Flash Player Adobe Reader 9.4.2 Out of date Adobe Reader installed! Mozilla Firefox (x86 en-US..) ```````````````````````````````` Process Check: objlist.exe by Laurent Norton ccSvcHst.exe Windows Defender MSASCui.exe Spybot Teatimer.exe is disabled! Avira Antivir avgnt.exe Avira Antivir avguard.exe Tall Emu Online Armor OAcat.exe Tall Emu Online Armor oasrv.exe Tall Emu Online Armor oaui.exe Tall Emu Online Armor OAhlp.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe Windows Defender MSASCui.exe windows defender MpCmdRun.exe ``````````End of Log```````````` Link to post Share on other sites More sharing options...
Staff screen317 Posted May 29, 2011 Staff ID:434377 Share Posted May 29, 2011 Hi,Likely that all of your security is (at least partially) to blame:I notice that you are using more than one antivirus program (Antivir, Norton, and McAfee). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program. Link to post Share on other sites More sharing options...
Staff screen317 Posted May 29, 2011 Staff ID:434378 Share Posted May 29, 2011 Hi,Likely that all of your security is at least (partially) to blame.I notice that you are using more than one antivirus program (Antivir, Norton, and McAfee). This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through. I strongly suggest you go to Start -> Control Panel -> Add or Remove Programs and uninstall all but one antivirus program.Next, please run the PCPitstop Full Tests here (NOT the PCMatic scan or any other scan; simply register with the box on the left and you will be taken to the Full Tests/Overdrive Test). When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me. Link to post Share on other sites More sharing options...
4jojo5 Posted June 1, 2011 Author ID:435621 Share Posted June 1, 2011 I uninstalled Antivir and McAfee per your recommendation, though I am interested in your thoughts on which program is better - Antivir or Symantec?Also, I followed the steps in the "So how did I get infected in the first place?" forum, and downloaded Antivir, Online Armor, Spyware Blaster, MVPS HOSTS, Spybot Search & Destroy, MBAM, and Windows Defender. I also updated ActiveX controls to PROMPT for "Download signed and unsigned ActiveX controls", and to DISABLE for "Initialize and Script ActiveX controls not marked as safe"....is this combination of programs both compatible and optimal for protection?Here is the link for the PCPitstop tests:http://www.pcpitstop.com/betapit/sec.asp?conid=24393168Thank you! Link to post Share on other sites More sharing options...
Staff screen317 Posted June 1, 2011 Staff ID:435627 Share Posted June 1, 2011 I would keep Avira personally (I actually use Microsoft Security Essentials) instead of Symantec.If you choose to remove Symantec, I suggest running their removal tool from here after you uninstall it from Add or Remove Programs.PCPitStop noted several things that you can do to improve the shape your computer is in.Pay particular attention to these items: Link to post Share on other sites More sharing options...
Staff screen317 Posted June 7, 2011 Staff ID:438140 Share Posted June 7, 2011 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts