There are my logs. Thanks!
Please tell us what problems you're having? Throwing out 3 logs with no description of why leaves us a bit short.
Oops. Sorry about that. I had posted it in another thread, and completely spaced it. I had the "facebook virus" You get an email from a friend saying "Look at this video" etc. And it sends you to a you tube Video. Click on the link and it asks you to download a flash update. I almost never (cant say never anymore) do it, and my instincts told me it sounded fishy, but I was bored and clicked it. (Stupid, yes)
Almost immediately an email is sent out to everyone in my facebook acct. saying the same thing. It also took over my google toolbar. Anytime I would search for something, it would link it to a "virus cleaner" website. Everything else seemed to run ok.
I started the '8 steps' and after the malabytes program, I couldnt use my browser any longer. All my other net based programs(pc anywhere, limewire, etc) that didnt use a browser worked fine. I found that something had inserted a proxy setting( it was 127.0.0.1 PORT 9090) into HTTP setting. I erased that and now the browser is working fine. As you can see by the completed logs, I did finish the 8 steps, and sent them to you all.
Thanks. It's helpful to know what problems are being experienced.
The Mbam log is clean-and it shouldn't be.
SAS shows some malware and the Tracking Cookies
But the most important thing I see is NO antivirus program!
I note PCAnywhere from Symantec and a Service for Live Update. But no indication that Symantec/Norton is installed or running.
There' no point in doing the cleaning if you don't get an AV program on the system: This is the first order of business:
Recommended Free Anti Virus:
You have a wireless connection and mention visiting Limewire. You are a sitting duck to get malware. I advise you to do NO browsing until you get protection on the system and we remove the malware. You should also not use System Restore. Malware can get in the restore points and since the are protected files, the cleaning programs don't remove them. We will drop the old restore points when through cleaning.
When you have downloaded and installed an antivirus program, please update and run a full scan
When through, rerun Malwarebytes, SuperAntispyware and HijackThis and attach the logs.
There is a antivirus program, I just didnt install it until after the logs. I have AVG 8.0.1. It scans daily, and any file downlaoded via limewire(which I rarely use), I always scan first. Also the malware log was clean because when the malware program shut down my browser for a couple days, I reran the malware when I got it fixed and that was the log from the second run. The first run DID have virus' removed. Ill attach that 1st log to this post.
I'm sure you understand that I can only work with what is given. And the log had no AV.
As you see, Mbam did find some malware. Please follow the instruction in the last line of my post.
Thats no problem. I know you can only go by what I tell you.
I reran the programs this morning. I actually ran superspyware twice. I noticed the first time I ran it I recognized the malware it found in the resgistry before. So after it ran, and I cleaned it out, I reran it again, and I note that the same malware is written in the reg. Any ideas?
Here are the logs, including both supersyware logs
Here's where the Adware.E404 Helper/Variant-AR threat is:
Have HijackThis remove this entry
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
# Alias & packer info:
* not-a-virus:AdWare.Win32.E404.jd [Kaspersky Lab]
* packed with: PE_Patch.UPX [Kaspersky Lab]
Also search for and delete this entry:
You may know more about this than I do but it is a matter of concern:
Download and run the Norton Removal Tool: The following Services is part of Norton Antivirus:
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
You also have PCAnywhere running:
When you have finished with the above, run SuperAntispyware and HijackThis and attach logs.