First time 8 step after vundo infection

[slgeebrr]

Would like help with the attached logs to see what I have/had after vundo infection

thanks
slgeebrr

 

[kimsland]

First time 8 step after vundo infection

And it shows

-> No action taken on MBAM scan, for found issues

Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected. <========= Not Done

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"

By the way, you will need to then restart, and run (and attach) a new HJT log

p.s. Uninstall AVG8 first, and install Avira

 

[slgeebrr]

2nd scan results (malware-bytes)

Yes I am new at this. I think my mistake was doing the MB log before doing the check all, delete all thingie.

This scan detected no infections

see attached logs.

Tell me if that is the case...please!

slgeebrr

 

[kimsland]

p.s. Uninstall AVG8 first, and install Avira

If you want to be clean (and to speed up system response time too)

Uninstall your AVG Antivirus
Then run the removal tool
Here is the 32Bit version (most users): http://www.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Here is the 64Bit version: http://www.avg.com/filedir/util/avg_arv_sup_____.dir/avgremoverx64.exe

Install Avira free AntiVirus

Then run a full scan with Avira (and remove the Viruses that AVG8 missed

 

[slgeebrr]

Avira did find 3 objects....but they were all on an external hard drive. which is where I put all limewire stuff.

Here are the logs

Am I heading in the right direction??

Thanks!
slgeebrr

what do I keep and what do I get rid of.....


(and why)

1. spy-bot search and destroy

2. Ad-Aware

3. Mal ware-Bytes

4. Super Anti-spyware

 

[kimsland]

what do I keep and what do I get rid of.....


(and why)

1. spy-bot search and destroy Not required, generally interferes with normal operation. User can easily select incorrect setting, basically just a waste.

2. Ad-Aware Not required, only needed when you need to run a scan, (when known infected) Due to program updates all the time, why keep the old version (ie the current one, that you don't need)

3. MalwareBytes Hooray, the only good one to keep. Scan every couple of weeks, and update at that time only

4. Super Anti-spyware Not required. Takes up too much system resource, only required when you have a known infection



Please open HijackThis and do a scan only
Place a tick next to the following entries
Close any presently opened Internet Browsers
Then select FIX

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\SUPERAntiSpyware.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - D:\Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)

Close HJT, and restart

 

[slgeebrr]

seems to scan clean....comments?

Latest scan results and hi-jack-this log

 

[kimsland]

These 3 can also be ticked in a HJT scan, and fixed:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - D:\Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)

Generally, all looks good, but as a precautionary measure, you can also run the following:

Download Combofix
Lots of info on its use h e r e
Direct download h e r e

Locate the downloaded Combofix. Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)
ComboFix will also restart your computer (eventually) and then (eventually) create a log

 

[slgeebrr]

ongoing scans....firewall question...

Thanks!


I will give that a try.

Also, is there any advantage to replacing windows firewall?? I have run zone alarm when I used Win 98 but have had nothing but trouble trying to run it on XP......

The firewall provided by XP seems to do the job....comments??

 

[kimsland]

I agree.
But you must have all Windows Security updates completed as well (just do Windows Update)

If you really had to have a 3rd party personal firewall, Comodo is good
But be fully aware, as I've checked hundreds and hundreds (ok probably thousands) of logs. No personal firewall installed has ever stopped any Malware reported under the sun from infecting a user's computer. So why have it again? Oh for hacking problems? Hackers are not interested in some private user at home. And if they were, it could be like one failed hack a year.

So even though everyone (not everyone) says get a 3rd party firewall (and it's in the guide I helped put together) it will not stop malware ever. And basically just helps to slow down your system. Oh and stops you from being hacked. It's true I got hacked once, I think it was 2005 sometime, it's hard to remember now.