I noticed something amiss when Security Center would not enable. Then, if I tried to go out to McAfee, Norton, or any other virus product site, my browser wouldn't go there. Other behavior made me suspicious. So, after hours of researching and working on the problem, I've found and followed the suggested 8-step program leading to the attached (combined) logfiles. Please note, all three logfiles are in the attached file.

I don't know if I'm clean yet, but want somebody with a trained eye to tell me if things are back on track.

Thanks in advance!

(Oh, and I had some rootkit installed that was found and removed using Avenger. After that, other efforts began to uncover malware. )

Attached Files

Malware Reports 090104.txt (15.5 KB, 2 views)

MBAB did not handle all that it found until the computer restart.

Rescan with MBAB & SAS (run as pairs) until clean or something that cannot be cleaned.

HJT scan informs what has not been handled (computer restart before HJT scan)

Caught by HJT.
It appears that the infection is mostly handled. Following clean scans establish a clean restore point.

Establish a new clean restore point and Clear your existing System Restore points:

• New
  • Go to Start > All Programs > Accessories > System Tools > System Restore>
  • Select Create a restore point> OK.
• Clear Old
  • go to Start > Run > cleanmgr > Select the More options tab >
  • Choose the option to clean up System Restore > OK
    • This will remove all restore points except the new one you just created.

After reading this yesterday, I got two clean scans in a row and set a new restore point. Things look like they're operating pretty normally now. Thank you.

Should I continue to keep SAS installed and running? I'm also running Spybot S&D as well as NOD32.

This application can be setup NOT to run on startup. As freeware this is how they advertise. As freeware it only cleans on demand.

I scan with updated MBAB & SAS about once a month. So far they confirm my resident protections are working.

I think it is very risky not to use a firewall. Your experiences may indicate it is not needed.

I do not feel comfortable recommending particular applications.

I firewall mostly at my router, actually. And recently fired up the one built in Windows.