Backdoor trojans - please check my logs

[jacobjack001]

i am on vista...i scanned with AVG recently, and it said that i was infected with 2 backdoor trojan (with the number 10 after it i think)...one of the files infected was an uninstall.exe and another one was in a temp folder

the reason i thought something was wrong was because i could not access various web pages (it would just say 'could not load, try again'...so i scanned and then i found that i had a virus...even after i removed it i was still having trouble accessing web pages...currently, i am not having as much trouble loading web pages as i was previously (previously nothing was working)

i completed the 8 steps...if someone could please check my logs it would be greatly appreciated! thanks.

 

[Bobbye]

Looks pretty lean to me! Mbam shows you clean.SuperAntispyware shows you clean.
A few entries in HijackThis I recommend removing: Unless you use the Dell Support frequently, I'd recommend uninstalling it. It uses a fair amount of resources and most users do use it. The Java need to be updates to v6u10. You can download that here: http://java.com/en/download/manual.jsp

Please re-open HiJackThis and scan.*Check* the boxes next to all the entries listed below.

C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot into Safe Mode:
Start> Run> type in ''msconfig' without the quotes> Selective Start-up> Startup tab> UNCHECK everything except the AVG processes> Apply> OK.

Control Panel> Add/Remove Programs> uninstall the following if present:

Viewpoint
Dell Support (unless you decide to keep it)
All Java EXCEPT v6u10

Start> Run> services.msc> right click on each> Properties> set Startup Type to Disabled:

SupportSoft Sprocket Service (Dell Support)
Viewpoint Manager Service

Right click on Start> Explore> Windows> System 32> delete SearchFilterHost.exe. (This is a high resource user)

Reboot into Normal Mode> Close the nag message that comes up after checking 'don't show this message again'. Stay in Selective Startup.

*Removing the cleaning tools:
* Download OTCleanIt (http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe)
* Click the CleanUp! button.
* It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).

Clear your existing System Restore points and establish a new clean restore point:
Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
Next, go to Start > Run and type in cleanmgr> Select the More options tab> Choose the option to clean up System Restore and OK it.
This will remove all restore points except the new one you just created.

Happy computing! Stay safe.

 

[almcneil]

Check your web browser for any suspicious add-ons.

Best,
-- Andy

 

[jacobjack001]

thankyou so much for your help! i do use Dell Support sometimes, so I think i'll just keep it. I use AIM, so do you think it'll make a difference if I get rid of viewpoint? I'm not exactly sure what Viewpoint is...Also, I uninstalled all of the stuff I downloaded (malwarebytes, ccleaner, etc)...should i still download OTCleanIt and follow the steps? Once again thank you for the help.

 

[Bobbye]

From Blind Dragon on TechSpot:

Viewpoint Manager is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". This may change, read Viewpoint to Plunge Into Adware (http://www.clickz.com/showPage.html?page=3561546).
I recommend that you remove the Viewpoint products; however, decide for yourself. To uninstall the the Viewpoint components :
Click Start, point to Settings, and then click Control Panel.
In Control Panel, double-click Add or Remove Programs.
In Add or Remove Programs, highlight >>Viewpoint component<< , click Remove.

I didn't see any processes loading for Viewpoint, not did I see it in your installed programs. I thought at one time you may have used it and removed the other entries, but left this Service running.

If you are satisfied with what you removed, stay. If you want to be sure all the processes are removed, run OT. And you are very welcome.