Rootkit(s)
- Thread starter Valerie
- Start date
- Status
tw0rld
Posts: 549 +6
What program did you use to run the scan? Try panda anti-rootkit http://www.download.com/Panda-Anti-Rootkit/3000-8022_4-10717196.html
Thanks for the quick response! I actually did at one point have AVG, however when I upgraded to 8.0 I began to have issues. It would not install updates and I would constantly receive error messages from my pc and avg that my computer might be @ risk and the version is outdated. I would try manually to update, still no success. I also unistalled and reinstalled AVG 8.0 multiple times and still had the same problems so I changed to Avira AntiVir Personal Anti-virus program. As far as the rootkit scans, I used Bitfender RootkitUncover, Rootkit Revealer, and SysProt AntiRootkit. In addition, I also used a scanner on the Microsoft Windows website that searches for rootkits too. I know, a bit excessive however I was trying to find a rootkit scanner that would actually help me resolve any issues. These just advised me of the problems but no direction to fix them. All scans did produce results ranging from three to fourteen entries regarding discrepanices and mismatches. I did the Panda Anti-rootkit as suggested, this was the only rootkit scan I have used thus far that said no rootkits found.
Please follow this guide:
Viruses/Spyware/Malware Preliminary Removal Instructions
Also try free Antivirus like Avast or Avira if you are looking at changing.
I personally do not recommend AVG8, as it it is too high on system resource (ie it will slow your computer down)
Edit:
I just read that you are using Avira
Viruses/Spyware/Malware Preliminary Removal Instructions
Also try free Antivirus like Avast or Avira if you are looking at changing.
I personally do not recommend AVG8, as it it is too high on system resource (ie it will slow your computer down)
Edit:
I just read that you are using Avira
Here are the logs requested...
Hello again, I did not have the most recent version of Java. I did remove the old Java program however, when I installed the most recent version another program was downloaded, openoffice.org. It does show up as a separate program under my currently installed programs. Do I really need this? I just didn't want to remove this program and it would affect java. I might have downloaded w/Java in error. Any suggestions??? Thanks for all you help!!!!
Hello again, I did not have the most recent version of Java. I did remove the old Java program however, when I installed the most recent version another program was downloaded, openoffice.org. It does show up as a separate program under my currently installed programs. Do I really need this? I just didn't want to remove this program and it would affect java. I might have downloaded w/Java in error. Any suggestions??? Thanks for all you help!!!!
Yes that Office install with Java is annoying.
There was a small tick box, that you could have selected to not install it alongside Java
I have checked your logs and noticed many things starting, and running, including this list of protection:
Ad-Aware
a-squared
Avira
BitDefender
kavwebscan
Spybot - S&D
SpywareGuard
SUPERAntiSpyware
Sygate
Symantec
Trend Micro
winpatrol
Yahoo Search Protection
It may be best to do the following:
Run CCleaner (there was one temp file that didn't look good)
Then IE Reset (this will remove a few of those ActiveX Spyware Protection programs)
Then go to Add\Remove Programs, and uninstall the programs you don't want anymore (this will help with the startups)
Also remove AOL if you do not use it (Does anyone?)
Then run Startup Control Panel (and stop a few other startups - HP have many)
Then after another Restart I believe it will run a lot better
By the way, good to see someone likes Sygate, it had its day once !
Possible continue on to Windows Updates
Generally looks good, just very full!
It's up to you if you'd like to re-submit a new HJT log
There was a small tick box, that you could have selected to not install it alongside Java
I have checked your logs and noticed many things starting, and running, including this list of protection:
Ad-Aware
a-squared
Avira
BitDefender
kavwebscan
Spybot - S&D
SpywareGuard
SUPERAntiSpyware
Sygate
Symantec
Trend Micro
winpatrol
Yahoo Search Protection
It may be best to do the following:
Run CCleaner (there was one temp file that didn't look good)
Then IE Reset (this will remove a few of those ActiveX Spyware Protection programs)
Then go to Add\Remove Programs, and uninstall the programs you don't want anymore (this will help with the startups)
Also remove AOL if you do not use it (Does anyone?)
Then run Startup Control Panel (and stop a few other startups - HP have many)
Then after another Restart I believe it will run a lot better
By the way, good to see someone likes Sygate, it had its day once !
Possible continue on to Windows Updates
Generally looks good, just very full!
It's up to you if you'd like to re-submit a new HJT log
almcneil
Posts: 1,236 +1
Yes, I conceded that AVG has had some issues with it's updater. At one point, while I was working at a customer's place, their update server got hacked. Took them more than 24 hours to get it back online. And there have been otehr times the Grisoft server has had issues. But, in the big picture, I find it very effective and still highly recommend it. Keep in mind, it's a free program so you can't expect top quality all the time.
I still believe in it.
Best,
-- Andy
Thank You! Are all the programs on the protection list you provided running and on the start up programs? If so how do I remove them? I went to view the start up programs and saw only a few of the protection items in start up. Wasn't sure if I was missing something. I didn't know I had Bitfender,kavwebscan, a-squared, and trend micro. How can I delete these programs. They are not listed under currently installed programs. Please Help....
also attached another hjt log
valerie
also attached another hjt log
valerie
I'm unsure what this service start is
You may want to locate the file PFSMIKF.exe, right click on it, select properties to see if there is any information on it
Because it's in a temp folder you may just be able to remove it.
But I would suggest checking Start->Run->services.msc for anything started that resembles it first. Pretty sure it's some type of Trojan though.
Also you still have Winpatrol installed
And did you run the IE Reset correctly? Are you running IE7?
Thank You again for your kind assistance! The temp file in question was a rootkitrevealer - sysinternals. It was a rootkit scanner, I did delete the file. As for resetting IE7, I followed the instructions and believed to have reset it correctly. Once that was complete, I downloaded and installed internet explorer 8. Since I just downloaded the most recent version I didn't reset the internet explorer's settings again. Should have I?
It can't hurt
Internet Explorer 8 Beta 2 is actually still in Beta testing stages
But is ok to be used anyway (although Beta ie not fully tested)
Anyway, how's it all seem now? Is it going ok?
Internet Explorer 8 Beta 2 is actually still in Beta testing stages
But is ok to be used anyway (although Beta ie not fully tested)
Anyway, how's it all seem now? Is it going ok?
So far so good w/the exception of add ons. Not sure if this has to do with internet explorer 8, however some sites advise me I cannot access their page because my current browser settings or because I have not installed ActiveX control file. Not all sites prompt for w/add ons but those that do allow me to right click on the top of my screen w/a drop down bar that states run add on or run add ons on all websites. Others just don't allow me because I don't have activex, at least that's what I'm thinking.
LookinAround
Posts: 6,429 +186
One thing to stay aware of as you're using Internet Explorer 8
I see you are also running XP SP2. If you install XP SP3 while IE8 is installed you lose the option to ever uninstall IE8 from XP.
If you ever choose to install XP SP3, Remember to uninstall IE8 first!
I see you are also running XP SP2. If you install XP SP3 while IE8 is installed you lose the option to ever uninstall IE8 from XP.
If you ever choose to install XP SP3, Remember to uninstall IE8 first!
LookinAround
Posts: 6,429 +186
Minor point of note to clarify: Microsoft must be anticipating how to install IE8 release version on top of IE8 Beta (i sure hope) as they're aware of all the people installing SP3 and can no longer uninstall IE8. Period.
(and MS must know as it was in one of their SP3 release notes where i learned of it in the first place)
/******** EDIT *********/
And knowing sneaky MS, they might planned IE8 stick around that way!
thanks for the information. another issue, i'm having has to do w/java. i did verify that i have the most current version of java and did unistall other versions of java. When trying to use Java I receive a message stating java support is diabled on my system or no Java runtime environment is installed. I did verify and I do have Java runtime enviroment under my programs.
How do I get Java and JavaScript enabled in my web browser?
How do I get Java and JavaScript enabled in my web browser?
Please follow these steps to remove older version Java components and update.
Download the latest version of Java Runtime Environment (JRE) 6 Update 10
Scroll to Java Runtime Environment (JRE) 6 Update 10 and click on the download button
http://java.sun.com/javase/downloads/index.jsp
(if you don't want the google toolbar -- uncheck this option before installing Java.)
Click on the Accept License Agreement button
Next Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 7 License Agreement.".
Download Now! Windows Offline Installation, Multi-language
Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.
NEXT-remove all older versions of Java
Go to Start > Control Panel double-click on the Software icon > add/remove programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
Select it and click Remove.
Close any programs you may have running - especially your web browser.
Repeat as many times as necessary to remove each older Java versions.
Reboot your computer once all Java components are removed.
Download the latest version of Java Runtime Environment (JRE) 6 Update 10
Scroll to Java Runtime Environment (JRE) 6 Update 10 and click on the download button
http://java.sun.com/javase/downloads/index.jsp
(if you don't want the google toolbar -- uncheck this option before installing Java.)
Click on the Accept License Agreement button
Next Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 7 License Agreement.".
Download Now! Windows Offline Installation, Multi-language
Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.
NEXT-remove all older versions of Java
Go to Start > Control Panel double-click on the Software icon > add/remove programs.
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
Select it and click Remove.
Close any programs you may have running - especially your web browser.
Repeat as many times as necessary to remove each older Java versions.
Reboot your computer once all Java components are removed.
Java Script
I recently updated to IE 8 and whenever I try to watch videos i received a message that either you have JavaScript turned off or you don't have the newest version of Macromedia's Flash Player. I do have JavaScript turned on and I also do have the newest version of Macromedia's Flash Player, however the video's still don't display. Any suggestions, seems many individuals are having this same problem but I haven't been able to find a fix for this problem.
I recently updated to IE 8 and whenever I try to watch videos i received a message that either you have JavaScript turned off or you don't have the newest version of Macromedia's Flash Player. I do have JavaScript turned on and I also do have the newest version of Macromedia's Flash Player, however the video's still don't display. Any suggestions, seems many individuals are having this same problem but I haven't been able to find a fix for this problem.
LookinAround
Posts: 6,429 +186
this is purely a guess at something to try....
1) Uninstall Flash Player and all versions of Java
2) Open IE. Click Tools->Windows Update. If you run XP be sure you click Custom and install any hardware optional updates as well
3) Go Sun's Java site and re-install the latest version they offer
4) Reinstall Flash Player
Again, is just a guess that maybe help to straighten out whatever setttings/or installs that might be screwed up.
1) Uninstall Flash Player and all versions of Java
2) Open IE. Click Tools->Windows Update. If you run XP be sure you click Custom and install any hardware optional updates as well
3) Go Sun's Java site and re-install the latest version they offer
4) Reinstall Flash Player
Again, is just a guess that maybe help to straighten out whatever setttings/or installs that might be screwed up.
This is for IE7 but should be the same for IE8!
Do the following with IE closed.
Go to Control panel and Open Internet options.
Then click the Security tab.
Confirm the Internet icon is highlighted.
Click on Custom Level for Security options for your browser.
Find Active scripting.
Click Enable.
Click the "OK" button. Close.
Now open IE and test!
Mike
Do the following with IE closed.
Go to Control panel and Open Internet options.
Then click the Security tab.
Confirm the Internet icon is highlighted.
Click on Custom Level for Security options for your browser.
Find Active scripting.
Click Enable.
Click the "OK" button. Close.
Now open IE and test!
Mike
- Status
Similar threads
Latest posts
-
New charging algorithm could double life of li-ion batteries- Freddie159 replied
