The Official Malware/Antivirus Thread - Need help or general advice? Read this first!

[Dr. Gigglepants]

Quote:

Originally Posted by QuikSsurfer

Hmmm -- might want to try cleaning up the MSE install. There is a MS fix-it we could run to try and remove all MS security tools and any registry entries that may be there -- then trying re-downloading and installing MSE again.

http://support.microsoft.com/mats/Pr..._and_Uninstall

Well, I ran the fix-it program and I couldn't find either of those programs from your post in the list, Eset and McAfee were also not listed. I also couldn't find any other programs in the list that looked like they would be anti-virus programs. I'm not sure what else to do at this point, I do appreciate your help though, QS.

[Dr. Gigglepants]

Got Panda installed and it's working great already! Thanks again.

[the Talking Can]

just had fun with a 'live security platinum' virus....yeesh

hitmanpro is boss

seems to be going around this month

[Buehler445]

Blech.

Wife's computer is being a bitch. I restarted it and it has the black screen with a throbbing Windows Icon and Starting Windows underneath it.

Been there about 10 minutes. Was there 10 minutes or so before I took the battery out.

Any ideas?

[Buehler445]

Quote:

Originally Posted by Buehler445

Blech.

Wife's computer is being a bitch. I restarted it and it has the black screen with a throbbing Windows Icon and Starting Windows underneath it.

Been there about 10 minutes. Was there 10 minutes or so before I took the battery out.

Any ideas?

I got ahold of DaFace and worked through some shit. I (DaFace more than me) thinks the HD is boned.

[OnTheWarpath15]

The more Mrs. OTW58 uses our desktop computer, the slower it gets. Wondering if someone could take a look at my HijackThis log and tell me what the **** I can get rid of.

TIA.

Quote:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:03:16 PM, on 7/22/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\XXXXXX\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Users\XXXXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\XXXXXXX\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Users\XXXXXXX\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PCShowServer] "C:\Users\CHIPANDSALLY\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\CHIPANDSALLY\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Startup: Dropbox.lnk = XXXXXXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: APC Data Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLDTVHNService - Unknown owner - C:\Program Files\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McciServiceHost - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[Fish]

Quote:

Originally Posted by OnTheWarpath58

The more Mrs. OTW58 uses our desktop computer, the slower it gets. Wondering if someone could take a look at my HijackThis log and tell me what the **** I can get rid of.

TIA.

Looks like you've got some problems bud. Mainly something that set a Proxy server.

Quote:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;

To fix this one, you'll need to go to Control Panel\Internet Options\Connections\LAN Settings, and then uncheck everything listed under Proxy Server. The only thing that should be checked on the LAN settings page is Automatically Detect Settings.

That's probably a big part of your problem. And indication that you could be infected with other stuff that might not be making itself evident.

You've got a ton of stuff running that doesn't need to be as well.

Quote:

C:\Users\XXXXXX\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

All of the above doesn't have to be running at startup, and you'd see a good performance boost if you set these to manual start instead of starting up automatically. But it's not actually hurting anything, just slowing things down. To change these to manual start, go to Control Panel\Administrative Tools\Services. Run the Services app, and go through the list and find the corresponding services that match the above. Change them from Automatic start to Manual. It's good to familiarize yourself with the Services app, because it allows you to control everything that's actively running on your system. Pay notice to what's listed as "Started", and if you have any questions about anything, feel free to ask.

Also, you seem to have both Avast and Panda antivirus running. 2 AV programs running at the same time can produce bad results, and in some cases it will really slow things down. Eliminate one or the other.

I'd begin by making the above changes, and then running Malwarebytes.

I'd really recommend purchasing Malwarebytes Pro as well. I can't stress enough how well the Pro version of the app works. It's an active scanner that catches a bunch of what Avast or Panda would miss. It's very well worth the price for the Pro version.

Hope that helps!

[OnTheWarpath15]

Quote:

Originally Posted by KC Fish

Looks like you've got some problems bud. Mainly something that set a Proxy server.



To fix this one, you'll need to go to Control Panel\Internet Options\Connections\LAN Settings, and then uncheck everything listed under Proxy Server. The only thing that should be checked on the LAN settings page is Automatically Detect Settings.

That's probably a big part of your problem. And indication that you could be infected with other stuff that might not be making itself evident.

You've got a ton of stuff running that doesn't need to be as well.



All of the above doesn't have to be running at startup, and you'd see a good performance boost if you set these to manual start instead of starting up automatically. But it's not actually hurting anything, just slowing things down. To change these to manual start, go to Control Panel\Administrative Tools\Services. Run the Services app, and go through the list and find the corresponding services that match the above. Change them from Automatic start to Manual. It's good to familiarize yourself with the Services app, because it allows you to control everything that's actively running on your system. Pay notice to what's listed as "Started", and if you have any questions about anything, feel free to ask.

Also, you seem to have both Avast and Panda antivirus running. 2 AV programs running at the same time can produce bad results, and in some cases it will really slow things down. Eliminate one or the other.

I'd begin by making the above changes, and then running Malwarebytes.

I'd really recommend purchasing Malwarebytes Pro as well. I can't stress enough how well the Pro version of the app works. It's an active scanner that catches a bunch of what Avast or Panda would miss. It's very well worth the price for the Pro version.

Hope that helps!

I couldn't find some of that stuff in the services app. Set hat I could find to manual, and am restarting. Will run Malwarebyes after restart and post another log.

Thanks for your help.

[OnTheWarpath15]

The Malwarebytes scan came back clean. This is the "new" HijackThis log:

Quote:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:56:14 PM, on 7/23/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\XXXXXXX\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Users\XXXXXXXX\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Users\XXXXXXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\XXXXXXXX\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PCShowServer] "C:\Users\CHIPANDSALLY\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\CHIPANDSALLY\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O4 - Startup: Dropbox.lnk = CHIPANDSALLY\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: APC Data Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\dataserv.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLDTVHNService - Unknown owner - C:\Program Files\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McciServiceHost - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7468 bytes

Apparently the instructions you gave me on the Proxy didn't work.

[Setsuna]

Just wanted to say I picked up the FBI malware. What do I do?

Edit: Fixed as far as I know. Just did a System Restore.

[vailpass]

I have the Pro version of Malwarebytes.

*Do I need to run any other security program in addition i.e. Avast, MS Defender, etc.?

*Can I run AdAware with Malwarebytes Pro or will they conflict?

[QuikSsurfer]

Quote:

Originally Posted by vailpass

I have the Pro version of Malwarebytes.

*Do I need to run any other security program in addition i.e. Avast, MS Defender, etc.?

*Can I run AdAware with Malwarebytes Pro or will they conflict?

I'd suggest running a lightweight AntiVirus alongside Malwarebytes. You don't need AdAware anymore. Avast, MS Security Essentials, Panda Cloud (which I'm always recommending - http://www.cloudantivirus.com/en/#!/...virus-download) would all work fine.

[vailpass]

Quote:

Originally Posted by QuikSsurfer

I'd suggest running a lightweight AntiVirus alongside Malwarebytes. You don't need AdAware anymore. Avast, MS Security Essentials, Panda Cloud (which I'm always recommending - http://www.cloudantivirus.com/en/#!/...virus-download) would all work fine.

Thanks QS. Right now I have Malwarebytes Pro, Avast & AdAware running. If I remove AdAware am I leaving any gaps in the defenses?

[QuikSsurfer]

Quote:

Originally Posted by vailpass

Thanks QS. Right now I have Malwarebytes Pro, Avast & AdAware running. If I remove AdAware am I leaving any gaps in the defenses?

No sir.

[vailpass]

Quote:

Originally Posted by QuikSsurfer

No sir.

Gracias