Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

No Virus Protection!

Started by carsacade , Feb 03 2010 10:04 AM

  • Please log in to reply

#1
carsacade
Posted 03 February 2010 - 10:04 AM

carsacade

    New Member

  • Member
  • Pip
  • 2 posts
Hello and I just want to thank you guys/gals out there before hand for any and all help you can provide me with on my situation. Anyway, I currently have no anti-virus software on my computer. I at one time had AT&T Internet Security Suite, but my version was out of date and expired. I have completely deleted this package and all of its components. I am currently having a bit of a financial issue as is a lot of Americans are these days. :) It is just so much more convenient and expedient to keep my bill paying and other matters online. My question today is about Avast. I came across this anti-viral software browsing the forums. Is this software as the free version my best option for virus protection as well as virus removal should I have need for such, and if not what would be my best option? Again, thank you for your time and effort to help me with this issue. Have a wonderful day.


P.S. I recently installed the MBAM software. It seems to have quarantined and deleted everything successfully. I am posting the log just for any feedback you may be able to give on the information therein.

Malwarebytes' Anti-Malware 1.44
Database version: 3677
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

2/2/2010 4:20:24 AM
mbam-log-2010-02-02 (04-20-24).txt

Scan type: Quick Scan
Objects scanned: 144197
Time elapsed: 5 minute(s), 38 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 32
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 18
Files Infected: 36

Memory Processes Infected:
C:\Program Files\AntiMalware\AntiMalware.exe (Rogue.RegTool) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenU) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\AntiMalware\AntiMalware.exe (Rogue.RegTool) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\HPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\ssd.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\NPIEAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Saving Optimizer\3.6.1.4490\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Media Access Startup\1.5.4.880\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\System Search Dispatcher\1.3.4.940\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
  • 0

Advertisements

#2
RKinner
Posted 06 February 2010 - 02:10 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Avast is as good as most pay anti-viruses. I use it on my own computers. Make sure you let it do a boot scan after it installs. This will take a long time but is very good. You will need to check back with it once in a while because it will stop and wait for an input from you when it finds something. You should also register it. It's a quick process and it's good for 14 months.

I also use the free Comodo Firewall
Comodo is a bit tricky. You get it:
http://www.personalf...all.comodo.com/

Decline any free offers and make sure you only have the firewall checked. (Top option of three if I remember correctly). They will try and talk you into some other stuff but just be firm. There is an option for a virus scan but I would decline it. They are prone to false positives. They will ask you if you are sure your system is clean. Tell them yes.

Comodo will annoy you to death at first since any time something wants to go out it will have to ask permission. You can tell it to remember your answer then it won't ask you again for that software. The first things you will see are avast related and they start with "ash" so make sure you let them go. You will also need to let svchost.exe and your browser go out.

Also like the free WinPatrol 2010. http://www.winpatrol.com/download.html
It's a small program that will sit in your systray and warn you if something tries to make changes to your system.


You would be wise to follow the protocol in http://www.geekstogo...uide-t2852.html

and post your logs here.

My rule is if the quick scan in MBAM found something you definitely need to let it do a full scan. Will take an hour or so.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP