Solve : don't know what to do.....help?

1.	Solve : don't know what to do.....help?
Answer» I noticed agent.exe was causing issues with one of my profiles on my computer. I also noticed a new "3 search with google" that I can't delete. I ran hijackthis but don't know what to do next. I have included the logfile [file cleanup - saving space - attachment deleted by admin]I see couple of THINGS, but nothing deadly, though. However, I can't see any antivirus, nor firewall running. What's up with that?I just got everything replaced...I was doing research on whether to use norton corporate or macafee...I get them for free through the army. Any suggestions?Leave them both alone. You won't be happy. Download, and install AVG free antivirus: http://free.grisoft.com/ Download, and install Comodo free firewall: http://www.personalfirewall.comodo.com/ When you're done, run full AVG scan, and report its findings. We'll go from there. Before installing Comodo, make sure, Windows firewall is off Go Start>Control Panel. Double click on the Security Center icon. Click on the Windows Firewall icon beneath the status updates. Click Off, then OK.DOWNLOADED both anti-virus and firewall. ran a full scan. nothing found....here is another hijackthis logfile. [file cleanup - saving space - attachment deleted by admin]Quote nothing found This is good. Before we get to HJT log, I need you to perform couple more steps... 1. Run free ESET Online Scanner at: http://www.eset.com/onlinescan/ Note: This Scanner is for Internet Explorer Only 1. You will notice that the "Start" button is grayed out. Place a CHECK mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it. 2. If it wants to install an ActiveX component allow it 3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation) 4. Once ActiveX control is installed click on the "Start" button to initialize the scanner 5. After initialization is complete, make sure, that "Remove found threats", and "Scan unwanted applications" are checkmarked. 6. Click the "Scan" button 7. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt Post ESET's log. 2. Download SUPERAntiSpyware Free for Home Users: http://www.superantispyware.com/ Print these instructions out. * Double-click SUPERAntiSpyware.exe and use the default settings for installation. * An icon will be created on your DESKTOP. Double-click that icon to launch the program. * If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.) * Close SUPERAntiSpyware. Restart computer in Safe Mode. To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen * Open SUPERAntiSpyware. * Under "CONFIGURATION and Preferences", click the Preferences button. * Click the Scanning Control tab. * Under Scanner Options make sure the following are checked (leave all others unchecked): o Close browsers before scanning. o Scan for tracking cookies. o Terminate memory threats before quarantining. * Click the "Close" button to leave the control center screen. * Back on the main screen, under "Scan for Harmful Software" click Scan your computer. * On the left, make sure you check C:\Fixed Drive. * On the right, under "Complete Scan", choose Perform Complete Scan. * Click "Next" to start the scan. Please be patient while it scans your computer. * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK". * Make sure everything has a checkmark next to it and click "Next". * A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu. * If asked if you want to reboot, click "Yes". * To retrieve the removal information after reboot, launch SUPERAntispyware again. o Click Preferences, then click the Statistics/Logs tab. o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log. o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor. o Please copy and paste the Scan Log results in your next reply with a new HijackThis log. * Click Close to exit the program. Post SUPERAntiSpyware log. 3. Post new HijackThis log.I downloaded programs as instructed and ran them as instructed. I seemed to have a few spyware items. I have included the text version of everything. [file cleanup - saving space - attachment deleted by admin]1. Print this post out, since you won't have an access to it, at some point. 2. Close all windows, except for HijackThis. 3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases (marked with ), no actual program will be removed): - O2 - BHO: XBTB06823 - {BA463437-C3DE-47da-8280-87596824388A} - C:\PROGRA~1\GOOGLE~1\TOOLBA~1.DLL (file missing) - O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) - O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup - O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start 4. Click on "Fix checked" button. 5. Turn off System Restore: - Windows XP: 1. Click Start. 2. Right-click the My Computer icon, and then click Properties. 3. Click the System Restore tab. 4. Check "Turn off System Restore". 5. Click Apply. 6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this. 7. Click OK. - Windows Vista*: 1. Click Start. 2. Right-click the Computer icon, and then click Properties. 3. Click on System Protection under the Tasks column on the left side 4. Click on Continue on the "User Account Control" window that pops up 5. Under the System Protection tab, find Available Disks 6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:") 7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this. 8. Click OK 6. Restart in Normal Mode. 7. Turn System Restore on. 8. Post new HijackThis log.

Answer»

I noticed agent.exe was causing issues with one of my profiles on my computer. I also noticed a new "3 search with google" that I can't delete. I ran hijackthis but don't know what to do next. I have included the logfile

[file cleanup - saving space - attachment deleted by admin]I see couple of THINGS, but nothing deadly, though.
However, I can't see any antivirus, nor firewall running.
What's up with that?I just got everything replaced...I was doing research on whether to use norton corporate or macafee...I get them for free through the army. Any suggestions?Leave them both alone. You won't be happy.
Download, and install AVG free antivirus: http://free.grisoft.com/
Download, and install Comodo free firewall: http://www.personalfirewall.comodo.com/
When you're done, run full AVG scan, and report its findings.
We'll go from there.

Before installing Comodo, make sure, Windows firewall is off
Go Start>Control Panel. Double click on the Security Center icon. Click on the Windows Firewall icon beneath the status updates. Click Off, then OK.DOWNLOADED both anti-virus and firewall. ran a full scan. nothing found....here is another hijackthis logfile.

[file cleanup - saving space - attachment deleted by admin]Quote

nothing found

This is good. Before we get to HJT log, I need you to perform couple more steps...

1. Run free ESET Online Scanner at: http://www.eset.com/onlinescan/
Note: This Scanner is for Internet Explorer Only
1. You will notice that the "Start" button is grayed out. Place a CHECK mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it.
2. If it wants to install an ActiveX component allow it
3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation)
4. Once ActiveX control is installed click on the "Start" button to initialize the scanner
5. After initialization is complete, make sure, that "Remove found threats", and "Scan unwanted applications" are checkmarked.
6. Click the "Scan" button
7. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt
Post ESET's log.

2. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/

Print these instructions out.

* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your DESKTOP. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.

Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

* Open SUPERAntiSpyware.
* Under "CONFIGURATION and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply with a new HijackThis log.
* Click Close to exit the program.
Post SUPERAntiSpyware log.

3. Post new HijackThis log.I downloaded programs as instructed and ran them as instructed. I seemed to have a few spyware items. I have included the text version of everything.

[file cleanup - saving space - attachment deleted by admin]1. Print this post out, since you won't have an access to it, at some point.

2. Close all windows, except for HijackThis.

3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases (marked with *), no actual program will be removed):

- O2 - BHO: XBTB06823 - {BA463437-C3DE-47da-8280-87596824388A} - C:\PROGRA~1\GOOGLE~1\TOOLBA~1.DLL (file missing)
- O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
- *O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
- *O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

4. Click on "Fix checked" button.

5. Turn off System Restore:

- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK

6. Restart in Normal Mode.

7. Turn System Restore on.

8. Post new HijackThis log.

Solve : don't know what to do.....help?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment