So far I haven't had any page rerouting or virus scanner pop-ups. The blue screen and automatic shut down has also stopped. Should I delete any programs or run any scans (malware/super-anti)?
When I right click in google a page popped up that says "PCScanner2010 is detecting security risks". It's random and doesn't do it everytime.
Take a look at your last Avenger log you posted, then at the log posted here; http://discussions.virtualdr.com/sho...1&postcount=32
Can you tell me why the formatting s so different?
Do a search on your pc for the pcscanner2010 on your pc.
I did notice it looks different. I did not enter a string it it. Norton found this virus but said I would have to manually remove it:
Iastor.sys.vir
Backdoor.Tiderv.I!inf
Where does it find the file? If it is in the C:\qoobox\quarantine folder, do not worry about it, as it is in quarantine.
If your pc is running ok otherwise, let's leave it a day to make sure, then I will show you how to remove Combofix.
Yes, it does look weird. But for some reason, I feel as if the virus is still here. Sometimes my page would go out and althought I've only ran Avenger once, it runs different..with a "blink".
ComboFix has been removed..
I attached the .jpeg images if you needed them. Norton has been a great help with this...I've had the service for about 2 months now and I update and scan daily (sometimes twice a day) and it still doesn't do anything about viruses. What was I thinking trying to be proactive??
I removed FireFox because it started acting weird. I have been using Chrome and when I try to reply and "go advanced", the scroll bar and buttons freeze. But I am able to click on the task/tool bar, but now actually in the window. So now I am using IE, but I keep getting an error message saying IE stopped working and then "close program". I click the "close program" button but IE still stays open.
By my count, The Avenger should have been run 3 times.
==
Please Run the ESET Online Scanner and post the ScanLog with your post for assistance.
You will need to use Internet Explorer to complete this scan.
You will need to temporarily Disable your current Anti-virus program.
Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.
NOTE:If you are unable to complete the ESET scan, please try another from the list below:
So far this is what Kaspersky has detected (it is still running)...
Full Scan: stopped 43 minutes ago (events: 2, objects: 5088, time: 00:05:03)
12/22/2009 12:13:38 AM Task stopped
12/22/2009 12:08:35 AM Task started
Full Scan: running (events: 7, objects: 182497, time: 00:30:03)
12/22/2009 12:16:13 AM Task started
12/22/2009 12:26:54 AM Task stopped
12/22/2009 12:27:00 AM Task started
12/22/2009 12:53:37 AM Detected: Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf/data0000
12/22/2009 12:56:28 AM Deleted: Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf
12/22/2009 12:56:28 AM Detected: HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf/data0001
12/22/2009 12:56:28 AM Cannot be quarantined: HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf
Quick Scan: completed 37 minutes ago (events: 2, objects: 5177, time: 00:03:31)
12/22/2009 12:19:45 AM Task completed
12/22/2009 12:16:14 AM Task started
Objects Scan: stopped 30 minutes ago (events: 2, objects: 3, time: 00:00:28)
12/22/2009 12:26:29 AM Task stopped
12/22/2009 12:26:01 AM Task started
Objects Scan: running (events: 5, objects: 175885, time: 00:30:28)
12/22/2009 12:26:35 AM Task started
12/22/2009 12:53:37 AM Detected: HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf/data0001
12/22/2009 12:53:37 AM Detected: Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf/data0000
12/22/2009 12:56:28 AM Cannot be deleted: Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf Object not found
12/22/2009 12:56:28 AM Detected: HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf/data0002
Last edited by Thexy; December 22nd, 2009 at 03:00 AM.
Here is the detailed report after Kaspersky finished:
Status: Absent (events: 3)
12/22/2009 12:56:54 AM Not found virus HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf High
12/22/2009 12:56:54 AM Not found virus HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf//data0001 High
12/22/2009 12:56:54 AM Not found virus HEUR:Exploit.Script.Generic C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-u3d.pdf//data0002 High
Status: Deleted (events: 2)
12/22/2009 12:56:28 AM Deleted Trojan program Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf High
12/22/2009 12:56:28 AM Deleted Trojan program Exploit.JS.Pdfka.auq C:\Users\Paige\AppData\Local\temp\plugtmp\plugin-all.pdf//data0000 High