AntivirusSoft Malware--Norton does not detect it!

 


floplot wrote:

Hello snipes1988

 

I have just asked someone to check out your HiJackThis log. Sorry for the delay. I don' think he's missing windows files, it shows up like that with his o/s =x86. But I don't know if there is anything on it that needs to be fixed of if it is giving any hints of malware.


 

 

"I don' think he's missing windows files, it shows up like that with his o/s =x86."

 

Wrong  x86 = 32 bit  The above statement is incorrect as a consequence.

 

Quads

snipes1988 -

 

I checked your HiJackthis log and before doing anything with it would like you to run the SFC /scannow utility that PapauZ asked you to run.  This should clear up a good many problems.

Well, I ran the SFC/scannow, and it said that it repaired some windows files. I am running Windows Vista 64-Bit. And I included a HijackThis log which I ran after the SFC/scannow was done.

Hi Snipes1988,


The following entry in the Hijack this seems to be suspicious:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local


Are you using any Proxy settings for connecting to the Internet?


I would also suggest to reset the Hosts file in your computer, refer to the instructions in the following Microsoft Article:

http://support.microsoft.com/kb/972034


Yogesh

Thanks for the help Yogesh. Well, I took your advice and reset the host files by downloading that thing from the link you gave me. And i do NOT use any proxy settings. I ran a HijackThis log after reseting the host files and I attached it.

What do you recommend I do next?

Fix the following items in Hijackthis:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


Now, run LiveUpdate repeatedly until you receive all the available updates, restart the computer to Safe Mode and then run a Full System Scan. Check and let us know whether you are still getting pop-ups/search re-directs.


Yogesh

I removed one of the things from HijackThis. But there was one thing that after I pressed "fixed checked", I dont think it did anything. The proxy one went away, but when I ran another HijackThis, the "O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)" did not go away.