Ive installed several anti virus software. I have spybot search and destroy, the whole comodo (virus, firewall ,defense+) bundle, and have some tracking software like active ports, hijack this, rootkit hook analyzer.
Just because its convenient I’ll go ahead and put up a hijack this log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:08:56 PM, on 9/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
(This scan was done in normal mode, not safe mode)
I just got this computer 1 week and a half ago. Got it cheap. 200 dollars and it runs pretty fast. I figured its worth it if I get all the viruses out. It’s a hassle though. Also, I noticed that the computer model I have was supposed to have a floppy disk drive but it seems someone took it out, and replaced it with a black cover(unless the factory made it that wayl). As for extra stuff added inside the laptop, is there a way you can see under installed drives, or do I have to physically take it apart. I’m afraid of taking it apart, since I’m afraid I’ll forget how to put the laptop back together. I’m eager to learn though. I’ve learned this much, and I don’t mind doing it myself.
Also under Windows Firewall, I’ve noticed an exception is added everytime i reboot my computer, even if I delete it. It’s called iwtnhed. Port 3490 is opened , under TCP Protocol. I’m guessing its a way for a remote hacker to access my network. So I’m guessing a virus must still be reseting this exception every time I reboot my computer.
My laptop is a Presario 2100 Compaq laptop. I do have the inkling something is still wrong with it, but most of the viruses that are still in the computer have been blocked from accessing any networks with Comodo’s firewall. It seems i’ve done a good job preventing outside communication from coming in. Although I still can’t figure out what virus is preventing me from accessing Microsoft and other anti spyware websites. GET THIS: I am now able to access Microsoft’s website and all the other sites, I haven’t done anything new except block more connections on my firewall. And 2 viruses that comodo detected while I was doing everyday activities were deleted. I’m really close to just updating my OS to XP service pack 3. Maybe this will keep the old viruses from working?