At this moment, when I place my cursor over the Microsoft Upgrade Advisor link, it no longer points to "view.atdmt.com." Good news! There were no problems running any of the tools you requested I run.
Good and thanks for the update.
That's it for now. Please let me know if I need to do anything more. I wonder if there is any way to know where I may have picked up the view.atdmt.com malware? It seems that Norton had no protection for it.
It would appear to myself that malware had gained a foothold in the InProcServer32 settings of your machine, so the aforementioned was one of the access points. As to how this happened I am not completely sure to be honest but it may have been something innocuous clicked on by mistake for example. Regarding Norton as with any Anti-Virus software it is only as good as the internal data-base is and what it is able to detect, that is why it is very important to keep all security related applications up-to date and use layered protection. I will explain further about the latter after I have gave the all clear.
We do have some further tasks to complete the Malware Removal process and some installations of updated software also next time round. So please bare with myself as it would be in your own best interest from a online security point of view, thank you.Reset Vista SP2 Firewall:
Click on Start(Vista Orb)
and cut/paste in the following and click on OK
Or Start(Vista Orb)
>> Control Panel
>> Windows Firewall
Click on the Change Settings
>> Restore Defaults
>> At the prompt click on Yes
Now click back on Change Settings
again >> General
>> and select Off(not recommended)
No need for it to be active after the reset because the Norton 360 application installed has a firewall component.Custom ComboFix-Script: Caution:
Do not mouse-click ComboFix's window while it is running. That may cause it to stall. If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue. If that happened we want to know, and also what process you had to end.ESET Online Scanner:Note:
You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here
You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator
from the context menu.
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on:
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Do not forget to re-enable your Anti-Virus application after running the above scan!
When completed the above, please post back the following in the order asked for:
- How is your computer performing now, any further symptoms and or problems encountered?
- ComboFix Log.
- ESET Log.