Still problems after "READ ME"

So far the last thing in order I have done was using "BitDefender" in the "Alternative Scans" section and not sure if the other scans will help. My system restore is still disabled. At this point, I might have enough info to see if someone can be of assistance. Some I figure are maybe settings adjustments. Thanks in advance

OS: WinXP Pro
Firewall: Zone Alarm free edition
AV: AVG free edition
Browser: IE and Mozilla (I uninstalled Mozilla as of yesterday)


Problems:

TROJANS (DROPPER.DELF.3.L)
I did have Downloader.Dyfica.2.AQ but it looks like one of the programs may have taken care of it. However, I still get this from AVG "Trojan horse dropper.delf.3.L is found in file c:\tempINSTAL~1.exe" sometimes the same message, but the dropper.delf.3.L is in "C:\temp\Installer2.exe"

WITH AVG:
Zone Alarm doesn't recognize an active AV running (and neither does windows). I tried to uninstall AVG (so I can reinstall) and I get this message "C;\Windows\System32\AutoExec.nt This file is not suitable for running MS DOS & Microsoft Windows applications. Choose 'close' to terminate the application." I also get this message about AVG "Driver {Core} not found winerr=2"


SYMANTEC SECURITY CHECK SAYS PING IS OPEN and no AV
The security check online reported everything on "stealth" except for the ICMP ping, which is open. It also said that "No known virus protection software found"

THE BITDEFENDER FAILED TO FIX MANY THINGS:
I copied the log from the site to a word file to show what couldn't be fixed.

I'll give more information and logs if needed. Thanks!

 

I forgot to mention that I also am having trouble connecting to the internet. I use cable access and find that holding the off button for a moment and letting it go back on works if I try to go to IE a few times after. It eventually connects, but something isn't right it seems......

-Marc

 

Thanks Chaslang Here's where I'm at, and I think I may be all set. I attached two text files
1. Giant Antivirus log of what was done......if not familiar w/program, worth looking at.....informative.
2. HJT log. I installed it in c:\programs\hjt and closed main programs before scan (I believe), and browser was NOT open at time.

Yes- I did try deleting c:\temp\install~1.exe if it was there, but it came back. I remember trying to delete the other C:\temp\installer2.exe.

***But, it looks like I found a solution!
The alternative scans didn't help on the installer.

When trying to delete "installer2.exe" on the file there is a "7" with an earth symbol of sorts on it and underneath said "Kalptaru Infotech Ltd.". I did a google search and found an antivirus program (Giant Antivirus)that handles it. The "installer2.exe" is known as the "Blazefind Browser Plug-in"
I downloaded the free 15 day trial at http://www.giantcompany.com/(ccutgg555aiar4fpclobqv55)/p_antispyware.aspx
What I was most impressed by was after the scan, due to the installer2.exe, it had to communicate with the site for info and mentioned that it needed to reset my IE settings to gain my browser back. It listed the default pages for things and I made sure they looked right (only changed the search default to Google because I prefer it).

I installed Mozilla Firefox and will use that instead of IE (unless you think otherwise)

Questions still remain (besides finding if the hjt log looks good).......
1. How do I close the ICMP Ping port? Symantic Security check says it is open. Everything else is on "stealth" status.

2. Why does Zone Alarm (and I believe windows as well) not recognize an active antivirus though I am using AVG 6.0?

Thanks again!
-Marc

 

Thanks for the Zone Labs reference

As for the question on the recognizing of the antivirus, I haven't gotten the message from windows since the time before I worked on the trojan problem. What I should have done maybe is ask the question in a different way (rather than assuming that it needs to find an antivirus). In Zone Alarm under the "antivirus monitoring tab" is it normal not to not detect an antivirus running though I have it AVG running?

My system runs much better by the way now

-Marc