Solved Many Functions Going Haywire.

If someone orders online giving credit card numbers, would they have to be changed?

 

I have set it manually. Malfunction of the restore point was one of the problems and red flags for me from the beginning. It seems like disabling Restore Point is one of the virus's/trojan's functions.

So if OTL could not make a restore point, doesn't it mean that the virus or whatever it was is still infecting my computer?

 

None so far.

I will consider the issue resolved.

Thank you Broni for your help.

In the "thread tools" drop down menu, there is no option anymore to mark this thread as "resolved." Is that a glitch or continuing action of the trojan?

 

false alarm.

 

Another trojan was just found on my desktop. It would be nice to know how and why they are the getting in. This is surprising considering the completely that was just completed 2 days ago.

I think I should get a real time scan from avast or malwarebytes or both to catch them as soon as they enter.

Here is the malwarebytes scan report:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.24.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
user account :: VALUED-7B9600FA [administrator]

7/28/2012 5:30:53 PM
mbam-log-2012-07-28 (17-30-53).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 248703
Time elapsed: 2 hour(s), 24 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\user account\Local Settings\temp\.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

 

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.29.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
user account :: VALUED-7B9600FA [administrator]

7/29/2012 2:04:41 AM
mbam-log-2012-07-29 (02-04-41).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 250101
Time elapsed: 2 hour(s), 29 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

I installed Secunia, but that next day many strange things started happening.

I would try to open Opera browser but Chrome would open, or I would try to open a browser and a text file would open.

I then uninstalled Secunia, and these problems ceased.

 

Avast is finding the same trojan:

Win32atched-AJD [Trj]

It is finding it in

C:\Program Files\Arcsoft\Photostudio5.5\Prine17a.rra

I did a boot scan again and the trojan came up and it was deleted.

I had uninstalled and reinstalled my scanner software. Arcsoft is part of that suite.

At the same time, my color scanner is not working, although the black and white scanning is fine.

It would be good to know if Win32atched-AJD really is a trojan and whether that is what is affecting my color scanner.

I do not understand how a trojan can infect a software cd.

 

I put "Win32atched-AJD" into the search box of the VirusTotal. No flags came up.

I am going to see if I can save my color scanner by uninstalling and reinstalling the software and allowing the file.