Bit of A scare !!

[itsmejjj]

Logfile of Advanced SystemCare 3 Security Analyzer

Scan saved at 10:08:22 AM, on 8/30/2009

Platform: Windows Vista (WinNT 6.1) ***** Wrong here its win 7 -7.600

MSIE: Internet Explorer v8.0 (8.0.7106.0)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\winlogon.exe Killed it of My self

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\spoolsv.exe Same here Killed this of

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Simple Internet Meter\simplemeter.exe

C:\Program Files\IObit\IObit Security 360\IS360srv.exe

C:\Windows\SOUNDMAN.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files\Soft4Ever\looknstop\looknstop.exe

C:\Program Files\BeeThink IP_Blocker_1.1\IPBlocker.exe

C:\Program Files\IObit\IObit Security 360\is360tray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Proxomitron\Proxomitron\Proxomitron.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\CometBird\CometBird.exe

C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) killed this of ----

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - and this one

C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto

O4 - HKLM\..\Run: [iP Blocker] C:\Program Files\BeeThink IP_Blocker_1.1\IPBlocker.exe

O4 - HKLM\..\Run: [iObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe

O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown - this is a new player ---DVD --killed it any way --Must now reinstall--just to let you know

my fault not the programs ---

 

%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe

 

 

 

 

now did all the checks bar the security check

let it run- and hit suggestions (nice tutch) picked Wat i wanted to kill of

after that my screen lost all its icons and froze--hit the reset -reboot

and its ok --bit of a scare --

 

31

8622

753

problems !!! wonder why i bother with spy bot ?

 

security Analiese not included did this Manually ---

 

Install went 100%--updates went fine

 

The free version did not do what the Now pro did ..

 

I am very Satisfied with this program after i made the jump to install it

 

I hope its of Some use

 

i cant test it on my other pcs as its only for one -Sorry -

the free one i can -that will install later !

so i cant report more than this --

itsmejjj

[itsmejjj]

BY the way my old PC Fly's NOW the boot time Speed is Unbelievable!!

 

just wanted to tell you this -

[enoskype]

itsmejjj, why did you kill winlogon.exe?????

 

winlogon.exe is a process belonging to the Windows login manager.

It handles the login and logout procedures on your system.

This program is important for the stable and secure running of your computer and should not be terminated.

 

winlogon.exe file name used by the WinLogon trojan has the same name as a legitimate Microsoft file.

However, the trojan can be identified by these :

 

-it does not contain vendor/product information saying it is from Microsoft;

-it is installed in a directory other than Windows system32;

-it is always running and often uses large amounts of memory and cpu time.

If the file information does not show the vendor being Microsoft, then this is most likely the WinLogon trojan.

To view version information with Windows Explorer, right-click the file and click Properties, Version.

 

Cheers.

[itsmejjj]

then this is most likely the WinLogon Trojan May of been --

 

Yes May of been i killed it as it was added as a treat -Just not thinking to add this -to the post!-its fixed

ran the validation check - and it was replaced by it correct file -It was corrupted on this Cp.

 

Ok going to pick your Brain here

Your thinking on spy Bot -As i posted it failed to pick up the Iobit program

Spy wares - Mal aware what ever ! -Whats now added to the blocking ---department--do you think its still worth the running-?

I will confess i do not Know to Munch about this type of Software i hardly bothered with anti this or That-- it has taken Me a long time to Make the Move -to install , reading all i could find for and against--well now having this running

i think is plenty -What are you ideas on this or any one That may think to keep it going--

itsmejjj-

[enoskype]

Hi itsmejjj,

 

I would keep SS&D, and I do. It is a good program, and very useful in advanced mode, and it's Tea Timer, although a bit of a resource hog, saved me couple of times from disaster.

Hosts file locking and ability of adding the addresses to it is a good bonus too.

Some don't like the hosts file backups, but it is easy to get rid of them once in a while.

The list of the malware with respect to the types of them gives you a clue which is doing what. A lot of other abilities are also useful sometimes.

 

Cheers.

[itsmejjj]

Location Problem

HKEY_CURRENT_USER Missing or Invalid Path: C:\Program Files\DNA\btdna.exe

HKEY_CURRENT_USER Missing or Invalid Path: C:\Program Files\DNA

HKEY_CURRENT_USER Missing or Invalid Path: C:\Program Files\DNA\btdna.exe

HKEY_CURRENT_USER Missing or Invalid Path: C:\program files\cs fire monitor\csfiremon.exe

HKEY_USERS Missing or Invalid Path: C:\Program Files\DNA\btdna.exe

HKEY_USERS Missing or Invalid Path: C:\Program Files\DNA

HKEY_USERS Missing or Invalid Path: C:\Program Files\DNA\btdna.exe

HKEY_USERS Missing or Invalid Path: C:\program files\cs fire monitor\csfiremon.exe

HKEY_USERS Missing or Invalid Path: C:\Program Files\DNA\btdna.exe

HKEY_USERS Missing or Invalid Path: C:\program files\cs fire monitor\csfiremon.exe

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Program Files\Uninstall Information\IE.HKCUZoneInfo

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Program Files\Uninstall Information\IE40.UserAgent

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Windows\System32\WindowsPowerShell\v1.0\Microsoft.PowerShell.ConsoleHost.dll

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\ProgramData\OEM Links

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Windows\msdownld.tmp|?

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Windows\ModemLogs\ModemLog_Agere Win Modem.txt

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Windows\ModemLogs\ModemLog_Agere Win Modem.txt

HKEY_LOCAL_MACHINE Missing or Invalid Path: C:\Windows\ModemLogs\ModemLog_Agere Win Modem.txt

HKEY_LOCAL_MACHINE Missing Uninstall Information: AddressBook

HKEY_LOCAL_MACHINE Missing Uninstall Information: DirectDrawEx

HKEY_LOCAL_MACHINE Missing Uninstall Information: DXM_Runtime

HKEY_LOCAL_MACHINE Missing Uninstall Information: Fontcore

HKEY_LOCAL_MACHINE Missing Uninstall Information: IE40

HKEY_LOCAL_MACHINE Missing Uninstall Information: IE4Data

HKEY_LOCAL_MACHINE Missing Uninstall Information: IE5BAKEX

HKEY_LOCAL_MACHINE Missing Uninstall Information: IEData

HKEY_LOCAL_MACHINE Missing Uninstall Information: MobileOptionPack

HKEY_LOCAL_MACHINE Missing Uninstall Information: MPlayer2

HKEY_LOCAL_MACHINE Missing Uninstall Information: SchedulingAgent

HKEY_CURRENT_USER Missing Application: Macromedia

HKEY_LOCAL_MACHINE Unused Time Zone: Afghanistan Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Alaskan Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Arab Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Arabian Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Arabic Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Argentina Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Atlantic Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: AUS Central Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: AUS Eastern Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Azerbaijan Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Azores Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Canada Central Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Cape Verde Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Caucasus Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Cen. Australia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central America Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Asia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Brazilian Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Europe Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central European Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Pacific Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Central Standard Time (Mexico)

HKEY_LOCAL_MACHINE Unused Time Zone: China Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Dateline Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: E. Africa Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: E. Australia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: E. Europe Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: E. South America Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Eastern Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Egypt Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Ekaterinburg Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Fiji Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: FLE Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Georgian Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: GMT Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Greenland Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Greenwich Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: GTB Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Hawaiian Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: India Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Iran Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Jerusalem Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Jordan Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Korea Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Mauritius Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Mid-Atlantic Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Middle East Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Montevideo Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Morocco Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Mountain Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Mountain Standard Time (Mexico)

HKEY_LOCAL_MACHINE Unused Time Zone: Myanmar Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: N. Central Asia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Namibia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Nepal Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: New Zealand Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Newfoundland Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: North Asia East Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: North Asia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Pacific SA Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Pacific Standard Time (Mexico)

HKEY_LOCAL_MACHINE Unused Time Zone: Pakistan Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Romance Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Russian Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: SA Eastern Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: SA Pacific Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: SA Western Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Samoa Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: SE Asia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Malay Peninsula Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: South Africa Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Sri Lanka Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Taipei Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Tasmania Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Tokyo Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Tonga Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: US Eastern Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: US Mountain Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Coordinated Universal Time

HKEY_LOCAL_MACHINE Unused Time Zone: Venezuela Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Vladivostok Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: W. Australia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: W. Central Africa Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: W. Europe Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: West Asia Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: West Pacific Standard Time

HKEY_LOCAL_MACHINE Unused Time Zone: Yakutsk Standard Time

 

 

This was the log of Win Utilities 7.00 full - Just After ASC done a full scan and clean- past my pc 100% --not that i care that Munch

as i Normally, Do not Bother with these types of programs .,i have used the Win Utility for a long time and let it Do its thing on my other pc's

 

 

Advance system Care is a try out IN my case AS it was Suggested for me to Give it a run,, yet win utility came up with the above ?

 

Now any ideas here ,what is the difference in the programs scan the reg files?

Thy seem very similar in what thy do ,bar the game thing-Booster.

i am just reporting the difference in the two scans---

now this is a enquirer- not to set of a mad lets Jump On ITSMEJJJ

THANK you==Ehhhhhh take it easy on me -----Fhew