Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Think I got a bug

Bennyboy

Recommended Posts

Bennyboy Newbie

Bennyboy

Posted
Posted

I think I have a Bug. I am getting a strange sear browser every now and then and found this in my history http://cap1.conduit-apps.com/Bittorrent/20110207/maincomp.php

 

 

Here are the logs asked for in help thread, but TFC did not work would start but just sat there.

 

 

Thanks in adavance

 

Ben

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 8/12/2011 3:18:20 PM

System Uptime: 2/05/2012 1:17:54 PM (1 hours ago)

.

Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | G31M3(MS-7528)

Processor: Intel Pentium III Xeon processor | CPU 1 | 2804/267mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 466 GiB total, 297.351 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP79: 3/02/2012 1:05:01 PM - Installed Windows 7 Upgrade Advisor

RP80: 3/02/2012 1:45:53 PM - Removed Windows 7 Upgrade Advisor

RP81: 5/02/2012 6:35:47 PM - System Checkpoint

RP82: 7/02/2012 12:43:04 PM - System Checkpoint

RP83: 9/02/2012 4:22:48 PM - System Checkpoint

RP84: 11/02/2012 4:12:50 AM - System Checkpoint

RP85: 11/02/2012 12:26:57 PM - Removed Six Updater.

RP86: 11/02/2012 12:27:25 PM - Installed Six Updater.

RP87: 13/02/2012 12:24:25 PM - System Checkpoint

RP88: 16/02/2012 6:53:34 PM - System Checkpoint

RP89: 19/02/2012 2:06:52 PM - System Checkpoint

RP90: 21/02/2012 2:48:08 PM - System Checkpoint

RP91: 22/02/2012 6:47:39 PM - System Checkpoint

RP92: 23/02/2012 8:03:45 PM - System Checkpoint

RP93: 24/02/2012 9:23:33 PM - System Checkpoint

RP94: 25/02/2012 10:01:49 AM - Removed Six Updater.

RP95: 25/02/2012 10:02:19 AM - Installed Six Updater.

RP96: 28/02/2012 9:32:06 AM - System Checkpoint

RP97: 1/03/2012 10:02:41 AM - System Checkpoint

RP98: 2/03/2012 10:32:31 AM - System Checkpoint

RP99: 3/03/2012 1:56:29 PM - Installed Microsoft Office Outlook 2003

RP100: 4/03/2012 2:09:28 PM - System Checkpoint

RP101: 6/03/2012 12:50:39 PM - System Checkpoint

RP102: 8/03/2012 3:15:56 PM - System Checkpoint

RP103: 10/03/2012 2:55:28 AM - System Checkpoint

RP104: 11/03/2012 11:38:39 AM - Removed Logitech Gaming Software 8.12

RP105: 11/03/2012 11:39:18 AM - Removed Logitech Gaming Software 5.10.

RP106: 12/03/2012 11:47:30 AM - Installed DirectX

RP107: 12/03/2012 11:48:12 AM - Installed Microsoft Visual C++ 2005 Redistributable

RP108: 13/03/2012 4:12:58 PM - System Checkpoint

RP109: 13/03/2012 10:27:39 PM - Removed Six Updater.

RP110: 13/03/2012 10:28:09 PM - Installed Six Updater.

RP111: 15/03/2012 7:11:20 PM - Installed Windows XP KB2661637.

RP112: 15/03/2012 7:12:00 PM - Installed Windows XP KB2647516.

RP113: 15/03/2012 7:12:50 PM - Installed Windows XP KB2621440.

RP114: 15/03/2012 7:13:16 PM - Installed Windows XP KB2641653.

RP115: 15/03/2012 7:13:42 PM - Installed Windows XP KB2647518.

RP116: 15/03/2012 8:41:35 PM - Removed Six Updater.

RP117: 17/03/2012 7:38:19 PM - System Checkpoint

RP118: 21/03/2012 3:04:45 PM - System Checkpoint

RP119: 23/03/2012 12:54:18 PM - System Checkpoint

RP120: 24/03/2012 8:38:31 PM - System Checkpoint

RP121: 28/03/2012 2:02:31 PM - System Checkpoint

RP122: 2/04/2012 11:13:01 AM - Software Distribution Service 3.0

RP123: 2/04/2012 9:10:55 PM - Software Distribution Service 3.0

RP124: 3/04/2012 10:57:33 PM - Installed Six Updater.

RP125: 3/04/2012 11:00:00 PM - Installed Six Updater.

RP126: 5/04/2012 8:32:30 PM - System Checkpoint

RP127: 7/04/2012 9:52:04 PM - System Checkpoint

RP128: 8/04/2012 9:08:29 PM - System Checkpoint

RP129: 10/04/2012 10:03:35 PM - System Checkpoint

RP130: 13/04/2012 12:55:04 PM - System Checkpoint

RP131: 14/04/2012 3:58:07 PM - System Checkpoint

RP132: 16/04/2012 1:02:48 PM - Installed Ventrilo Client

RP133: 17/04/2012 3:25:02 PM - System Checkpoint

RP134: 18/04/2012 4:27:17 PM - System Checkpoint

RP135: 19/04/2012 8:07:08 PM - System Checkpoint

RP136: 21/04/2012 11:31:42 AM - System Checkpoint

RP137: 23/04/2012 1:29:29 PM - System Checkpoint

RP138: 24/04/2012 2:14:41 PM - System Checkpoint

RP139: 25/04/2012 7:08:04 PM - System Checkpoint

RP140: 26/04/2012 2:17:25 PM - Installed Addon Sync 2009

RP141: 28/04/2012 2:58:54 PM - System Checkpoint

RP142: 29/04/2012 5:38:46 PM - System Checkpoint

RP143: 30/04/2012 5:53:15 PM - System Checkpoint

RP144: 30/04/2012 7:29:32 PM - Software Distribution Service 3.0

RP145: 1/05/2012 2:45:52 PM - Removed Addon Sync 2009

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Advanced SystemCare 5

ARMA 2 Operation Arrowhead Uninstall

ARMA 2 REINFORCEMENTS Uninstall

Arma 2 RFT Uninstall

ArmA 2 Uninstall

ArmA Edit

ArmA II Launcher

Ashampoo Burning Studio 6 FREE v.6.80

Avira Free Antivirus

BattlEye for OA Uninstall

BattlEye for RFT Uninstall

BattlEye Uninstall

DarthMod Napoleon

Empire: Total War

Fraps (remove only)

Game Booster 3

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

IObit Malware Fighter

Logitech GamePanel Software 3.06.109

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office Outlook 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mozilla Firefox 12.0 (x86 en-US)

Mozilla Maintenance Service

Napoleon: Total War

NVIDIA Control Panel 295.73

NVIDIA Graphics Driver 295.73

NVIDIA HD Audio Driver 1.3.12.0

NVIDIA Install Application

NVIDIA nView 136.18

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.0209

NVIDIA Update 1.7.11

NVIDIA Update Components

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544521)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2586448)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

Six Updater

Steam

SUPERAntiSpyware

System Requirements Lab

TeamSpeak 3 Client

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows Internet Explorer 8 (KB2632503)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Ventrilo Client

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Player 11

WinRAR 4.10 beta 5 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

28/04/2012 1:26:57 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2/05/2012 10:58:47 AM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

2/05/2012 10:58:47 AM, error: Service Control Manager [7034] - The IMF Service service terminated unexpectedly. It has done this 1 time(s).

2/05/2012 10:58:47 AM, error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).

2/05/2012 10:58:47 AM, error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

2/05/2012 1:19:37 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service helpsvc with arguments "" in order to run the server: {833E4010-AFF7-4AC3-AAC2-9F24C1457BCE}

1/05/2012 9:55:04 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments "" in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}

1/05/2012 4:30:04 PM, error: Removable Storage Service [111] - RSM could not load media in drive Drive 0 of library Verbatim STORE N GO USB Device.

.

==== End Of File ===========================

 

 

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Ben at 14:00:45 on 2012-05-02

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2389 [GMT 10:00]

.

AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

============== Running Processes ===============

.

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Program Files\Steam\steam.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe

C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe

C:\Program Files\IObit\IObit Malware Fighter\IMF.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\IObit\Advanced SystemCare 5\Asc.exe

C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.au/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart

uRun: [steam] "c:\program files\steam\steam.exe" -silent

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [iObit Malware Fighter] "c:\program files\iobit\iobit malware fighter\IMF.exe" /autostart

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"

mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"

mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1323326653703

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{7913A76F-0DDA-4F8D-AAB9-1FD1F406B9F4} : DhcpNameServer = 192.168.0.1

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\ben\application data\mozilla\firefox\profiles\nyswqvuw.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/|about:home

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll

.

============= SERVICES / DRIVERS ===============

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-3-15 36000]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-23 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2011-12-8 913752]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-3-15 86224]

R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-3-15 110032]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-3-15 74640]

R2 IMFservice;IMF Service;c:\program files\iobit\iobit malware fighter\IMFsrv.exe [2011-12-8 821592]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-8 654408]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-23 2348352]

R3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\FileMonitor.sys [2011-12-8 246816]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2012-3-11 14856]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-8 22344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-12-8 123712]

R3 RegFilter;RegFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\RegFilter.sys [2011-12-8 30368]

R3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\UrlFilter.sys [2011-12-8 16208]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 253088]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-12-8 1691480]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 129976]

S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; [x]

S3 NTIOLib_1_0_4;NTIOLib_1_0_4; [x]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-05-01 11:28:14 -------- d-----w- c:\documents and settings\ben\application data\SUPERAntiSpyware.com

2012-05-01 11:27:37 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-05-01 11:27:37 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2012-04-26 04:17:32 -------- d-----w- c:\documents and settings\ben\local settings\application data\Yoma_Tools

2012-04-26 04:17:32 -------- d-----w- c:\documents and settings\ben\local settings\application data\ArmaAddonSync2009

2012-04-25 08:00:12 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-04-25 08:00:10 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe

2012-04-25 08:00:10 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe

2012-04-16 03:02:49 -------- d-----w- c:\program files\Ventrilo

2012-04-03 12:00:20 -------- d-----w- c:\documents and settings\ben\application data\six-updater

2012-04-03 11:57:34 -------- d-----w- c:\program files\SIX Projects

.

==================== Find3M ====================

.

2012-04-14 10:16:49 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-14 10:16:49 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-04 05:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec

2012-02-23 03:40:39 292700 ----a-w- c:\windows\system32\nvdrsdb0.bin

2012-02-23 03:40:39 1 ----a-w- c:\windows\system32\nvdrssel.bin

2012-02-23 03:40:37 292700 ----a-w- c:\windows\system32\nvdrsdb1.bin

2012-02-10 04:10:00 881984 ----a-w- c:\windows\system32\nvgenco32.dll

2012-02-10 04:10:00 65536 ----a-w- c:\windows\system32\OpenCL.dll

2012-02-10 04:10:00 5918720 ----a-w- c:\windows\system32\nvcuda.dll

2012-02-10 04:10:00 4309760 ----a-w- c:\windows\system32\nv4_disp.dll

2012-02-10 04:10:00 2522944 ----a-w- c:\windows\system32\nvcuvid.dll

2012-02-10 04:10:00 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-02-10 04:10:00 2292224 ----a-w- c:\windows\system32\nvapi.dll

2012-02-10 04:10:00 18620416 ----a-w- c:\windows\system32\nvoglnt.dll

2012-02-10 04:10:00 17534976 ----a-w- c:\windows\system32\nvcompiler.dll

2012-02-10 04:10:00 13415040 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2012-02-10 04:10:00 1000256 ----a-w- c:\windows\system32\nvdispco32.dll

2012-02-10 03:04:29 54272 ----a-w- c:\windows\system32\nvwddi.dll

2012-02-10 03:04:21 164160 ----a-w- c:\windows\system32\nvsvc32.exe

2012-02-10 03:04:21 143680 ----a-w- c:\windows\system32\nvcolor.exe

2012-02-10 03:04:20 15494464 ----a-w- c:\windows\system32\nvcpl.dll

2012-02-10 03:04:19 108352 ----a-w- c:\windows\system32\nvmctray.dll

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 14:02:12.35 ===============

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

 

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.

2. The fixes are specific to your problem and should only be used for this issue on this machine.

3. If you don't know or understand something, please don't hesitate to ask.

4. Please DO NOT run any other tools or scans while I am helping you.

5. It is important that you reply to this thread. Do not start a new topic.

6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

7. Absence of symptoms does not mean that everything is clear.

 

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*************************************************************

SUPERAntiSpyware

 

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

 

Download SuperAntispyware Free Edition (SAS)

* Double-click the icon on your desktop to run the installer.

* When asked to Update the program definitions, click Yes

* If you encounter any problems while downloading the updates, manually download and unzip them from here

* Next click the Preferences button.

 

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts

* Click the Scanning Control tab.

* Under Scanner Options make sure only the following are checked:

 

•Close browsers before scanning

•Scan for tracking cookies

•Terminate memory threats before quarantining

Please leave the others unchecked

 

•Click the Close button to leave the control center screen.

 

* On the main screen click Scan your computer

* On the left check the box for the drive you are scanning.

* On the right choose Perform Complete Scan

* Click Next to start the scan. Please be patient while it scans your computer.

* After the scan is complete a summary box will appear. Click OK

* Make sure everything in the white box has a check next to it, then click Next

* It will quarantine what it found and if it asks if you want to reboot, click Yes

 

•To retrieve the removal information please do the following:

•After reboot, double-click the SUPERAntiSpyware icon on your desktop.

•Click Preferences. Click the Statistics/Logs tab.

 

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

 

•It will open in your default text editor (preferably Notepad).

•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

 

* Save the log somewhere you can easily find it. (normally the desktop)

* Click close and close again to exit the program.

*Copy and Paste the log in your post.

*********************************************

 

 

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

*********************************************

Download Combofix from any of the links below, and save it to your DESKTOP.

 

Link 1

Link 2

Link 3

 

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.
     
    You will see the following image:

http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png

 

Click I Agree to start the program.

 

ComboFix will then extract the necessary files and you will see this:

 

http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png

 

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

 

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

 

If you did not have it installed, you will see the prompt below. Choose YES.

 

http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif

 

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

 

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

 

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

 

http://i424.photobucket.com/albums/pp322/digistar/whatnext.png

 

Click on Yes, to continue scanning for malware.

 

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

 

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

 

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Link to comment
Share on other sites
Bennyboy Newbie

Bennyboy

Posted
  • Author
Posted

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 05/03/2012 at 01:59 PM

 

Application Version : 5.0.1148

 

Core Rules Database Version : 8548

Trace Rules Database Version: 6360

 

Scan type : Complete Scan

Total Scan Time : 00:35:50

 

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

 

Memory items scanned : 482

Memory threats detected : 0

Registry items scanned : 34193

Registry threats detected : 0

File items scanned : 55888

File threats detected : 6

 

Adware.Tracking Cookie

.apmebf.com [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

http://www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

http://www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\BEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NYSWQVUW.DEFAULT\COOKIES.SQLITE ]

 

 

 

 

 

 

 

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

http://www.malwarebytes.org

 

Database version: v2012.05.03.01

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Ben :: BEN [administrator]

 

Protection: Enabled

 

3/05/2012 2:02:17 PM

mbam-log-2012-05-03 (14-02-17).txt

 

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 251454

Time elapsed: 37 minute(s), 48 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

ComboFix 12-05-02.04 - Ben 03/05/2012 14:48:05.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2164 [GMT 10:00]

Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\windows\system32\_000006_.tmp.dll

c:\windows\system32\SET20C.tmp

c:\windows\system32\SET20D.tmp

c:\windows\system32\SET20E.tmp

c:\windows\system32\SET212.tmp

c:\windows\system32\SET214.tmp

c:\windows\system32\SET215.tmp

c:\windows\system32\SET219.tmp

c:\windows\system32\SET21B.tmp

.

.

((((((((((((((((((((((((( Files Created from 2012-04-03 to 2012-05-03 )))))))))))))))))))))))))))))))

.

.

2012-05-01 11:28 . 2012-05-01 11:28 -------- d-----w- c:\documents and settings\Ben\Application Data\SUPERAntiSpyware.com

2012-05-01 11:27 . 2012-05-01 11:28 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-05-01 11:27 . 2012-05-01 11:27 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2012-04-26 04:17 . 2012-04-26 04:17 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\Yoma_Tools

2012-04-26 04:17 . 2012-04-26 04:17 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\ArmaAddonSync2009

2012-04-25 08:00 . 2012-04-25 08:00 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-04-25 08:00 . 2012-04-25 08:00 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe

2012-04-25 08:00 . 2012-04-25 08:00 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe

2012-04-16 03:03 . 2012-05-01 04:18 -------- d-----w- c:\documents and settings\Ben\Application Data\Ventrilo

2012-04-16 03:02 . 2012-04-16 03:02 -------- d-----w- c:\program files\Ventrilo

2012-04-03 12:00 . 2012-04-03 12:03 -------- d-----w- c:\documents and settings\Ben\Application Data\six-updater

2012-04-03 11:57 . 2012-04-03 11:57 -------- d-----w- c:\program files\SIX Projects

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-14 10:16 . 2012-03-31 23:07 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-14 10:16 . 2011-12-09 11:01 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-04 05:56 . 2011-12-08 07:36 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 11:01 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10 . 2008-04-14 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec

2012-02-10 04:10 . 2011-12-08 07:22 881984 ----a-w- c:\windows\system32\nvgenco32.dll

2012-02-10 04:10 . 2011-12-08 07:22 65536 ----a-w- c:\windows\system32\OpenCL.dll

2012-02-10 04:10 . 2011-12-08 07:22 5918720 ----a-w- c:\windows\system32\nvcuda.dll

2012-02-10 04:10 . 2011-12-08 07:22 4309760 ----a-w- c:\windows\system32\nv4_disp.dll

2012-02-10 04:10 . 2011-12-08 07:22 2522944 ----a-w- c:\windows\system32\nvcuvid.dll

2012-02-10 04:10 . 2011-12-08 07:22 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-02-10 04:10 . 2011-12-08 07:22 2292224 ----a-w- c:\windows\system32\nvapi.dll

2012-02-10 04:10 . 2011-12-08 07:22 18620416 ----a-w- c:\windows\system32\nvoglnt.dll

2012-02-10 04:10 . 2011-12-08 07:22 17534976 ----a-w- c:\windows\system32\nvcompiler.dll

2012-02-10 04:10 . 2011-12-08 07:22 13415040 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2012-02-10 04:10 . 2011-12-08 07:22 1000256 ----a-w- c:\windows\system32\nvdispco32.dll

2012-02-10 03:04 . 2011-12-08 07:22 54272 ----a-w- c:\windows\system32\nvwddi.dll

2012-02-10 03:04 . 2011-12-08 07:22 164160 ----a-w- c:\windows\system32\nvsvc32.exe

2012-02-10 03:04 . 2011-12-08 07:22 143680 ----a-w- c:\windows\system32\nvcolor.exe

2012-02-10 03:04 . 2011-12-08 07:22 15494464 ----a-w- c:\windows\system32\nvcpl.dll

2012-02-10 03:04 . 2011-12-08 07:22 108352 ----a-w- c:\windows\system32\nvmctray.dll

2012-02-03 09:22 . 2008-04-14 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-04-25 08:00 . 2011-12-10 23:59 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]

"Steam"="c:\program files\Steam\steam.exe" [2011-12-09 1242448]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2011-10-14 20064872]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]

"NvMediaCenter"="NvMCTray.dll" [2012-02-10 108352]

"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]

"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-02 358472]

"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-02 1809992]

"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-02 3649096]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-01-30 258512]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=

"c:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2OA.exe"=

"c:\\Program Files\\Bohemia Interactive\\ArmA 2 REINFORCEMENTS\\arma2RFT.exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\napoleon total war\\Napoleon.exe"=

"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\empire total war\\Empire.exe"=

"c:\\Program Files\\SIX Projects\\Six Updater\\tools\\bin\\rsync.exe"=

"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=

"c:\\Program Files\\Bohemia Interactive\\ArmA 2\\Expansion\\beta\\arma2oa.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [15/03/2012 6:21 PM 36000]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/07/2011 2:27 AM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13/07/2011 7:55 AM 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12/08/2011 9:38 AM 116608]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [8/12/2011 6:05 PM 913752]

R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [15/03/2012 6:21 PM 86224]

R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [8/12/2011 6:10 PM 821592]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/12/2011 5:36 PM 654408]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [23/02/2012 1:42 PM 2348352]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23/11/2009 4:37 PM 19720]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [11/03/2012 11:00 AM 14856]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/12/2011 5:36 PM 22344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [8/12/2011 5:22 PM 123712]

R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [8/12/2011 6:10 PM 30368]

R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [8/12/2011 6:10 PM 16208]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12:16 PM 130384]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [1/04/2012 9:07 AM 253088]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8/12/2011 5:02 PM 1691480]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 6:00 PM 129976]

S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; [x]

S3 NTIOLib_1_0_4;NTIOLib_1_0_4; [x]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14/04/2008 10:00 PM 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12:16 PM 753504]

S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [8/12/2011 6:10 PM 246816]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WINRM REG_MULTI_SZ WINRM

.

Contents of the 'Scheduled Tasks' folder

.

2012-05-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 10:16]

.

2012-05-02 c:\windows\Tasks\ASC5_AutoCare.job

- c:\program files\IObit\Advanced SystemCare 5\AutoCare.exe [2011-12-08 23:49]

.

2012-05-02 c:\windows\Tasks\ASC5_AutoUpdate.job

- c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2011-12-08 08:13]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com.au/

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\nyswqvuw.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/|about:home

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=

FF - prefs.js: network.proxy.type - 0

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-05-03 14:50

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(836)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

Completion time: 2012-05-03 14:51:28

ComboFix-quarantined-files.txt 2012-05-03 04:51

.

Pre-Run: 319,180,914,688 bytes free

Post-Run: 319,249,522,688 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 7DCDF75C493D75A8184E9EACA3DE5489

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

Download Security Check by screen317 from one of the following links and save it to your desktop.

 

Link 1

Link 2

 

* Double-click Security Check.bat

* Follow the on-screen instructions inside of the black box.

* A Notepad document should open automatically called checkup.txt

* Post the contents of that document in your next reply.

 

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

***************************************************

Let's run a few more scans to see what turns up.

 

Please download aswMBR.exe ( 511KB ) to your desktop.

 

Double click the aswMBR.exe to run it

 

http://i424.photobucket.com/albums/pp322/digistar/aswMBR_Scan.jpg

 

Click the "Scan" button to start scan

 

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

 

http://i424.photobucket.com/albums/pp322/digistar/aswMBR_SaveLog.png

 

On completion of the scan click save log, save it to your desktop and post in your next reply

Link to comment
Share on other sites
Bennyboy Newbie

Bennyboy

Posted
  • Author
Posted

Results of screen317's Security Check version 0.99.32

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

Avira Free Antivirus

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

SUPERAntiSpyware

Adobe Flash Player 11.2.202.233

Adobe Reader X (10.1.3)

Mozilla Firefox (12.0.)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe

Malwarebytes' Anti-Malware mbamgui.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

IObit IObit Malware Fighter IMFsrv.exe

IObit IObit Malware Fighter IMF.exe

``````````End of Log````````````

 

 

 

 

 

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-05-04 15:32:15

-----------------------------

15:32:15.781 OS Version: Windows 5.1.2600 Service Pack 3

15:32:15.781 Number of processors: 2 586 0x170A

15:32:15.781 ComputerName: BEN UserName: Ben

15:32:19.890 Initialize success

15:36:38.812 AVAST engine defs: 12050301

15:36:48.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5

15:36:48.343 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3

15:36:48.343 Disk 0 MBR read successfully

15:36:48.343 Disk 0 MBR scan

15:36:48.359 Disk 0 Windows XP default MBR code

15:36:48.375 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63

15:36:48.375 Disk 0 scanning sectors +976752000

15:36:48.453 Disk 0 scanning C:\WINDOWS\system32\drivers

15:36:55.734 Service scanning

15:37:10.109 Modules scanning

15:37:13.250 Disk 0 trace - called modules:

15:37:13.250 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS

15:37:13.250 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a138ab8]

15:37:13.250 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000069[0x8a1fef18]

15:37:13.250 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a13ad98]

15:37:18.203 AVAST engine scan C:\

16:29:01.156 Scan finished successfully

16:29:39.296 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Ben\Desktop\MBR.dat"

16:29:39.296 The log file has been saved successfully to "C:\Documents and Settings\Ben\Desktop\aswMBR.txt"

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

SysProt Antirootkit

 

Download

SysProt Antirootkit from the link below (you will find it at the bottom

of the page under attachments, or you can get it from one of the

mirrors).

 

http://sites.google.com/site/sysprotantirootkit/

 

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.
    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

    [*]At the bottom of the page

    • Hidden Objects Only << Selected

    [*]Click on the Create Log button on the bottom right.

    [*]After a few seconds a new window should appear.

    [*]Select Scan Root Drive. Click on the Start button.

    [*]When it is complete a new window will appear to indicate that the scan is finished.

    [*]The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Link to comment
Share on other sites
Bennyboy Newbie

Bennyboy

Posted
  • Author
Posted

SysProt AntiRootkit v1.0.1.0

by swatkat

 

******************************************************************************************

******************************************************************************************

 

Process:

Name: C:\Program Files\Mozilla Firefox\firefox.exe

PID: 4

Hidden: Yes

Window Visible: No

 

Name: C:\Program Files\Mozilla Firefox\firefox.exe

PID: 4

Hidden: Yes

Window Visible: No

 

******************************************************************************************

******************************************************************************************

Kernel Modules:

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys

Service Name: ---

Module Base: B3FDE000

Module End: B3FF6000

Hidden: Yes

 

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS

Service Name: ---

Module Base: F79CB000

Module End: F79CD000

Hidden: Yes

 

******************************************************************************************

******************************************************************************************

SSDT:

Function Name: ZwClose

Address: B4B2A4AC

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwCreateKey

Address: B4B2A466

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwCreateSection

Address: B4B2A4B6

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwCreateThread

Address: B4B2A45C

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwDeleteKey

Address: B4B2A46B

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwDeleteValueKey

Address: B4B2A475

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwDuplicateObject

Address: B4B2A4A7

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwLoadKey

Address: B4B2A47A

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwOpenProcess

Address: B4B2A448

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwOpenThread

Address: B4B2A44D

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwQueryValueKey

Address: B4B2A4CF

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwReplaceKey

Address: B4B2A484

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwRequestWaitReplyPort

Address: B4B2A4C0

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwRestoreKey

Address: B4B2A47F

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwSetContextThread

Address: B4B2A4BB

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwSetSecurityObject

Address: B4B2A4C5

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwSetValueKey

Address: B4B2A470

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwSystemDebugControl

Address: B4B2A4CA

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

Function Name: ZwTerminateProcess

Address: B4B2A457

Driver Base: 0

Driver End: 0

Driver Name: _unknown_

 

******************************************************************************************

******************************************************************************************

No Kernel Hooks found

 

******************************************************************************************

******************************************************************************************

Hidden files/folders:

Object: C:\Qoobox\BackEnv\AppData.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Cache.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Cookies.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Desktop.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Favorites.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\History.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Music.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\NetHood.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Personal.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Pictures.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Programs.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Recent.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\SendTo.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\SetPath.bat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\StartUp.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\SysPath.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\Templates.folder.dat

Status: Access denied

 

Object: C:\Qoobox\BackEnv\VikPev00

Status: Access denied

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

Please tell me how your computer's working now.

 

ESET Online Scan

 

Scan your computer with the ESET FREE Online Virus Scan

 

* Click the ESET Online Scanner button.

 

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop

* Double click on the esetsmartinstaller_enu.exe icon on your desktop.

* Place a check mark next to YES, I accept the Terms of Use.

 

* Click the Start button.

* Accept any security warnings from your browser.

* Leave the check mark next to Remove found threats and place a check next to Scan archives.

* Click the Start button.

* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.

* When the scan completes, click List of found threats.

* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.

* Click the Back button then click Finish.

 

In your next reply please include the ESET Online Scan Log

Link to comment
Share on other sites
Bennyboy Newbie

Bennyboy

Posted
  • Author
Posted

PC is running better for sure, but I am getting a error on shutting dwn saying that "imfsrv" could not close. pretty sure sumthing to do with Avira.

 

 

Log for EST

 

C:\Documents and Settings\Ben\My Documents\downloads\gb3-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted

Ok. It looks like we can do some cleanup.

 

To uninstall ComboFix

 

  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall

 

http://i424.photobucket.com/albums/pp322/digistar/Combofix_uninstall_image.jpg

 

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

 

  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

**************************************************

Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

 

Double-click TFC.exe to run it.

 

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

 

TFC will close all programs when run, so make sure you have saved all your work before you begin.

 

* Click the Start button to begin the cleaning process.

* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.

* Please let TFC run uninterrupted until it is finished.

 

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

*******************************************************

Looking over your log it seems you don't have any evidence of a third party firewall.

 

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

 

Remember only install ONE firewall

 

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)

2) Online Armor

3) Agnitum Outpost

4) PC Tools Firewall Plus

 

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

****************************************************

Use the Secunia Software Inspector to check for out of date software.

 

•Click Start Now

 

•Check the box next to Enable thorough system inspection.

 

•Click Start

 

•Allow the scan to finish and scroll down to see if any updates are needed.

•Update anything listed.

.

----------

 

Go to Microsoft Windows Update and get all critical updates.

 

----------

 

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

 

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.

* Using SpywareBlaster to protect your computer from Spyware and Malware

* If you don't know what ActiveX controls are, see here

 

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

 

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

 

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.

Safe Surfing!

Link to comment
Share on other sites
Bennyboy Newbie

Bennyboy

Posted
  • Author
Posted

Dave can't get TFC to run, after I hit start program just hangs, desktop etc dose close down, but I have had it running twice over 2 hrs and dose not move on status bar. I have to manually power down pc.

 

Can I clean the temp files another way?

Link to comment
Share on other sites
Superdave Newbie

Superdave

Posted
Posted
Dave can't get TFC to run, after I hit start program just hangs, desktop etc dose close down, but I have had it running twice over 2 hrs and dose not move on status bar. I have to manually power down pc.

 

Can I clean the temp files another way?

 

Just do a disk cleanup. Click My Computer, right-click the C drive and select disk cleanup.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...