Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Port Scanning Attack and and DNS Cache Poisoning Attack Detected


  • This topic is locked This topic is locked

#16
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi

I am still getting the usual "New Hardware" window upon startup.

but, combofix caused no problems.

Log:

ComboFix 11-09-09.04 - UserXP 09/09/2011 20:57:04.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1228 [GMT -4:00]
Running from: c:\documents and settings\UserXP\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\UserXP\WINDOWS
.
.
((((((((((((((((((((((((( Files Created from 2011-08-10 to 2011-09-10 )))))))))))))))))))))))))))))))
.
.
2011-09-01 02:00 . 2011-09-01 02:00 -------- d-----w- C:\_OTL
2011-09-01 01:56 . 2011-09-01 01:56 -------- d-----w- c:\program files\ERUNT
2011-08-31 13:05 . 2011-08-31 13:06 -------- d-----w- c:\program files\trend micro
2011-08-31 13:05 . 2011-08-31 13:06 -------- d-----w- C:\rsit
2011-08-27 23:17 . 2011-09-04 21:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-27 15:51 . 2011-08-27 15:51 -------- d-----w- c:\program files\WinDjView
2011-08-27 01:38 . 2011-09-09 21:53 -------- d-----w- c:\documents and settings\UserXP\Application Data\go
2011-08-27 01:38 . 2011-09-02 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Easybits GO
2011-08-24 23:54 . 2009-08-19 21:49 49904 ----a-r- c:\windows\system32\drivers\BVRPMPR5.SYS
2011-08-24 23:52 . 2011-08-26 22:16 -------- d-----w- C:\Netgear
2011-08-12 01:33 . 2008-11-07 13:25 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-08-11 22:06 . 2011-09-01 01:13 -------- d-----w- c:\documents and settings\UserXP\Local Settings\Application Data\Research In Motion
2011-08-11 22:05 . 2009-01-09 10:48 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-03 10:17 . 2009-09-07 05:27 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-08-25 11:03 . 2011-06-24 18:25 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29 . 2009-09-07 05:29 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2009-09-07 05:30 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-07-06 23:52 . 2009-10-12 13:06 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-06 23:52 . 2009-10-12 13:06 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 14:10 . 2009-09-28 08:58 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-21 18:45 . 2009-09-07 05:33 832512 ----a-w- c:\windows\system32\wininet.dll
2011-06-21 18:45 . 2009-09-07 05:28 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-21 18:45 . 2009-09-07 05:28 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-06-21 18:45 . 2009-09-07 05:27 17408 ----a-w- c:\windows\system32\corpol.dll
2011-06-21 11:47 . 2009-09-07 05:28 389120 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2009-09-07 05:33 293376 ----a-w- c:\windows\system32\winsrv.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2010-05-02 2815488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-24 39408]
"GameXN (update)"="c:\documents and settings\All Users\Application Data\GameXN\GameXNGO.exe" [2011-09-02 347008]
"GameXN (news)"="c:\documents and settings\All Users\Application Data\GameXN\GameXNGO.exe" [2011-09-02 347008]
"GameXN"="c:\documents and settings\All Users\Application Data\GameXN\GameXNGO.exe" [2011-09-02 347008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-24 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-24 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-24 131072]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2008-03-03 72240]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-02-26 2376992]
"WordWeb"="c:\program files\WordWeb\wweb32.exe" [2009-11-08 65216]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-04-20 2474624]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"!CleanupNetMeetingDispDriver"="msconf.dll" [2007-11-30 69632]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-17 275072]
TeluguLipi Quick Start.lnk - c:\windows\Installer\{990CA0A1-4EA0-4C39-9EFE-3494F21917E7}\_7809DDD814F44DC2B39EE0CFADC8C435.exe [2010-9-30 40960]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\UserXP\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4446:TCP"= 4446:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [9/4/2011 11:23 PM 28552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4/20/2011 12:17 AM 118104]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [9/7/2009 1:33 AM 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [4/20/2011 12:17 AM 958464]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [10/20/2009 2:19 PM 50704]
R2 RTWTKRNL;Real-Time Windows Target;c:\windows\system32\drivers\RTWTKRNL.sys [1/18/2010 2:27 PM 27200]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/24/2010 8:43 AM 135664]
S3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Smart Security\EShaSrv.exe [4/20/2011 12:18 AM 183904]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2/23/2010 10:35 AM 36608]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/24/2010 8:43 AM 135664]
S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [9/28/2009 5:26 AM 33024]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [7/28/2011 6:05 AM 100736]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [10/12/2009 9:06 AM 41272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-24 12:05]
.
2011-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 12:42]
.
2011-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-24 12:42]
.
2011-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-838170752-1801674531-1003Core.job
- c:\documents and settings\UserXP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-02 11:19]
.
2011-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-838170752-1801674531-1003UA.job
- c:\documents and settings\UserXP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-02 11:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/
uInternet Settings,ProxyOverride = <local>
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://www.shockwave.com/content/delicioustasteoffame/sis/gamehouseplayer.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://www.arcadetown.com/swf/deliciousdeluxe2/zylomplayer.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-09 21:04
Windows 5.1.2600 Service Pack 3, v.6055 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2032)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
.
Completion time: 2011-09-09 21:07:07
ComboFix-quarantined-files.txt 2011-09-10 01:07
.
Pre-Run: 5,839,196,160 bytes free
Post-Run: 5,793,931,264 bytes free
.
- - End Of File - - 7D0FBCE5F611B0CAEFC7E1E029F9BDAE


Thanks

Jolene
  • 0

Advertisements


#17
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

I am still getting the usual "New Hardware" window upon startup.

OK it appears something Netgear related has either been installed and or updated within the last month or so. Can you confirm for myself please if you are actually using anything Netgear related?

Reset SP3 Firewall again as outlined here and ensure it is deactivated afterwards.

Next:

Ensure hidden files are visible via checking as follows:-

  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Now please go to my file submission channel here.

Next to the box:- Link to topic where this file was requested: Add in the below:-

http://www.geekstogo.com/forum/topic/306320-port-scanning-attack-and-and-dns-cache-poisoning-attack-detected/
Next to the box: Browse to the file you want to submit: click on the Browse... tab and navigate to the below:-

c:\windows\system32\proquota.exe

Then click on the Send File tab. I will be notified when the file has been uploaded and checked.
  • 0

#18
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Yes, I have started using Netgear Wireless router at home and connect on Wi-fi.

What is the stage of issue on my system? As in, what was the problem and how much of it has been solved?

I have started noticing another funny thing.
When I take my cursor to a tab's "x" mark on chrome, originally, I would have expected to see a small yellow window come up near my cursor saying "Close". Nowadays, this small yellow "close" window is flickering. Its not static.

Infact, when we take our cursor to the tab heading in chrome, a yellow window with full tab names comes next to cursor. Even that is flickering.

I have sent the file too.

Regards
Jolene

Edited by jolene singh, 10 September 2011 - 06:25 AM.

  • 0

#19
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

Yes, I have started using Netgear Wireless router at home and connect on Wi-fi.

OK and thank you for the clarification. Your router should have come with a installation CD-ROM, so what I propose is reboot your machine and if the add new hard-ware window appears insert the aforementioned CD-ROM, follow the prompts etc.

What is the stage of issue on my system? As in, what was the problem and how much of it has been solved?

Looking quite good actually and the results of the file submission are favourible. So overall at this point I think your machine is malware free.

I have started noticing another funny thing.
When I take my cursor to a tab's "x" mark on chrome, originally, I would have expected to see a small yellow window come up near my cursor saying "Close". Nowadays, this small yellow "close" window is flickering. Its not static.

Infact, when we take our cursor to the tab heading in chrome, a yellow window with full tab names comes next to cursor. Even that is flickering.

Within the realms of possibility the malware that was on-board your machine may have corrupted the Chrome installation, so carry out the following please...

Click on Start >> Run... and copy and paste the below from the code-box and click on OK

C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\User Data
Navigate to the folder called Default in the directory window that opens and and right-click on it and select Rename.

Now rename it at Backup Default and close the window. Now launch Google Chrome and check if the issuies you have been experinacing have been rectified.

Note: You may have to reapply your custom settings/import bookmarks again etc.

New Java Installation:

  • Click here to visit Java's website.
  • Scroll down to Java SE 7. Click on Download JRE.
  • Check (tick) Java SE Runtime Environment 7 License Agreement box.
  • Click on jre-7-windows-i586.exe link next to Windows x86 Offline to download it and save this to a convenient location.
  • Double-click on on jre-7-windows-i586.exe to install Java.
Next:

Let myself know when completed the above and if any further issues remaining. If not we will clean up the tools used during the course of the Malware Removal process and I will provide some advice about online safety etc.
  • 0

#20
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Actually I was using Netgear for the last one year. But, I changed location last month and took up a new connection. Similar netgear Wireless router though.
  • 0

#21
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
OK, carry out my advice/instructions when ready. :)
  • 0

#22
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#23
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Re-opened at OP's request.

--------------

Provide myself with a quick update re the current situation again please and we will go from there, thank you.
  • 0

#24
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Thank you.

1. I did put in the CD upon the prompt. It tried to find out an installer when I clicked "Next", and then said that installer couldn't be found.
So that still remains.

2. Upon changing the Chrome folder, I lost all my bookmarks. Could you suggest a way so that I wouldn't lose my bookmarks. I've managed them very nicely for years now. And I dont wanna restart with them.

3. The JAVA installation has been done.

Regards
Jolene
  • 0

#25
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi and you're welcome! :)

1. I did put in the CD upon the prompt. It tried to find out an installer when I clicked "Next", and then said that installer couldn't be found.
So that still remains.

OK I think it best I refer you the the excellant IT Techs we have here in GTG. Reason being primairily both myself and this part of the forum provide Anti-Malware support only. So when I give the all clear create a new topic in this part of the forum:-

Hardware, Components and Peripherals

By all means if you so wish mention I advised you seek specific support for this issue and include this topics URL:-

http://www.geekstogo.com/forum/topic/306320-port-scanning-attack-and-and-dns-cache-poisoning-attack-detected/
Next:

2. Upon changing the Chrome folder, I lost all my bookmarks. Could you suggest a way so that I wouldn't lose my bookmarks. I've managed them very nicely for years now. And I dont wanna restart with them.

OK and fair play, you can export them first as follows:-

Launch the browser >> click on the Google Chrome Wrench >> Bookmark >> Bookmark manager >> Organize >> Export bookmarks to HTML file..

Export them to the Desktop. Then carry out again the prior procedure here again for renaming the Default folder.

Afterwards you can import your previously saved Bookmarks via the Bookmark manager(this time use the option Import bookmarks from HTML file...).

Next:

Let myself know when completed the above and if any further issues remaining apart from the hardware one. If not we will clean up the tools used during the course of the Malware Removal process and I will provide some advice about online safety etc.
  • 0

Advertisements


#26
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Hi

The change suggested, did not resolve the issue. Even without importing the bookmarks, the new chrome window, showed the same flickering of cursor and title bubble.

I did lose my saved passwords though :)

Regards
Jolene
  • 0

#27
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :unsure:

The change suggested, did not resolve the issue. Even without importing the bookmarks, the new chrome window, showed the same flickering of cursor and title bubble.

OK that informs myself the browser is probably not compromised then. It sounds like the Adobe Flash Player plugin with Chrome may be the issue.

I did lose my saved passwords though :)

Most unfortunate, in the event you have not reset them yet we should be able to retrieve all by merely resetting Chrome as was.

Your exported bookmarks should still be on the Desktop, if not re export them again as a precaution. Now rename the new Default folder Backup Default2. Then rename the Backup Default back to Default.

Next:

  • Type about:plugins into the address bar at the top of a Chrome browser window and depress the Enter key.
  • Click on Details at the upper-right corner of the page.
  • Find the Flash (or “Shockwave Flash”) listing on the Plug-ins page and click the corresponding Disable button. Then click on Enable.
  • Close all Chrome windows and restart the browser.
Let myself know the outcome please in your next reply, thank you.
  • 0

#28
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
I think that worked.

I don't see any flickering now.
\
Regards
Jolene
  • 0

#29
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi. :)

I think that worked.

Good...Congratulations your computer appears to be malware free! With regard to the ongoing Hard-ware issue, follow my advice here.

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Uninstall ComboFix:

  • Click on Start >> Run...
  • Now type in ComboFix /Uninstall into the and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.
  • Posted Image
Clean up with OTL:

  • Double-click OTL to start the program.
  • Close all other programs apart from OTL as this step will require a reboot.
  • On the OTL main screen, depress the CleanUp button.
  • Say Yes to the prompt and then allow the program to reboot your computer.
The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan once at least once per week.

Other installed security software:

Your presently installed combination security application, ESET Smart Security automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:

  • I advise you visit: http://update.micros...t.aspx?ln=en-us
  • Install the Active X
  • Once installed it will advise set Auto-Updates if not set and you then you will be able to manually check for updates also via:
  • Start >> All Programs >> Microsoft Updates
Update to Internet Expoler v8:

IE7 has been superseded by IE8, I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.

Note: Even if you do not use IE regualry it is best from a security point of view to update the browser.

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

Only use one of the above!

Install WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

Any questions? Feel free to ask, if not stay safe!
  • 0

#30
jolene singh

jolene singh

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Ummm...

I think the flickering came back.

I have a Computer Toolbar at the top of my desktop. Now, that toolbar and my Chrome main bar flicker together, so that suddenly my toolbar overlaps with chrome (though it is checked to be always at bottom), and I can click D drive button and open a new tab all in one line.

The earlier flickering of just the chrome buttons is still there.

Its weird.

Edited by jolene singh, 19 September 2011 - 02:14 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP