False XP Home Security 2012 Alert [Solved]
Started by
Bob_C
, Dec 19 2011 02:38 PM
-
This topic is locked
#16
Posted 24 December 2011 - 02:01 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
#17
Posted 24 December 2011 - 02:29 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Aye that is what you need to download...The URL posted works for me etc.Is it correct? Hope I provided an active link.
Likewise!P.S. Happy Holidays wherever and however you might be!
#18
Posted 24 December 2011 - 07:45 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
OK. 1)Deleted Spybot folder. 2)Checked w/Crucial scan on. They advised 1GB x 2 to replace my 256MB x 2. Wondering: is replacing ram as simple as pulling the two 256 units out and pushing the two 1 GB units in? And then simply starting up my computer? Or are there other steps that will come into play? This ,of course, is assuming I'm not all thumbs and don't bend or break anything. 3) Installed SP3. At one point, during the "almost finished, doing cleanup" phase, it appeared stalled and took a very long time. I checked what apps were running (ctr/alt/del) and the installation appeared to be using cpu...so I just waited it out. It finally finished and Service Pack 3 appears on my computer properties "general tab". So, I'm hoping the installation was successful.
I'll ask later about things to delete from our work together and thing to install. But for now, the Security center is still fine and the computer runs normally and restarts normally. You may or may not be around tonight or tomorrow, but I'll be able to view what's next during part of tomorrow. Otherwise, Monday? As always, thank you.
Here's the OTL log:
OTL logfile created on: 12/24/2011 5:15:40 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bob\Desktop\geeks to go
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
503.30 Mb Total Physical Memory | 209.83 Mb Available Physical Memory | 41.69% Memory free
1.20 Gb Paging File | 1.00 Gb Available in Paging File | 83.28% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 129.57 Gb Free Space | 86.93% Space Free | Partition Type: NTFS
Computer Name: BOB-3CDE5CE5327 | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/20 08:29:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\geeks to go\OTL.exe
PRC - [2011/11/28 10:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/10/16 19:35:28 | 000,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2008/10/16 19:35:24 | 000,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/07/24 17:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/24 07:06:34 | 001,656,832 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122401\algo.dll
MOD - [2011/12/19 15:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122401\aswRep.dll
MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/10/16 19:35:28 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/07/24 17:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
========== Driver Services (SafeList) ==========
DRV - [2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/07 00:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 00:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2009/10/07 00:48:18 | 000,066,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2009/10/07 00:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/10/29 19:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/10/16 19:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 17:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 17:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2001/08/17 14:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/30 09:16:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/14 10:07:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/21 20:46:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/09/26 12:22:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009/08/04 18:55:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions
[2010/09/09 19:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/10/22 07:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\mtjcp9cv.default\extensions
[2011/05/28 09:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/14 10:07:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/11 08:50:29 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/14 10:07:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
O1 HOSTS File: ([2011/12/22 16:03:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E49FD81C-7274-4F12-A922-7566DE088084}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/28 11:37:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/24 15:36:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bob\Recent
[2011/12/24 15:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/24 13:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/12/24 13:34:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/12/24 13:34:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/12/24 13:34:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/12/24 13:24:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/12/24 13:23:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/12/23 14:58:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/22 21:18:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/22 16:02:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/12/21 21:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Desktop\geeks to go
[2011/12/21 20:54:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/21 20:54:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/21 20:54:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/21 20:54:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/21 20:54:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/21 20:51:03 | 004,347,226 | R--- | C] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/12/21 20:46:27 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/12/02 20:31:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\Apple Computer
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/24 15:37:23 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Word.lnk
[2011/12/24 15:32:45 | 000,314,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:32:45 | 000,041,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:32:07 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/12/24 15:30:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/24 15:30:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/24 15:30:02 | 000,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/24 15:29:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/12/24 15:29:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/12/24 13:29:13 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/12/22 16:03:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/21 20:51:09 | 004,347,226 | R--- | M] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/11/30 09:16:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/28 10:17:52 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/28 10:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 10:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 09:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/24 13:34:56 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/12/24 13:34:55 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/12/24 13:34:55 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/12/24 13:34:55 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/12/24 13:34:55 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/12/24 13:34:55 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/12/24 13:34:55 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/12/24 13:34:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/12/24 13:34:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/12/24 13:34:54 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/12/24 13:34:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/12/24 13:34:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/12/24 13:34:53 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/12/24 13:34:53 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/12/24 13:34:53 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/12/24 13:34:53 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/12/24 13:34:53 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/12/24 13:34:53 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/12/24 13:34:53 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/12/24 13:34:53 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/12/24 13:34:53 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/12/24 13:34:53 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/12/24 13:34:53 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/12/24 13:34:53 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/12/24 13:34:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/12/24 13:34:52 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/12/24 13:34:52 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/12/24 13:34:52 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/12/24 13:34:52 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/12/24 13:34:52 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/12/24 13:34:52 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/12/24 13:34:52 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/12/24 13:34:52 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/12/24 13:34:52 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/12/24 13:34:52 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/12/24 13:34:52 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/12/24 13:34:52 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/12/24 13:34:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/12/24 13:34:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/12/24 13:34:52 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/12/24 13:34:52 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/12/24 13:34:52 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/12/24 13:34:52 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/12/24 13:34:52 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/12/24 13:34:52 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/12/24 13:34:52 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/12/24 13:34:52 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/12/24 13:34:52 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/12/24 13:34:52 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/12/24 13:34:52 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/12/24 13:34:52 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/12/24 13:34:52 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/12/24 13:34:52 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/12/24 13:34:52 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/12/24 13:34:52 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/12/24 13:34:52 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/12/24 13:34:52 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/12/24 13:34:52 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/12/24 13:34:51 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/12/24 13:34:51 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/12/24 13:34:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/12/24 13:34:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/12/24 13:34:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/12/24 13:34:51 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/12/24 13:34:50 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/12/24 13:34:50 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/12/24 13:34:50 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/12/24 13:34:50 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/12/24 13:34:50 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/12/24 13:34:50 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/12/24 13:34:50 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/12/24 13:34:50 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/12/24 13:34:50 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/12/24 13:34:49 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/12/24 13:34:49 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/12/24 13:34:49 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/12/24 13:34:49 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/12/24 13:29:39 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/12/24 13:29:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/12/24 13:29:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/12/21 20:54:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/21 20:54:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/21 20:54:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/21 20:54:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/21 20:54:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/04 08:20:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/28 03:36:47 | 000,000,122 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/27 20:24:56 | 000,012,058 | -HS- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\5bfpmqtq7mu88r0308hhv1b34gi712fxq1rdw0k76s
[2011/02/19 18:45:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011/02/19 18:45:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011/02/19 18:45:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011/02/19 18:37:59 | 000,034,115 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2010/10/09 12:48:19 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/24 13:11:28 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/24 11:02:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/04 18:55:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/28 16:55:54 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/07/28 11:39:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/28 11:34:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/28 04:27:47 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/28 04:26:27 | 000,191,384 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/22 10:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 10:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 02:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 02:00:00 | 000,314,838 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 02:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 02:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 02:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 02:00:00 | 000,041,040 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 02:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 02:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 02:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 02:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011/06/15 19:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/15 06:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 06:30:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/07/29 11:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/08/02 11:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/07/24 13:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\Leadertech
[2010/09/09 19:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\Thunderbird
[2010/02/02 21:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\W Photo Studio Viewer
========== Purity Check ==========
< End of report >
I'll ask later about things to delete from our work together and thing to install. But for now, the Security center is still fine and the computer runs normally and restarts normally. You may or may not be around tonight or tomorrow, but I'll be able to view what's next during part of tomorrow. Otherwise, Monday? As always, thank you.
Here's the OTL log:
OTL logfile created on: 12/24/2011 5:15:40 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bob\Desktop\geeks to go
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
503.30 Mb Total Physical Memory | 209.83 Mb Available Physical Memory | 41.69% Memory free
1.20 Gb Paging File | 1.00 Gb Available in Paging File | 83.28% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 129.57 Gb Free Space | 86.93% Space Free | Partition Type: NTFS
Computer Name: BOB-3CDE5CE5327 | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/12/20 08:29:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\geeks to go\OTL.exe
PRC - [2011/11/28 10:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/10/16 19:35:28 | 000,116,032 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2008/10/16 19:35:24 | 000,087,360 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/07/24 17:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011/12/24 07:06:34 | 001,656,832 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122401\algo.dll
MOD - [2011/12/19 15:49:56 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11122401\aswRep.dll
MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/11/28 10:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/10/16 19:35:28 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2008/08/26 18:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/07/24 17:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
========== Driver Services (SafeList) ==========
DRV - [2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/10/07 00:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 00:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2009/10/07 00:48:18 | 000,066,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2009/10/07 00:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/10/29 19:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/10/16 19:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 17:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 17:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2005/01/07 16:07:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2001/08/17 14:02:50 | 000,002,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HIDSwvd.sys -- (HIDSwvd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/11/30 09:16:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/14 10:07:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/21 20:46:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/09/26 12:22:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009/08/04 18:55:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions
[2010/09/09 19:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/10/22 07:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\mtjcp9cv.default\extensions
[2011/05/28 09:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/14 10:07:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/11 08:50:29 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2010/01/01 00:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/14 10:07:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
O1 HOSTS File: ([2011/12/22 16:03:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E49FD81C-7274-4F12-A922-7566DE088084}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/28 11:37:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/24 15:36:54 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bob\Recent
[2011/12/24 15:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/12/24 13:34:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/12/24 13:34:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/12/24 13:34:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/12/24 13:34:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/12/24 13:24:03 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/12/24 13:23:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/12/23 14:58:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/22 21:18:29 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/22 16:02:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/12/21 21:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Desktop\geeks to go
[2011/12/21 20:54:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/21 20:54:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/21 20:54:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/21 20:54:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/21 20:54:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/21 20:51:03 | 004,347,226 | R--- | C] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/12/21 20:46:27 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/12/02 20:31:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\Apple Computer
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/24 15:37:23 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Word.lnk
[2011/12/24 15:32:45 | 000,314,838 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/24 15:32:45 | 000,041,040 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/24 15:32:07 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/12/24 15:30:55 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/24 15:30:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/24 15:30:02 | 000,191,384 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/24 15:29:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/12/24 15:29:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/12/24 13:29:13 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/12/22 16:03:37 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/21 20:51:09 | 004,347,226 | R--- | M] (Swearware) -- C:\Documents and Settings\Bob\Desktop\ComboFix.exe
[2011/11/30 09:16:49 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/11/28 10:17:52 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/28 10:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 10:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 09:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 09:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 09:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 09:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 09:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 09:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 09:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 09:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/12/24 13:34:56 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/12/24 13:34:55 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/12/24 13:34:55 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/12/24 13:34:55 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/12/24 13:34:55 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/12/24 13:34:55 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/12/24 13:34:55 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/12/24 13:34:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/12/24 13:34:54 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/12/24 13:34:54 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/12/24 13:34:54 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/12/24 13:34:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/12/24 13:34:54 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/12/24 13:34:53 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/12/24 13:34:53 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/12/24 13:34:53 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/12/24 13:34:53 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/12/24 13:34:53 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/12/24 13:34:53 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/12/24 13:34:53 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/12/24 13:34:53 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/12/24 13:34:53 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/12/24 13:34:53 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/12/24 13:34:53 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/12/24 13:34:53 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/12/24 13:34:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/12/24 13:34:52 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/12/24 13:34:52 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/12/24 13:34:52 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/12/24 13:34:52 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/12/24 13:34:52 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/12/24 13:34:52 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/12/24 13:34:52 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/12/24 13:34:52 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/12/24 13:34:52 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/12/24 13:34:52 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/12/24 13:34:52 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/12/24 13:34:52 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/12/24 13:34:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/12/24 13:34:52 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/12/24 13:34:52 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/12/24 13:34:52 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/12/24 13:34:52 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/12/24 13:34:52 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/12/24 13:34:52 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/12/24 13:34:52 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/12/24 13:34:52 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/12/24 13:34:52 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/12/24 13:34:52 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/12/24 13:34:52 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/12/24 13:34:52 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/12/24 13:34:52 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/12/24 13:34:52 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/12/24 13:34:52 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/12/24 13:34:52 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/12/24 13:34:52 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/12/24 13:34:52 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/12/24 13:34:52 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/12/24 13:34:52 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/12/24 13:34:51 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/12/24 13:34:51 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/12/24 13:34:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/12/24 13:34:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/12/24 13:34:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/12/24 13:34:51 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/12/24 13:34:50 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/12/24 13:34:50 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/12/24 13:34:50 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/12/24 13:34:50 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/12/24 13:34:50 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/12/24 13:34:50 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/12/24 13:34:50 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/12/24 13:34:50 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/12/24 13:34:50 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/12/24 13:34:49 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/12/24 13:34:49 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/12/24 13:34:49 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/12/24 13:34:49 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/12/24 13:29:39 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/12/24 13:29:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/12/24 13:29:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/12/21 20:54:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/21 20:54:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/21 20:54:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/21 20:54:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/21 20:54:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/04 08:20:23 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/28 03:36:47 | 000,000,122 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/27 20:24:56 | 000,012,058 | -HS- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\5bfpmqtq7mu88r0308hhv1b34gi712fxq1rdw0k76s
[2011/02/19 18:45:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2011/02/19 18:45:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2011/02/19 18:45:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2011/02/19 18:37:59 | 000,034,115 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat
[2010/10/09 12:48:19 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/24 13:11:28 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/10/07 00:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 00:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/24 11:02:00 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/04 18:55:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/28 16:55:54 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/07/28 11:39:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/07/28 11:34:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/07/28 04:27:47 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/07/28 04:26:27 | 000,191,384 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/22 10:48:43 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 10:48:43 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 02:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 02:00:00 | 000,314,838 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 02:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 02:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 02:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 02:00:00 | 000,041,040 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 02:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 02:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 02:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 02:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011/06/15 19:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/06/15 06:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/03/14 06:30:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/07/29 11:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/08/02 11:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/07/24 13:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\Leadertech
[2010/09/09 19:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\Thunderbird
[2010/02/02 21:36:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Bob\Application Data\W Photo Studio Viewer
========== Purity Check ==========
< End of report >
#19
Posted 25 December 2011 - 12:06 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
I woke up this morning to the yellow updates icon in my tray. It said it found 61 new updates to install! I haven't allowed that yet. I suppose it has to do with installing SP3? Please advise. Also, I didn't realize that automatic updates allowed me to "custom install". Will there ever be a reason that I might avoid the "express install" option in favor of the "custom install"?
#20
Posted 25 December 2011 - 02:37 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Hi.
Hardware, Components and Peripherals
Next:
You can delete the below folder as not needed:-
C:\Documents and Settings\All Users\Application Data\avg9
New Adobe Reader Installation:
Let myself know when completed the above and if any further issues remaining. If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.
Basically aye that is all you need to do but do observe anti-static procedure when doing so. Not really my area of expertise if you will and if you need more advice merely ask in this part of the forum:-Checked w/Crucial scan on. They advised 1GB x 2 to replace my 256MB x 2. Wondering: is replacing ram as simple as pulling the two 256 units out and pushing the two 1 GB units in? And then simply starting up my computer? Or are there other steps that will come into play?
Hardware, Components and Peripherals
Sounds fine to myself by what you posted.So, I'm hoping the installation was successful.
To be expected and at this juncture should be fine to go ahead and install them and or wait.I woke up this morning to the yellow updates icon in my tray. It said it found 61 new updates to install! I haven't allowed that yet. I suppose it has to do with installing SP3? Please advise
Automatic updates as a rule only downloads what is deemed critical security related updates, so not a problem. I will explain further as provide further advice when we remove all tools used etc.Also, I didn't realize that automatic updates allowed me to "custom install". Will there ever be a reason that I might avoid the "express install" option in favor of the "custom install"?
Next:
You can delete the below folder as not needed:-
C:\Documents and Settings\All Users\Application Data\avg9
New Adobe Reader Installation:
- Go here and click on AdbeRdr1011_en_US.exe to download the latest version of Adobe Reader.
- Save this file to your desktop and run it to install the latest version of Adobe Reader.
- After the new Reader is installed, Open Adobe Reader X.
- OK the license.
- Click on Edit and select Preferences.
- On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
- Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
- Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
- Click the OK button
- Click here to visit Java's website.
- Scroll down to Java SE 7u2. Click on JRE Download.
- Check (tick) Java SE Runtime Environment 7 License Agreement box.
- Click on jre-7u2-windows-i586.exe link next to Windows x86 Offline to download it and save this to your desktop.
- Double-click on on jre-7u2-windows-i586.exe to install Java.
Let myself know when completed the above and if any further issues remaining. If not we will clean up all tools used during the Malware Removal process and I will provide some advice about online safety etc.
#21
Posted 25 December 2011 - 05:03 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
Hello.
1)I did the 61 automatic updates. 2) I installed Adobe with the preferences you described (btw, it questioned me whether I wanted to mess with the Security (Enhanced) choice). I still did as you directed.3) I installed Java. 4) When I went to C:\Documents and Settings\All Users\Application Data\avg9 nothing was there listed as "application data". So I copied the command into the "run" box and it found a file related to AVG 9, so I deleted that. The same thing happen earlier when I went to delete the old SpyBot file you wanted me to. Somehow, there's not an "Application Data" file in my All Users file.
Question: I noticed using a small application I often use (ccleaner) that Java Update and Adobe ARM.exe are now enabled in my Startup. Is that normal?
Thank you again and again. Things are running fine.I look forward to the cleanup and advice on avoiding further trouble. As a reminder, I did remove SpywareGuard and SpywasBlaster at some early stage of our work together.
1)I did the 61 automatic updates. 2) I installed Adobe with the preferences you described (btw, it questioned me whether I wanted to mess with the Security (Enhanced) choice). I still did as you directed.3) I installed Java. 4) When I went to C:\Documents and Settings\All Users\Application Data\avg9 nothing was there listed as "application data". So I copied the command into the "run" box and it found a file related to AVG 9, so I deleted that. The same thing happen earlier when I went to delete the old SpyBot file you wanted me to. Somehow, there's not an "Application Data" file in my All Users file.
Question: I noticed using a small application I often use (ccleaner) that Java Update and Adobe ARM.exe are now enabled in my Startup. Is that normal?
Thank you again and again. Things are running fine.I look forward to the cleanup and advice on avoiding further trouble. As a reminder, I did remove SpywareGuard and SpywasBlaster at some early stage of our work together.
#22
Posted 26 December 2011 - 06:39 AM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Hi.
StartUpLite:
Download this small application from here.
It is very simple to use and quite effective and will advise about any unnecessary system startups that can be safely removed.
Next:
Congratulations your computer appears to be malware free!
Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.
Importance of Regular System Maintenance:
I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.
Help! My computer is slow!
Also so is this:
What to do if your Computer is running slowly
Uninstall ComboFix:
Ensure OTL is actually on the Desktop, it appears to be in a folder on your Desktop at present.
Any left over merely delete yourself and empty the Recycle Bin.
Now some advice for on-line safety:
Malwarebyte's Anti-Malware:
This is a excellent application and I advise you keep this installed. Check for updates and run a scan once at least once per week.
Other installed security software:
Your presently installed security application, avast! Free Antivirus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.
I advise you also run a complete scan with this also once per week.
Keep your system updated:
Microsoft releases patches for Windows and other products regularly:
IE7 has been superseded by IE8, I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.
Note: IE9 is not XP compatible
Update Mozilla Firefox:
The latest version is 9.0.1
To update, launch the browser >> Help >> About Firefox >> it will auto detect if a update is available then download and install. Restrat the browser when prompted.
Be careful when opening attachments and downloading files:
Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Stop malicious scripts:
Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.
Avoid Peer to Peer software:
P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.
Hosts File:
A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.
Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.
Here are some Hosts files:
Only use one of the above!
Install WinPatrol:
WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.
Download it from here.
You can find information about how WinPatrol works here.
Next:
This is a very helpful/useful set of advice from Microsoft: Microsoft Online Safety.
Any questions? Feel free to ask, if not stay safe!
That is normal, however no actual need for the start-up entries and removing them will free up some system resources/improve boot-up speed etc. Use the below application to remove them if you so wish:-Question: I noticed using a small application I often use (ccleaner) that Java Update and Adobe ARM.exe are now enabled in my Startup. Is that normal?
StartUpLite:
Download this small application from here.
It is very simple to use and quite effective and will advise about any unnecessary system startups that can be safely removed.
You're most welcome!Thank you again and again
Next:
Congratulations your computer appears to be malware free!
Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.
Importance of Regular System Maintenance:
I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.
Help! My computer is slow!
Also so is this:
What to do if your Computer is running slowly
Uninstall ComboFix:
- Click on Start >> Run...
- Now type in ComboFix /Uninstall into the and click OK.
- Note the space between the X and the /Uninstall, it needs to be there.
Ensure OTL is actually on the Desktop, it appears to be in a folder on your Desktop at present.
- Right-click OTL and select Run as Administrator to start the program.
- Close all other programs apart from OTL as this step will require a reboot.
- On the OTL main screen, depress the CleanUp button.
- Say Yes to the prompt and then allow the program to reboot your computer.
Any left over merely delete yourself and empty the Recycle Bin.
Now some advice for on-line safety:
Malwarebyte's Anti-Malware:
This is a excellent application and I advise you keep this installed. Check for updates and run a scan once at least once per week.
Other installed security software:
Your presently installed security application, avast! Free Antivirus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.
I advise you also run a complete scan with this also once per week.
Keep your system updated:
Microsoft releases patches for Windows and other products regularly:
- I advise you visit: http://update.micros...t.aspx?ln=en-us
- Install the Active X
- Once installed it will advise set Auto-Updates if not set and you then you will be able to manually check for updates also via:
- Start >> All Programs >> Microsoft Updates
IE7 has been superseded by IE8, I strongly advise you download and install the new browser from here. This will increase overall security whist browsing online.
Note: IE9 is not XP compatible
Update Mozilla Firefox:
The latest version is 9.0.1
To update, launch the browser >> Help >> About Firefox >> it will auto detect if a update is available then download and install. Restrat the browser when prompted.
Be careful when opening attachments and downloading files:
Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.
Stop malicious scripts:
Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.
Avoid Peer to Peer software:
P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.
Hosts File:
A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.
Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.
Here are some Hosts files:
Only use one of the above!
Install WinPatrol:
WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.
Download it from here.
You can find information about how WinPatrol works here.
Next:
This is a very helpful/useful set of advice from Microsoft: Microsoft Online Safety.
Any questions? Feel free to ask, if not stay safe!
#23
Posted 26 December 2011 - 03:49 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
Hello. Here comes a long reply of what I did and what I did not do. Please bear with me for a bit more!
1)Startup Lite: I downloaded. It disabled java update, but kept AdobeArm exe. I'm OK with that if you are.
2)I read both articles on "Computer Running Slowly" Performed suggested cleanups. But I DID NOT to a cleanup for System Restore Points. Relevant? Irrelevant?
3)Uninstalled Combo Fix.
4)Put OTL back on desktop. It did not have a right-click option to "run as administrator". So I just opened it anyways and ran the "cleanup" button. AOK?
5)Under your "Keep System Updated" suggested topic, I could not find anything regarding "Install Active X" using the link you provided. So I did nothing with that suggestion yet.
6) Installed IE8, even though I do use Firefox. That took quite a bit of time.
7)Update Firefox to version 9
8) Wasn't sure what to do with the warnings of "cracked programs" and the two links provided of Sourceforge and Pricelessware. Advice?
9)Downloaded Scriptdefender but have no idea what I am supposed to do with it, if anything. Advice?
10)Host Files is a new area of knowledge for me. So, I think I unzipped MVPS properly and placed the hosts list properly into C/Windows?system32/drivers/etc. Gulp! I don't have any idea if I really did this correctly. Also, if I did do it correctly, I have no idea what to do with it, if anything. Will it flash warnings? Does it need maintenance? This part worries me a bit!
11)Did not install WinPatrol yet. It talked about some conflicting issues with Firefox that they were working on. So, don't know if I should bother now, later...or ever?
12)One of the links, I don't remember where now, took me to an MS page that offered a free download of MS Security Essentials. I did not do that. I figured it was redundant to what I already have?
Sorry about such a lengthy reply, but I wanted to detail everything as there were a few areas I felt uncertain about. But like always, I appreciate your diligence and perseverance!!!!!!
1)Startup Lite: I downloaded. It disabled java update, but kept AdobeArm exe. I'm OK with that if you are.
2)I read both articles on "Computer Running Slowly" Performed suggested cleanups. But I DID NOT to a cleanup for System Restore Points. Relevant? Irrelevant?
3)Uninstalled Combo Fix.
4)Put OTL back on desktop. It did not have a right-click option to "run as administrator". So I just opened it anyways and ran the "cleanup" button. AOK?
5)Under your "Keep System Updated" suggested topic, I could not find anything regarding "Install Active X" using the link you provided. So I did nothing with that suggestion yet.
6) Installed IE8, even though I do use Firefox. That took quite a bit of time.
7)Update Firefox to version 9
8) Wasn't sure what to do with the warnings of "cracked programs" and the two links provided of Sourceforge and Pricelessware. Advice?
9)Downloaded Scriptdefender but have no idea what I am supposed to do with it, if anything. Advice?
10)Host Files is a new area of knowledge for me. So, I think I unzipped MVPS properly and placed the hosts list properly into C/Windows?system32/drivers/etc. Gulp! I don't have any idea if I really did this correctly. Also, if I did do it correctly, I have no idea what to do with it, if anything. Will it flash warnings? Does it need maintenance? This part worries me a bit!
11)Did not install WinPatrol yet. It talked about some conflicting issues with Firefox that they were working on. So, don't know if I should bother now, later...or ever?
12)One of the links, I don't remember where now, took me to an MS page that offered a free download of MS Security Essentials. I did not do that. I figured it was redundant to what I already have?
Sorry about such a lengthy reply, but I wanted to detail everything as there were a few areas I felt uncertain about. But like always, I appreciate your diligence and perseverance!!!!!!
#24
Posted 27 December 2011 - 06:50 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Hi.
Fair play... please bare with me as I am unable to reply in full at this time due to personal/family commitments but will do so the next forty-eight hours I assure you.Here comes a long reply of what I did and what I did not do. Please bear with me for a bit more!
#25
Posted 29 December 2011 - 03:58 PM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Hi.
That is fine.1)Startup Lite: I downloaded. It disabled java update, but kept AdobeArm exe. I'm OK with that if you are.
Part of ComboFix's uninstall routine would have flushed the SR points then set a new safe/clean one.I read both articles on "Computer Running Slowly" Performed suggested cleanups. But I DID NOT to a cleanup for System Restore Points. Relevant? Irrelevant?
My apologies, I posted the instructions for a Vista/Windows 7 machine by mistake, however what you did is just fine.Put OTL back on desktop. It did not have a right-click option to "run as administrator". So I just opened it anyways and ran the "cleanup" button. AOK?
It may have changed then, just keep using Windows Update as normal etc.5)Under your "Keep System Updated" suggested topic, I could not find anything regarding "Install Active X" using the link you provided. So I did nothing with that suggestion yet.
Even if not used it is prudent to keep all installed software on a machine updated from a online security point of view.Installed IE8, even though I do use Firefox. That took quite a bit of time.
Merely friendly advice where safe/clean freeware software can be downloaded from etc.Wasn't sure what to do with the warnings of "cracked programs" and the two links provided of Sourceforge and Pricelessware. Advice?
This explains how to use it.Downloaded Scriptdefender but have no idea what I am supposed to do with it, if anything. Advice?
Sounds just fine what you mentioned...no need to take any further action at this time.Host Files is a new area of knowledge for me. So, I think I unzipped MVPS properly and placed the hosts list properly into C/Windows?system32/drivers/etc. Gulp! I don't have any idea if I really did this correctly. Also, if I did do it correctly, I have no idea what to do with it, if anything. Will it flash warnings? Does it need maintenance? This part worries me a bit!
Fair play/your choice to download and install or not...though I have not noticed a conflict with Firefox on any of my machines with WinPatrol installed.Did not install WinPatrol yet. It talked about some conflicting issues with Firefox that they were working on. So, don't know if I should bother now, later...or ever?
Correct.One of the links, I don't remember where now, took me to an MS page that offered a free download of MS Security Essentials. I did not do that. I figured it was redundant to what I already have?
#26
Posted 30 December 2011 - 07:42 PM
Bob_C
- Topic Starter
-
- Member
-
- 79 posts
Member
Perhaps a last thank you. Things from here:
1) I'll hope scriptdefender is helpful and not confusing if it gives a warning
2) Ditto MVPS
3) I'll check out winpatrol again and then if used, ditto the above.
4) I'll assume it's time to let you go!!
Peace to you on the new year ahead.
And thanks.
1) I'll hope scriptdefender is helpful and not confusing if it gives a warning
2) Ditto MVPS
3) I'll check out winpatrol again and then if used, ditto the above.
4) I'll assume it's time to let you go!!
Peace to you on the new year ahead.
And thanks.
#27
Posted 04 January 2012 - 05:33 AM
Dakeyras
-
- Expert
-
- 9,772 posts
Anti-Malware Mammoth
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
