Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Very high CPU usage (PUM.Hijack, fastdownload.exe, trojan, rootkit) [S


  • This topic is locked This topic is locked

#16
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I re-installed Comodo Firewall and AVG, yet all of the issues I stated in my first post still exist.

Edited by Jacksown, 03 January 2012 - 08:29 PM.

  • 0

Advertisements


#17
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

could you please tell me what's currently using most CPU?

regards myrti
  • 0

#18
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
It is usally system, but right now its mbamservice.exe (90,212k mem usage). Explorer.exe at 57,000k; chrome.exe at 54,000k; chrome.exe at 50,000k; CLPS.exe at 40,000k; svchost at 39,000k.

Malwarebytes Anti-Malware continues to block incoming and outgoing connections to malicious websites, Comodo Firewall still doesn't load with windows, CPU Usage idleing at 51%+.

Just restarted my computer. The same processes are running and using about the same amount of memory. However, CPU usage is at 5% when i start my computer. So, something triggers the high cpu usage. One thing that always makes it go up over 50% is when I access one of my secondary hard drives and browse or play the media located there. Once I browse or play something, cpu usage goes above 50% and never goes under 50%, even after I close everything that I opened. Don't know if any of this information helps.

Edited by Jacksown, 03 January 2012 - 09:17 PM.

  • 0

#19
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

could you create a bootable flash drive? There are some things I'd like to check:

Try this please. You will need a USB drive.

Download http://unetbootin.so...dows-latest.exe & http://noahdfear.net.../xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK and make sure to select the downloaded ISO file as source and don't let the installer get the linux from th internet.
  • It will install a little bootable OS on your USB
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • You will see a list of folders: sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB, please open that and confirm it's your flash drive.
  • If it is your flash drive press Tool at the top
  • Choose Open Terminal
  • Type in: dd if=/dev/sda of=MBRbackup.zip bs=512 count=1 and hit Enter.

MBRbackup.zip should be created on your flash drive, please attach it to your next reply.
  • 0

#20
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I'm to the point where I open the mnt folder. sdb1 is my primary drive, not my USB. sda1 and sdc1 are my secondary drives. My USB drive is not under mnt.

"sdb1 is likely your USB, please open that and confirm it's your flash drive." - It is not in this case.
  • 0

#21
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

can you go online while booted from the flash drive? If so just save it anywhere and upload it directly from within xpud.

Otherwise just store it somewhere where you know you'll find it once you reboot under Windows and upload it from that location. Saving it to the flash drive is not strictly necessary (unless you can't boot into your windows), it's just easiest to explain.

regards myrti
  • 0

#22
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I have attached the MBRbackup. Thank you.

Attached Files


  • 0

#23
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi.

the mbr is clean too. I'm not really seeing any sign of infection at the moment. Do you still have symptoms, besides the firewall/slowness issue.

Was your pc back to normal speed when both avg and comodo where uninstalled?

regards myrti
  • 0

#24
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
1.)I think I found a solution to my high CPU usage problem.

Every time I would open any file from my secondary drive (picture, music, movie), my CPU usage would jump from idling at 3% to being stuck at over 50%, and eventually getting stuck at 100%. At this point, the only thing I was initially able to do to get the CPU usage down to normal was restart my computer.

I looked at processes in task manager once again and noticed that explorer.exe was taking up 70 to 99 in the CPU column whenever I opened a file in my secondary drive. I then selected explorer.exe in task manager and ended the process. I next clicked on the applications tab, clicked the new task button, typed in explorer.exe and hit enter. CPU usage instanly dropped down to 3% and my computer was running normally.

After this, I moved some of the files I opened from my secondary drive to my primary drive to see if opening them there caused any problems. No problems encountered.

I looked at my secondary drive again and noticed that there were over 35,000 files and over 2,000 folders on there. I also noticed that almost all of the files were either pictures or movies and the view thumbnails option was selected. That seemed like a lot of thumbnails for my drive/computer to process, so I changed everything on the hard drive to list view. It seems to have solved the high cpu usage problem.

I'm not sure if that is exactly the best fix, but I don't have the high CPU usage problem I had before.


I also came across this forum post (http://club.myce.com...pu-usage-74137/), which seems to be a very similar if not same issue I was having. They talked about corrupt movie files being the problem and that deleting them would solve the issue. They also talked about editing the registry as another way to fix the probelm. I have not taken any of the steps they recommended yet because I'd like to hear what you have to say first. Here is an example of what one person said was a fix:

The obnoxious bug in XP that causes Explorer to read the entire contents of broken AVI files before allowing any access to them is caused by bad behavior of shmedia.dll.

This problem manifests itself by causing Explorer to read the entire contents of an AVI file, regarless of its size or location any time the mouse pointer is hovered over it, or an attempt is made to access it in windows explorer. This causes 'permission denied' errors when trying to simply move, copy or delete these files as they cannot be changed while Explorer has an open handle on them.

This also causes a DoS situation where large AVI's are stored on remote shares and Explorer keeps reading the files from beginning to end each time they are accessed.

To correct this misbehavior in Windows XP, remove the following registry key.

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}\InProcServer32

This will prevent Explorer from loading shmedia.dll in response to file property queries on these files. This will not effect your ability to play files, get file attributes, or even view thumbnails. Say goodbye to all explorer.exe 100% CPU issues.

And Solution #2 (basically does the same thing, except you are inactivating the file attributes option)...But it WORKS--No more locked .avi files:

Well windows seem to have a REALLY big problem when it comes to reading AVI files. It seems that when you click on an AVI file in explorer, it'll try to read the entire AVI file to determine the width,height, etc. of the AVI file (this is displayed in the Properties window). Now the problem with Windows is that if you have a broken/not fully downloaded AVI file that doesnt contain this info, Windows will scan the entire AVI file trying to figure out all these properties which in the process will probably cause 100% CPU usage and heavy memory usage.

To solve this problem all you have to do is the following:

1. Open up regedit
2. Goto HKEY_CLASSES_ROOT\SystemFileAs
sociations\.avi\shellex\PropertyHandler
3. Delete the "Default" value which should be "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"

Please note that this will no longer provide you with the windows properties displaying the AVI file information such as width, height, bitrate etc. But its a small price to pay for saving you resources.



2.) My firewall still doesn't start with windows, but maybe that isn't an issue. It could just be working in the backgroud?

3.) Malwarebytes still has pop up warnings about incoming and outgoing connections to possible malicious websites. Don't really understand that.

Edited by Jacksown, 05 January 2012 - 12:38 AM.

  • 0

#25
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

I think we are still looking at an infection, most notably due to the incoming/outgoing connections that are being blocked. Could you close down all applications (except MBAM obviously) and let me know if those blocked connections still show?

Please also run TDSSKiller again:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Please also run a scan with Eset:
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

  • 0

Advertisements


#26
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
The blocked connections are still coming up. TDSSKiller and ESET did not find any problems.


15:06:33.0968 4780 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
15:06:34.0687 4780 ============================================================
15:06:34.0687 4780 Current date / time: 2012/01/05 15:06:34.0687
15:06:34.0687 4780 SystemInfo:
15:06:34.0687 4780
15:06:34.0687 4780 OS Version: 5.1.2600 ServicePack: 3.0
15:06:34.0687 4780 Product type: Workstation
15:06:34.0687 4780 ComputerName: SERVER
15:06:34.0687 4780 UserName: Home Server
15:06:34.0687 4780 Windows directory: C:\WINDOWS
15:06:34.0687 4780 System windows directory: C:\WINDOWS
15:06:34.0687 4780 Processor architecture: Intel x86
15:06:34.0687 4780 Number of processors: 4
15:06:34.0687 4780 Page size: 0x1000
15:06:34.0687 4780 Boot type: Normal boot
15:06:34.0687 4780 ============================================================
15:06:36.0421 4780 Initialize success
15:07:09.0203 1708 ============================================================
15:07:09.0203 1708 Scan started
15:07:09.0203 1708 Mode: Manual;
15:07:09.0203 1708 ============================================================
15:07:10.0171 1708 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
15:07:10.0171 1708 61883 - ok
15:07:10.0187 1708 Abiosdsk - ok
15:07:10.0203 1708 abp480n5 - ok
15:07:10.0234 1708 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:07:10.0234 1708 ACPI - ok
15:07:10.0296 1708 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:07:10.0296 1708 ACPIEC - ok
15:07:10.0312 1708 adpu160m - ok
15:07:10.0343 1708 aeaudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\aeaudio.sys
15:07:10.0359 1708 aeaudio - ok
15:07:10.0390 1708 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:07:10.0390 1708 aec - ok
15:07:10.0421 1708 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
15:07:10.0437 1708 Afc - ok
15:07:10.0468 1708 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:07:10.0468 1708 AFD - ok
15:07:10.0484 1708 Aha154x - ok
15:07:10.0484 1708 aic78u2 - ok
15:07:10.0500 1708 aic78xx - ok
15:07:10.0531 1708 AliIde - ok
15:07:10.0531 1708 amsint - ok
15:07:10.0562 1708 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:07:10.0562 1708 Arp1394 - ok
15:07:10.0593 1708 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
15:07:10.0718 1708 ASAPIW2k - ok
15:07:10.0765 1708 asc - ok
15:07:10.0781 1708 asc3350p - ok
15:07:10.0796 1708 asc3550 - ok
15:07:10.0828 1708 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:07:10.0828 1708 AsyncMac - ok
15:07:10.0859 1708 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:07:10.0859 1708 atapi - ok
15:07:10.0875 1708 Atdisk - ok
15:07:10.0921 1708 ATIAVPCI (7a7a021eff81568bc9043d254a585a78) C:\WINDOWS\system32\DRIVERS\atinavrr.sys
15:07:10.0953 1708 ATIAVPCI - ok
15:07:10.0984 1708 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:07:10.0984 1708 Atmarpc - ok
15:07:11.0031 1708 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:07:11.0031 1708 audstub - ok
15:07:11.0062 1708 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
15:07:11.0062 1708 Avc - ok
15:07:11.0109 1708 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
15:07:11.0109 1708 AVGIDSDriver - ok
15:07:11.0125 1708 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
15:07:11.0125 1708 AVGIDSEH - ok
15:07:11.0140 1708 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
15:07:11.0140 1708 AVGIDSFilter - ok
15:07:11.0156 1708 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
15:07:11.0156 1708 AVGIDSShim - ok
15:07:11.0187 1708 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:07:11.0203 1708 Avgldx86 - ok
15:07:11.0218 1708 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:07:11.0218 1708 Avgmfx86 - ok
15:07:11.0234 1708 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:07:11.0234 1708 Avgrkx86 - ok
15:07:11.0250 1708 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:07:11.0265 1708 Avgtdix - ok
15:07:11.0281 1708 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:07:11.0281 1708 Beep - ok
15:07:11.0343 1708 catchme - ok
15:07:11.0359 1708 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:07:11.0375 1708 cbidf2k - ok
15:07:11.0390 1708 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:07:11.0390 1708 CCDECODE - ok
15:07:11.0406 1708 cd20xrnt - ok
15:07:11.0421 1708 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:07:11.0421 1708 Cdaudio - ok
15:07:11.0437 1708 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:07:11.0437 1708 Cdfs - ok
15:07:11.0453 1708 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:07:11.0468 1708 Cdrom - ok
15:07:11.0468 1708 Changer - ok
15:07:11.0531 1708 cmdGuard (a2c97b4f0db351930d58f467948dc51d) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
15:07:11.0546 1708 cmdGuard - ok
15:07:11.0562 1708 cmdHlp (a736f2263310fee1799de88cb50c1023) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
15:07:11.0562 1708 cmdHlp - ok
15:07:11.0578 1708 CmdIde - ok
15:07:11.0593 1708 Cpqarray - ok
15:07:11.0609 1708 dac2w2k - ok
15:07:11.0609 1708 dac960nt - ok
15:07:11.0640 1708 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:07:11.0640 1708 Disk - ok
15:07:11.0671 1708 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:07:11.0703 1708 dmboot - ok
15:07:11.0718 1708 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:07:11.0734 1708 dmio - ok
15:07:11.0750 1708 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:07:11.0750 1708 dmload - ok
15:07:11.0781 1708 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:07:11.0781 1708 DMusic - ok
15:07:11.0812 1708 dpti2o - ok
15:07:11.0812 1708 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:07:11.0812 1708 drmkaud - ok
15:07:11.0843 1708 E1000 (3044851b3c5286a908a6a4d1166328aa) C:\WINDOWS\system32\DRIVERS\e1000325.sys
15:07:11.0859 1708 E1000 - ok
15:07:11.0906 1708 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:07:11.0906 1708 Fastfat - ok
15:07:11.0921 1708 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:07:11.0921 1708 Fdc - ok
15:07:11.0937 1708 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:07:11.0937 1708 Fips - ok
15:07:11.0953 1708 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:07:11.0968 1708 Flpydisk - ok
15:07:11.0984 1708 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:07:11.0984 1708 FltMgr - ok
15:07:12.0000 1708 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:07:12.0000 1708 Fs_Rec - ok
15:07:12.0015 1708 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:07:12.0015 1708 Ftdisk - ok
15:07:12.0046 1708 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:07:12.0046 1708 GEARAspiWDM - ok
15:07:12.0078 1708 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:07:12.0078 1708 Gpc - ok
15:07:12.0093 1708 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:07:12.0109 1708 hidusb - ok
15:07:12.0109 1708 hpn - ok
15:07:12.0140 1708 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:07:12.0171 1708 HPZid412 - ok
15:07:12.0203 1708 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:07:12.0203 1708 HPZipr12 - ok
15:07:12.0218 1708 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:07:12.0218 1708 HPZius12 - ok
15:07:12.0250 1708 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:07:12.0265 1708 HTTP - ok
15:07:12.0281 1708 i2omgmt - ok
15:07:12.0296 1708 i2omp - ok
15:07:12.0312 1708 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:07:12.0312 1708 i8042prt - ok
15:07:12.0328 1708 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:07:12.0328 1708 Imapi - ok
15:07:12.0343 1708 ini910u - ok
15:07:12.0375 1708 Inspect (456003490faa4a2361ceacbfb6409172) C:\WINDOWS\system32\DRIVERS\inspect.sys
15:07:12.0375 1708 Inspect - ok
15:07:12.0406 1708 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:07:12.0406 1708 IntelIde - ok
15:07:12.0421 1708 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:07:12.0421 1708 intelppm - ok
15:07:12.0437 1708 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:07:12.0437 1708 Ip6Fw - ok
15:07:12.0468 1708 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:07:12.0468 1708 IpFilterDriver - ok
15:07:12.0468 1708 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:07:12.0484 1708 IpInIp - ok
15:07:12.0500 1708 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:07:12.0500 1708 IpNat - ok
15:07:12.0515 1708 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:07:12.0515 1708 IPSec - ok
15:07:12.0546 1708 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:07:12.0546 1708 IRENUM - ok
15:07:12.0578 1708 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:07:12.0578 1708 isapnp - ok
15:07:12.0593 1708 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:07:12.0593 1708 Kbdclass - ok
15:07:12.0625 1708 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:07:12.0625 1708 kbdhid - ok
15:07:12.0640 1708 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:07:12.0640 1708 kmixer - ok
15:07:12.0671 1708 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:07:12.0671 1708 KSecDD - ok
15:07:12.0687 1708 lbrtfdc - ok
15:07:12.0718 1708 MarvinBus (d51e16339213898bc20c58670274ec3e) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
15:07:12.0718 1708 MarvinBus - ok
15:07:12.0734 1708 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
15:07:12.0750 1708 MBAMProtector - ok
15:07:12.0781 1708 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:07:12.0781 1708 mnmdd - ok
15:07:12.0796 1708 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:07:12.0812 1708 Modem - ok
15:07:12.0828 1708 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:07:12.0828 1708 Mouclass - ok
15:07:12.0843 1708 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:07:12.0843 1708 mouhid - ok
15:07:12.0859 1708 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:07:12.0859 1708 MountMgr - ok
15:07:12.0890 1708 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
15:07:12.0890 1708 MPE - ok
15:07:12.0906 1708 mraid35x - ok
15:07:12.0937 1708 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:07:12.0937 1708 MRxDAV - ok
15:07:13.0000 1708 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:07:13.0000 1708 MRxSmb - ok
15:07:13.0046 1708 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
15:07:13.0046 1708 MSDV - ok
15:07:13.0062 1708 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:07:13.0062 1708 Msfs - ok
15:07:13.0093 1708 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:07:13.0093 1708 MSKSSRV - ok
15:07:13.0125 1708 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:07:13.0125 1708 MSPCLOCK - ok
15:07:13.0140 1708 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:07:13.0140 1708 MSPQM - ok
15:07:13.0156 1708 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:07:13.0156 1708 mssmbios - ok
15:07:13.0187 1708 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:07:13.0187 1708 MSTEE - ok
15:07:13.0203 1708 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:07:13.0218 1708 Mup - ok
15:07:13.0250 1708 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:07:13.0250 1708 NABTSFEC - ok
15:07:13.0281 1708 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:07:13.0281 1708 NDIS - ok
15:07:13.0296 1708 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:07:13.0296 1708 NdisIP - ok
15:07:13.0343 1708 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:07:13.0343 1708 NdisTapi - ok
15:07:13.0359 1708 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:07:13.0359 1708 Ndisuio - ok
15:07:13.0375 1708 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:07:13.0390 1708 NdisWan - ok
15:07:13.0406 1708 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:07:13.0406 1708 NDProxy - ok
15:07:13.0421 1708 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:07:13.0421 1708 NetBIOS - ok
15:07:13.0437 1708 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:07:13.0437 1708 NetBT - ok
15:07:13.0484 1708 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:07:13.0484 1708 NIC1394 - ok
15:07:13.0500 1708 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:07:13.0500 1708 Npfs - ok
15:07:13.0531 1708 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:07:13.0546 1708 Ntfs - ok
15:07:13.0562 1708 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:07:13.0562 1708 Null - ok
15:07:13.0875 1708 nv (e12ffbf01d371bbfc5762284eefcec31) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:07:14.0125 1708 nv - ok
15:07:14.0171 1708 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:07:14.0171 1708 NwlnkFlt - ok
15:07:14.0187 1708 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:07:14.0187 1708 NwlnkFwd - ok
15:07:14.0203 1708 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:07:14.0203 1708 ohci1394 - ok
15:07:14.0234 1708 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:07:14.0234 1708 Parport - ok
15:07:14.0250 1708 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:07:14.0265 1708 PartMgr - ok
15:07:14.0281 1708 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:07:14.0281 1708 ParVdm - ok
15:07:14.0296 1708 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:07:14.0296 1708 PCI - ok
15:07:14.0312 1708 PCIDump - ok
15:07:14.0343 1708 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
15:07:14.0343 1708 PCIIde - ok
15:07:14.0359 1708 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:07:14.0375 1708 Pcmcia - ok
15:07:14.0375 1708 PDCOMP - ok
15:07:14.0390 1708 PDFRAME - ok
15:07:14.0406 1708 PDRELI - ok
15:07:14.0421 1708 PDRFRAME - ok
15:07:14.0437 1708 perc2 - ok
15:07:14.0437 1708 perc2hib - ok
15:07:14.0484 1708 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:07:14.0484 1708 PptpMiniport - ok
15:07:14.0515 1708 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:07:14.0515 1708 PSched - ok
15:07:14.0531 1708 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:07:14.0546 1708 Ptilink - ok
15:07:14.0578 1708 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:07:14.0578 1708 PxHelp20 - ok
15:07:14.0593 1708 ql1080 - ok
15:07:14.0609 1708 Ql10wnt - ok
15:07:14.0609 1708 ql12160 - ok
15:07:14.0625 1708 ql1240 - ok
15:07:14.0640 1708 ql1280 - ok
15:07:14.0656 1708 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:07:14.0656 1708 RasAcd - ok
15:07:14.0671 1708 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:07:14.0687 1708 Rasl2tp - ok
15:07:14.0703 1708 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:07:14.0703 1708 RasPppoe - ok
15:07:14.0703 1708 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:07:14.0718 1708 Raspti - ok
15:07:14.0734 1708 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:07:14.0734 1708 Rdbss - ok
15:07:14.0750 1708 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:07:14.0750 1708 RDPCDD - ok
15:07:14.0765 1708 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:07:14.0781 1708 rdpdr - ok
15:07:14.0812 1708 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:07:14.0812 1708 RDPWD - ok
15:07:14.0828 1708 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:07:14.0843 1708 redbook - ok
15:07:14.0906 1708 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:07:14.0906 1708 Secdrv - ok
15:07:14.0921 1708 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:07:14.0921 1708 serenum - ok
15:07:14.0937 1708 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:07:14.0937 1708 Serial - ok
15:07:14.0984 1708 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:07:14.0984 1708 Sfloppy - ok
15:07:15.0015 1708 SI3112 (83409d0f9c886db038dcc4d377955c6a) C:\WINDOWS\system32\DRIVERS\SI3112.sys
15:07:15.0015 1708 SI3112 - ok
15:07:15.0031 1708 Simbad - ok
15:07:15.0062 1708 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:07:15.0062 1708 SLIP - ok
15:07:15.0109 1708 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys
15:07:15.0125 1708 smwdm - ok
15:07:15.0140 1708 Sparrow - ok
15:07:15.0156 1708 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:07:15.0156 1708 splitter - ok
15:07:15.0187 1708 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:07:15.0187 1708 sr - ok
15:07:15.0218 1708 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:07:15.0234 1708 Srv - ok
15:07:15.0250 1708 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:07:15.0250 1708 streamip - ok
15:07:15.0265 1708 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:07:15.0265 1708 swenum - ok
15:07:15.0281 1708 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:07:15.0296 1708 swmidi - ok
15:07:15.0312 1708 symc810 - ok
15:07:15.0312 1708 symc8xx - ok
15:07:15.0328 1708 sym_hi - ok
15:07:15.0343 1708 sym_u3 - ok
15:07:15.0359 1708 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:07:15.0359 1708 sysaudio - ok
15:07:15.0406 1708 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:07:15.0406 1708 Tcpip - ok
15:07:15.0421 1708 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:07:15.0421 1708 TDPIPE - ok
15:07:15.0437 1708 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:07:15.0437 1708 TDTCP - ok
15:07:15.0453 1708 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:07:15.0453 1708 TermDD - ok
15:07:15.0484 1708 TosIde - ok
15:07:15.0515 1708 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:07:15.0531 1708 Udfs - ok
15:07:15.0531 1708 ultra - ok
15:07:15.0562 1708 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:07:15.0578 1708 Update - ok
15:07:15.0609 1708 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:07:15.0625 1708 USBAAPL - ok
15:07:15.0656 1708 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:07:15.0656 1708 usbccgp - ok
15:07:15.0671 1708 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:07:15.0687 1708 usbehci - ok
15:07:15.0687 1708 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:07:15.0703 1708 usbhub - ok
15:07:15.0718 1708 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:07:15.0718 1708 usbprint - ok
15:07:15.0750 1708 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:07:15.0750 1708 usbscan - ok
15:07:15.0796 1708 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:07:15.0796 1708 USBSTOR - ok
15:07:15.0828 1708 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:07:15.0828 1708 usbuhci - ok
15:07:15.0843 1708 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:07:15.0843 1708 VgaSave - ok
15:07:15.0859 1708 ViaIde - ok
15:07:15.0875 1708 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:07:15.0875 1708 VolSnap - ok
15:07:15.0906 1708 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:07:15.0906 1708 Wanarp - ok
15:07:15.0921 1708 WDICA - ok
15:07:15.0953 1708 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:07:15.0953 1708 wdmaud - ok
15:07:16.0015 1708 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
15:07:16.0046 1708 WpdUsb - ok
15:07:16.0078 1708 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:07:16.0078 1708 WSTCODEC - ok
15:07:16.0125 1708 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:07:16.0140 1708 \Device\Harddisk0\DR0 - ok
15:07:16.0156 1708 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
15:07:16.0234 1708 \Device\Harddisk1\DR1 - ok
15:07:16.0234 1708 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
15:07:16.0250 1708 \Device\Harddisk2\DR2 - ok
15:07:16.0250 1708 Boot (0x1200) (ab15f429bfb323a02fad31db39951d87) \Device\Harddisk0\DR0\Partition0
15:07:16.0250 1708 \Device\Harddisk0\DR0\Partition0 - ok
15:07:16.0250 1708 Boot (0x1200) (f0a91e378a124043fe724d6c68cfefed) \Device\Harddisk1\DR1\Partition0
15:07:16.0250 1708 \Device\Harddisk1\DR1\Partition0 - ok
15:07:16.0265 1708 Boot (0x1200) (34c21760a4f66db70b90aa4a4fd38477) \Device\Harddisk2\DR2\Partition0
15:07:16.0265 1708 \Device\Harddisk2\DR2\Partition0 - ok
15:07:16.0265 1708 ============================================================
15:07:16.0265 1708 Scan finished
15:07:16.0265 1708 ============================================================
15:07:16.0281 0548 Detected object count: 0
15:07:16.0281 0548 Actual detected object count: 0
15:07:40.0484 5444 Deinitialize success
  • 0

#27
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

do you have any internet programs open currently? Browser, Chat program, file sharer?

reagrds myrti
  • 0

#28
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Hello,

I'm not getting anymore notifications from Malwarebytes. I aslo talked to Comodo Firewall support and they helped me fix my Firewall issue. I'm not having any other computer issues, so thank you very much for your help.
  • 0

#29
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

happy to hear that! :)

As a final step please remove the tools we used:
Please do the following to clean up your PC:
  • Delete the tools used during the disinfection:
  • Uninstall ComboFix.exe And all Backups of the files it deleted
    • Click START then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      Posted Image
    • Download OTC from the following mirror and save it to your desktop:
    • Double click on Posted Image
    • Push the large "Cleanup" button.
    • Allow your system to reboot.
  • If OTC faild to remove all programs from your Desktop, please delete the rest manually.
Please read these advices, in order to prevent reinfecting your PC:
  • Install and update the following programs regularly:
    • an outbound firewall
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
    • MVPs hosts file
      A tutorial for MVPs hosts file can be found here. If you would like automatic updates you might want to take a look at HostMan host file manager. For more information on thehosts file, and what it can do for you,please consult the Tutorial on the Hosts file
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holeswill allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variantsevery single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing :(.
Some more links you might find of interest:Have a nice day
myrti
  • 0

#30
Jacksown

Jacksown

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
Done. Thank you!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP