[ogam5]

.....will do, sometime tomorrow afternoon - in the meantime, hope you're off to a great weekend, Cav:)

[Advertisements]

Thanks for the update and you have a great one also

[CompCav]

Thanks for the update and you have a great one also

[ogam5]

.....thanks, and you're welcome:) Also wanted to pass along that I downloaded Firefox 13 a few minutes go - anything I should be aware of as to idiosyncrasies with it, related to my difficulties or otherwise?

[CompCav]

So downloading is now working? Great!!!

Can you download the other things as well??

FF 13 is no significant change to me.

[CompCav]

Please go ahead and download either Avast or Microsoft Security Essentials and install them for your protection!!


Regards,

CompCav

[ogam5]

.....no, it was a Desktop-based prompt; didn't originate online - so downloading problems not resolved yet.....did notice that I have McAfee Security Scan Plus in my Programs list - installed, by all indications; will investigate further tomorrow.....

[CompCav]

Thanks for the clarification...this is a strange one for downloads.

[ogam5]

.....OK, ran the new ComboFix scan exactly as instructed - one caveat: Malwarebytes was in the backgrounds as you didn't seem to instruct me to disable it.....also, going to check out the McAfee feature I mentioned Friday and see what happens with trying to activate it - will try to download Avast! (again, with reservations given its massive size) first on Firefox and then IE as also directed.....oh, before I forget: getting prompts that my version of JavaScript is inadequate with some sites - can you confirm that? Thanks as always, CC!


ComboFix 12-06-16.02 - User 06/17/2012 16:09:26.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.510.200 [GMT -4:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((( Files Created from 2012-05-17 to 2012-06-17 )))))))))))))))))))))))))))))))
.
.
2012-06-16 05:00 . 2012-06-16 05:00 32072 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2012-06-14 00:27 . 2012-06-14 00:27 -------- dc----w- C:\_OTL
2012-06-02 05:28 . 2012-06-04 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess
2012-06-02 05:26 . 2012-06-04 19:35 -------- d-----w- c:\documents and settings\User\Application Data\Skype
2012-06-02 05:17 . 2012-06-04 19:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2012-05-29 11:26 . 2012-06-04 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\SecTaskMan
2012-05-29 09:19 . 2012-05-29 09:20 -------- d-----w- c:\documents and settings\User\Application Data\IObit
2012-05-29 09:18 . 2012-05-29 09:18 -------- d-----w- c:\program files\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 19:56 . 2011-05-20 00:25 22344 -c--a-w- c:\windows\system32\drivers\mbam.sys
2012-06-17 06:56 . 2012-06-17 06:56 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyDocs"= 1 (0x1)
"NoFavoritesMenu"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 07:56 15360 -c--a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-03-07 19:33 421160 -c--a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-04-04 19:56 462408 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 21:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MBAMService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Rhapsody\\rhapsody.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50000:UDP"= 50000:UDP:IHA_MessageCenter
.
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-06-16 32072]
R3 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2004-08-04 14336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page =
Trusted Zone: streamwrhu.net\live
TCP: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\2dx88my5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-17 16:29
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1228)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wscntfy.exe
c:\windows\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\update\update.exe
.
**************************************************************************
.
Completion time: 2012-06-17 16:44:50 - machine was rebooted
ComboFix-quarantined-files.txt 2012-06-17 20:44
ComboFix2.txt 2012-06-15 13:09
ComboFix3.txt 2012-06-15 00:48
.
Pre-Run: 3,067,150,336 bytes free
Post-Run: 2,683,654,144 bytes free
.
- - End Of File - - F7ED85379B2DA466C5563AE2E527CB50

[CompCav]

Your Java is out of date and several other items need updating which we can do after you get Avast or Microsoft Security Essentials running.

[ogam5]

.....as space is at a premium, do NOT want to download IE8 - sending this via Safari instead, but the attempt to download Avast! also got hung up on it too - and I want to ask: why is it that you directed me to uninstall IOBit Fighter in favor of Malwarebytes because the latter is much smaller, yet now you're pushing for me to install Avast! which, as I've said previously, in its present form is MASSIVE (unless there's a version which is much smaller that's available) and I can only presume you're going to next advise me to NOT reinstall SuperAntiSpyware (which, all things being equal, has been MUCH more reliable than Avast! usually was - almost ALWAYS caught malware with every nightly scan).....interestingly, did not fatally freeze up the browser as with Firefox but, then again, unlike FF, it's formatted to open separate windows - maybe that's a factor, in which case that to me once more points to RAM issues.....also, you DID actually instruct me to disable Malwarebytes after all - sorry for the oversight; do you want me to run ComboFix again? Will try to a) install updates pending (of which I suspect Java is one) and b) check out the McAfee feature, see if it's actually installed itself.....

[CompCav]

Malwarebytes' has proven to be more effective than the IOBIT product in testing.

Posts 22 and 24 discuss why of this. I am recommending a course of action based on sound principles and recommendations consistent with our website guidelines. If you choose to do differently, that is your right. But we believe not following these guides increases your risk of infection and may makes it more difficult to completely clean your machine.


You apparently want to keep all the data you have on this machine. So I would also recommend this:

The data you have on that hard drive needs to be backed up. If the hard drive is as old as the computer it could fail and you would need to replace it and you would lose your data. You need to back up the data.

You can backup to DVD's, external hard drives connected by USB, and flash USB drives.

Here is a linux (Puppy Linux) bootable CD you can create and use to move the data and save it.

[ogam5]

.....and I'm in some agreement with you concerning Malwarebytes because I've had success with it in the past - that said, IO did pick up on a couple of Trojans - as for these resident antivirals such as Avast! (which if you could determine, please tell me what kind of MBs I'd need for both that and the MS Suite) I still don't completely understand the distinction between either of them and Malwarebytes as it IS running as background protection - again, SuperAntiSpyware was working extremely well and I DON"T want to forego it in light of that.....to clarify, the harddrive itself was installed somewhere between 3-4 years ago - it's the CPU that goes back to the early oughts, which is why I don't have any frontal USB ports. Bottom line: I just don't have the resources, financial or in terms of capacity, to download another 300 MB minimum of programs and transferring the data is not a realistic option for more than just the reasons I've already stated - once I (if EVER) get back on my feet I'm planning to get a sizable upgrade in terms of space.....as for the puppy Linux program, where exactly would I put the backup data anyhow under the circumstances I've cited? I know; it's a very frustrating situation and I have no choice but to make the best of it - next order of business is to try and get my brake line fixed tomorrow.....but I am attempting to install SP3 as we speak; not sure if it's happening as designed though - very slow going, it appears.....

[CompCav]

as for the puppy Linux program, where exactly would I put the backup data anyhow under the circumstances I've cited?

Yo could use DVD's at about 4.7 GB per disk or purchase a USB flash drive to use on the back at 8 GB or so.

You can install SuperAntiSpyware anytime you wish.

[ogam5]

.....does that also go for CD-Rs as well? Don't have a DVD feature with this player.....problem still remains, though: what happened in the course of attempting to correct operations and remove the more challenging malware that I still can't download now at all? That wasn't a problem before we began.....on a much more positive note, SP3 appears to be installing successfully - although at something of a snail's pace, I suspect.....if you could please give me some idea, though, how large are the Avast! and MS Security Suite programs so I can confirm my suspicions? Not sure it's information readily available on the Internet.....do you want me to run ComboFix again minus Malwarebytes as background?

[CompCav]

.....does that also go for CD-Rs as well?

Yes at about 700 MB per disc.

if you could please give me some idea, though, how large are the Avast! and MS Security Suite programs so I can confirm my suspicions?

You can go to www.avast.com and herefor information on Security essentials,


How are you connecting to post here if you are installing SP3?

.do you want me to run ComboFix again minus Malwarebytes as background?

No it ran fine and completed, that is what counts.

Some downloads are coming through like SP3 and Firefox what happens exactly when you try something else?

Regards,

CompCav