Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

windows xp booting up and running very slowly [Solved]

Started by brynndar , Jul 26 2012 06:00 PM

  • This topic is locked This topic is locked

#16
brynndar
Posted 03 September 2012 - 12:14 PM

brynndar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I'm sure I don't need Java. I'm sure I just have it because I though I was supposed to have it at some point.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-03 10:27:36
-----------------------------
10:27:36.984 OS Version: Windows 5.1.2600 Service Pack 3
10:27:36.984 Number of processors: 1 586 0x5F02
10:27:36.984 ComputerName: DWAYNE-2DE6E15F UserName: Lori
10:27:40.343 Initialize success
10:28:42.671 AVAST engine defs: 12090300
11:07:50.375 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
11:07:50.375 Disk 0 Vendor: WDC_WD2500JS-60MHB5 10.02E04 Size: 238475MB BusType: 3
11:07:50.390 Disk 0 MBR read successfully
11:07:50.390 Disk 0 MBR scan
11:07:50.453 Disk 0 Windows XP default MBR code
11:07:50.468 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238473 MB offset 2048
11:07:50.468 Disk 0 scanning sectors +488394752
11:07:50.531 Disk 0 scanning C:\WIN\system32\drivers
11:08:01.328 Service scanning
11:08:17.734 Modules scanning
11:08:40.156 Disk 0 trace - called modules:
11:08:40.187 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
11:08:40.218 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d7bab8]
11:08:40.265 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\0000006c[0x85e8df18]
11:08:40.265 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x85dffd98]
11:08:42.812 AVAST engine scan C:\WIN
11:09:00.828 AVAST engine scan C:\WIN\system32
11:11:48.531 AVAST engine scan C:\WIN\system32\drivers
11:12:04.890 AVAST engine scan C:\Documents and Settings\Lori
11:18:26.734 AVAST engine scan C:\Documents and Settings\All Users.WIN
11:21:11.703 Scan finished successfully
11:26:27.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lori\Desktop\MBR.dat"
11:26:27.203 The log file has been saved successfully to "C:\Documents and Settings\Lori\Desktop\aswMBR.txt"


OTL logfile created on: 9/3/2012 11:28:44 AM - Run 5
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Lori\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

990.48 Mb Total Physical Memory | 300.56 Mb Available Physical Memory | 30.34% Memory free
2.33 Gb Paging File | 1.35 Gb Available in Paging File | 57.88% Paging File free
Paging file location(s): C:\pagefile.sys 1488 2976 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WIN | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 111.25 Gb Free Space | 47.77% Space Free | Partition Type: NTFS

Computer Name: DWAYNE-2DE6E15F | User Name: Lori | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Lori\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\MyFunCards_5m\bar\1.bin\5mbrmon.exe (VER_COMPANY_NAME)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
PRC - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company)
PRC - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\Super Easy Backup\Endpoint\DCProtectService.exe (Datacastle)
PRC - C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe ()
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe (Affinegy, Inc.)
PRC - C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
PRC - C:\WIN\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\65f9fe27a524e0e1d6fe976da05c809d\Inkjet.Automation.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\24df744a06c3ee71e66e0df2957db8ab\Inkjet.DeviceSettings.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\56788e7172b88e8e17c8187919f6fe9e\Inkjet.Localization.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\7390d6714108666d0f1d272f8bacfb13\Inkjet.Diagnostics.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\77efbbfd54d23807ec041ef5ec3c12d0\Inkjet.Utilities.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\ce45b4ac627e00a2e877bc0c642b7d05\Inkjet.Hardware.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\5f1d9bddb3455d5c2342fddb3182590a\Inkjet.Statistics.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\67ae8297c655a3d2a3664fe21582a5f8\Inkjet.Configuration.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WIN\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll ()
MOD - C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WIN\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MyFunCards_5mService) -- C:\Program Files\MyFunCards_5m\bar\1.bin\5mbarsvc.exe (COMPANYVERS_NAME)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Kodak AiO Status Monitor Service) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe (Eastman Kodak Company)
SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe (Eastman Kodak Company)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (DCProtectService) -- C:\Program Files\Super Easy Backup\Endpoint\DCProtectService.exe (Datacastle)
SRV - (MySQL) -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe ()
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (AffinegyService) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe (Affinegy, Inc.)


========== Driver Services (SafeList) ==========

DRV - (aswMBR) -- C:\DOCUME~1\Lori\LOCALS~1\Temp\aswMBR.sys File not found
DRV - (MBAMProtector) -- C:\WIN\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (RapportIaso) -- c:\Documents and Settings\All Users.WIN\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys (Trusteer Ltd.)
DRV - (eamon) -- C:\WIN\system32\drivers\eamon.sys (ESET)
DRV - (ehdrv) -- C:\WIN\system32\drivers\ehdrv.sys (ESET)
DRV - (epfwtdir) -- C:\WIN\system32\drivers\epfwtdir.sys (ESET)
DRV - (AFGSp50) -- C:\WIN\system32\drivers\AFGSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (HdAudAddService) -- C:\WIN\system32\drivers\HdAudio.sys (Windows ® Server 2003 DDK provider)
DRV - (nvnetbus) -- C:\WIN\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WIN\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (gameenum) -- C:\WIN\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\WIN\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (MTsensor) -- C:\WIN\system32\drivers\ASACPI.sys ()
DRV - (ms_mpu401) -- C:\WIN\system32\drivers\msmpu401.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{09823E70-188B-4D1D-B168-F054F050AF96}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebs...r={searchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WIN\system32\blank.htm
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A 58 19 24 05 45 CD 01 [binary data]
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\..\URLSearchHook: {f4c28532-b9d0-4950-a2df-e83f9929242b} - No CLSID value found
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\..\SearchScopes,DefaultScope = {09823E70-188B-4D1D-B168-F054F050AF96}
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\..\SearchScopes\{09823E70-188B-4D1D-B168-F054F050AF96}: "URL" = http://www.google.co...GGHP_en-GBUS487
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\..\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\..\SearchScopes\{BE8859F8-90FB-45AB-9F84-931B8278D6E1}: "URL" = http://websearch.ask...3D-9980E1889DB0
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1454471165-879983540-1177238915-1009\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WIN\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WIN\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WIN\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WIN\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@MyFunCards_5m.com/Plugin: C:\Program Files\MyFunCards_5m\bar\1.bin\NP5mStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\5mffxtbr@MyFunCards_5m.com: C:\Program Files\MyFunCards_5m\bar\1.bin [2012/07/24 18:29:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/06/08 00:31:29 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Documents and Settings\Lori\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Lori\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Lori\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2007/07/27 06:00:00 | 000,000,734 | ---- | M]) - C:\WIN\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Conime] C:\WIN\system32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WIN\System32\HDAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MyFunCards_5m Browser Plugin Loader] C:\Program Files\MyFunCards_5m\bar\1.bin\5mbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [NvCplDaemon] C:\WIN\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WIN\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-879983540-1177238915-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-879983540-1177238915-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-879983540-1177238915-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WIN\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1341441543171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{395D1A8E-4015-44DB-B1EA-A5495E4AB339}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WIN\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WIN\system32\userinit.exe) - C:\WIN\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WIN\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WIN\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/10/11 16:24:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/03 10:27:16 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Lori\Desktop\aswMBR.exe
[2012/09/01 09:41:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/30 20:44:06 | 000,000,000 | ---D | C] -- C:\WIN\ERDNT
[2012/08/30 20:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2012/08/30 20:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WIN\Start Menu\Programs\ERUNT
[2012/08/30 20:37:09 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Lori\Desktop\erunt-setup.exe
[2012/08/29 17:17:14 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lori\Desktop\OTL.exe
[2012/08/29 17:02:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Lori\Start Menu\Programs\Administrative Tools
[3 C:\WIN\*.tmp files -> C:\WIN\*.tmp -> ]
[1 C:\WIN\System32\*.tmp files -> C:\WIN\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/03 11:34:00 | 000,000,416 | -H-- | M] () -- C:\WIN\tasks\User_Feed_Synchronization-{A126B8E3-10B9-4048-81A0-7DC31E8A7EE1}.job
[2012/09/03 11:26:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\MBR.dat
[2012/09/03 10:27:16 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Lori\Desktop\aswMBR.exe
[2012/09/03 08:26:45 | 000,013,646 | ---- | M] () -- C:\WIN\System32\wpa.dbl
[2012/09/03 08:16:51 | 000,002,048 | --S- | M] () -- C:\WIN\bootstat.dat
[2012/09/02 19:00:30 | 000,000,822 | ---- | M] () -- C:\WIN\tasks\Adobe Flash Player Updater.job
[2012/09/02 19:00:29 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WIN\System32\FlashPlayerApp.exe
[2012/09/02 19:00:29 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WIN\System32\FlashPlayerCPLApp.cpl
[2012/08/30 21:21:05 | 000,467,701 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\lori resume jetblue.pdf
[2012/08/30 21:21:05 | 000,467,701 | ---- | M] () -- C:\Documents and Settings\Lori\My Documents\lori resume .pdf
[2012/08/30 20:40:58 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\NTREGOPT.lnk
[2012/08/30 20:40:58 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\ERUNT.lnk
[2012/08/30 20:37:16 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Lori\Desktop\erunt-setup.exe
[2012/08/30 20:35:15 | 000,511,265 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\adwcleaner.exe
[2012/08/29 17:17:22 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lori\Desktop\OTL.exe
[2012/08/29 17:11:39 | 000,854,124 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\SecurityCheck.exe
[2012/08/15 17:43:02 | 000,266,208 | ---- | M] () -- C:\WIN\System32\FNTCACHE.DAT
[2012/08/15 07:20:45 | 000,001,374 | ---- | M] () -- C:\WIN\imsins.BAK
[2012/08/14 16:40:19 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users.WIN\Desktop\Picasa 3.lnk
[2012/08/09 15:01:03 | 000,000,019 | ---- | M] () -- C:\WIN\popcinfo.dat
[2012/08/06 10:29:52 | 000,613,684 | ---- | M] () -- C:\Documents and Settings\Lori\Desktop\Adams_Jesi_2012_8_6_9_20_38_form.pdf
[3 C:\WIN\*.tmp files -> C:\WIN\*.tmp -> ]
[1 C:\WIN\System32\*.tmp files -> C:\WIN\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/03 11:26:27 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\MBR.dat
[2012/08/30 21:21:23 | 000,467,701 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\lori resume jetblue.pdf
[2012/08/30 21:21:04 | 000,467,701 | ---- | C] () -- C:\Documents and Settings\Lori\My Documents\lori resume .pdf
[2012/08/30 20:40:58 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\NTREGOPT.lnk
[2012/08/30 20:40:58 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\ERUNT.lnk
[2012/08/30 20:35:11 | 000,511,265 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\adwcleaner.exe
[2012/08/29 17:11:36 | 000,854,124 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\SecurityCheck.exe
[2012/08/06 10:29:47 | 000,613,684 | ---- | C] () -- C:\Documents and Settings\Lori\Desktop\Adams_Jesi_2012_8_6_9_20_38_form.pdf
[2012/07/20 23:00:23 | 000,000,019 | ---- | C] () -- C:\WIN\popcinfo.dat
[2012/06/17 14:46:29 | 000,000,664 | ---- | C] () -- C:\WIN\System32\d3d9caps.dat
[2012/06/06 14:21:24 | 000,003,072 | ---- | C] () -- C:\WIN\System32\iacenc.dll
[2012/06/06 11:59:17 | 001,074,636 | ---- | C] () -- C:\WIN\System32\nvdrsdb0.bin
[2012/06/06 11:59:16 | 001,074,636 | ---- | C] () -- C:\WIN\System32\nvdrsdb1.bin
[2012/06/06 11:59:16 | 000,000,001 | ---- | C] () -- C:\WIN\System32\nvdrssel.bin
[2012/06/06 11:58:46 | 002,807,708 | ---- | C] () -- C:\WIN\System32\nvdata.data
[2012/06/05 19:27:50 | 000,002,048 | --S- | C] () -- C:\WIN\bootstat.dat
[2012/06/05 19:22:12 | 000,021,640 | ---- | C] () -- C:\WIN\System32\emptyregdb.dat
[2012/06/05 13:14:11 | 000,003,985 | ---- | C] () -- C:\WIN\ODBCINST.INI
[2012/06/05 13:12:50 | 000,266,208 | ---- | C] () -- C:\WIN\System32\FNTCACHE.DAT
[2012/05/28 09:35:20 | 000,001,046 | ---- | C] () -- C:\WIN\System32\EKaio2WiaCoInst.ini
[2011/11/26 15:24:21 | 000,005,810 | ---- | C] () -- C:\WIN\System32\drivers\ASACPI.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 208 bytes -> C:\Documents and Settings\All Users.WIN\Application Data\TEMP:FACB65E7

< End of report >
  • 0

Advertisements

#17
Dakeyras
Posted 03 September 2012 - 04:08 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I'm sure I don't need Java. I'm sure I just have it because I though I was supposed to have it at some point.

OK fair play, you have already uninstalled it prior, so since not reinstalling a updated version you can uninstall the following...

Now please go to Start >> Control Panel >> Add/Remove Programs and remove the following (if present):

Java Auto Updater

To do so, click once on each of the above in turn to highlight and then click on the Remove button.

Next:

OTL has recently been updated, so please delete your current version then empty the Recycle Bin.

Then download the new version of OTL and save it to the Desktop

Next:

We are going to run a custom OTL script via a different methodology this time. So please download the attached Fix.txt(see below) and save it to the Desktop.

Next:

Now I will be asking you to boot into Safe Mode for the next part of the fix. It may prove beneficial if you print of the following instructions or save them to notepad as you will not have Internet access whilst in the aforementioned safe mode.

How to boot into Safe Mode:

Restart your computer and as soon as it starts booting up again continuously tap the F8 key. A menu should come up where you will be given the option to enter Safe Mode, do so.

If any problems refer to this tutorial.

In safe mode carry out the following:

Custom OTL Script:

  • Double-click OTL.exe to start the program.
  • Now click on Run Fix, when prompted with:-
No fix has been provided!

Click Ok to load from file or Cancel to cancel

  • Click on Ok >> navigate to Fix.txt on the desktop >> click on it to highlight >> then click on Open
  • Return to OTL, then click the red Run Fix button again.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

Give the custom OTL script time to process and once completed if your computer was not rebooted, please do so yourself back into Normal Mode.

Next:

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.

  • 0

#18
brynndar
Posted 04 September 2012 - 04:42 PM

brynndar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
There are no new problems with my computer. It is running fairly quickly. Here is the new log. I really do appreciate your help as I have taken my computer to the shop several times only to return with it running at the same speed.

All processes killed
========== OTL ==========
Service MyFunCards_5mService stopped successfully!
Service MyFunCards_5mService deleted successfully!
C:\Program Files\MyFunCards_5m\bar\1.bin\5mbarsvc.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e9438f-19d4-4516-b2ac-59ba9241de4d}\ not found.
Registry value HKEY_USERS\S-1-5-21-1454471165-879983540-1177238915-1008\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f4c28532-b9d0-4950-a2df-e83f9929242b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4c28532-b9d0-4950-a2df-e83f9929242b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{f4c28532-b9d0-4950-a2df-e83f9929242b}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-1177238915-1008\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35e9438f-19d4-4516-b2ac-59ba9241de4d}\ not found.
Registry key HKEY_USERS\S-1-5-21-1454471165-879983540-1177238915-1008\Software\Microsoft\Internet Explorer\SearchScopes\{BE8859F8-90FB-45AB-9F84-931B8278D6E1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE8859F8-90FB-45AB-9F84-931B8278D6E1}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyFunCards_5m Browser Plugin Loader deleted successfully.
C:\Program Files\MyFunCards_5m\bar\1.bin\5mbrmon.exe moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\KodakHomeCenter deleted successfully.
C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe moved successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\KodakHomeCenter not found.
File C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe not found.
ADS C:\Documents and Settings\All Users.WIN\Application Data\TEMP:FACB65E7 deleted successfully.
========== FILES ==========
C:\Program Files\MyFunCards_5m\MyFunCards_5m\Cache folder moved successfully.
C:\Program Files\MyFunCards_5m\MyFunCards_5m folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\Settings folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\Message\COMMON folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\Message folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\IE9Mesg folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\History folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\gen1 folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\Cache folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\1.bin\ThirdPartyInstallers folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\1.bin\chrome folder moved successfully.
C:\Program Files\MyFunCards_5m\bar\1.bin folder moved successfully.
C:\Program Files\MyFunCards_5m\bar folder moved successfully.
C:\Program Files\MyFunCards_5m folder moved successfully.
========== COMMANDS ==========
C:\WIN\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes

User: Administrator.DWAYNE-2DE6E15F
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 101187 bytes
->Flash cache emptied: 56466 bytes

User: All Users

User: All Users.WIN

User: Brynn
->Temp folder emptied: 146061439 bytes
->Temporary Internet Files folder emptied: 201628676 bytes
->Java cache emptied: 32759 bytes
->Flash cache emptied: 63761 bytes

User: DCProtectService
->Temp folder emptied: 19273 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WIN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 101187 bytes
->Flash cache emptied: 56466 bytes

User: Dwayne
->Temp folder emptied: 3335683 bytes
->Temporary Internet Files folder emptied: 70107934 bytes
->Java cache emptied: 65517 bytes
->Flash cache emptied: 63801 bytes

User: Jake
->Temp folder emptied: 180224 bytes
->Temporary Internet Files folder emptied: 18894277 bytes
->Flash cache emptied: 57308 bytes

User: Jesi
->Temp folder emptied: 335245 bytes
->Temporary Internet Files folder emptied: 66639544 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 57505 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33177 bytes

User: Lori
->Temp folder emptied: 216413257 bytes
->Temporary Internet Files folder emptied: 52650946 bytes
->Java cache emptied: 3275631 bytes
->Google Chrome cache emptied: 6163045 bytes
->Flash cache emptied: 9093312 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33177 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 90435 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 10240104 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 771.00 mb


OTL by OldTimer - Version 3.2.60.0 log created on 09042012_162819

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#19
Dakeyras
Posted 05 September 2012 - 03:51 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

There are no new problems with my computer. It is running fairly quickly. Here is the new log. I really do appreciate your help as I have taken my computer to the shop several times only to return with it running at the same speed.

Good and you are most welcome!

Next:

Congratulations your computer now appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well. Plus bare in mind my prior advice about upgrading the presently installed RAM(Random Access Memory) if your machine can support more that is.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Reset the System Restore points:

  • Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm
Clean up with OTL:

  • Double-click on OTL to start the program.
  • Close all other programs apart from OTL as this step will require a reboot.
  • On the OTL main screen, depress the CleanUp button.
  • Say Yes to the prompt and then allow the program to reboot your computer.
The above process should clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, ESET NOD32 automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

I do advise visiting Windows Update periodically as Microsoft releases patches for Windows and other products regularly.

Plus check Automatic Updates is enabled.

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

Only use one of the above!

Consideri installing WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

Any questions? Feel free to ask, if not stay safe!
  • 0

#20
brynndar
Posted 05 September 2012 - 10:48 PM

brynndar

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
I am so glad I found this website. You have been an enormous help. I will follow all of your advice and instruction. I also must donate to this website. I will be visiting often to check out any new info you guys have posted. Thanks a ton!!!
  • 0

#21
Dakeyras
Posted 11 September 2012 - 03:37 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP