Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slow, multiple trojans, adware and dialers [Solved]

Started by bergz22 , Sep 18 2013 05:56 PM

  • This topic is locked This topic is locked

#16
bergz22
Posted 21 September 2013 - 09:39 AM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-21 10:39:06
-----------------------------
10:39:06.795 OS Version: Windows x64 6.1.7601 Service Pack 1
10:39:06.795 Number of processors: 4 586 0x403
10:39:06.795 ComputerName: ALEC-PC UserName: Alec
10:39:07.910 Initialize success
10:39:22.764 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
10:39:22.766 Disk 0 Vendor: SAMSUNG_HD103SJ 1AJ10004 Size: 953869MB BusType: 3
10:39:23.184 Disk 0 MBR read successfully
10:39:23.186 Disk 0 MBR scan
10:39:23.187 Disk 0 Windows 7 default MBR code
10:39:23.213 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:39:23.236 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
10:39:23.411 Disk 0 scanning C:\Windows\system32\drivers
10:39:28.454 Service scanning
10:39:38.967 Modules scanning
10:39:38.971 Disk 0 trace - called modules:
10:39:38.980 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:39:38.982 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004a80060]
10:39:38.985 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa8004435520]
10:39:38.988 5 ACPI.sys[fffff88000fa97a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004437060]
10:39:38.991 Scan finished successfully
10:39:44.513 Disk 0 MBR has been saved successfully to "C:\Users\Alec\Desktop\MBR.dat"
10:39:44.516 The log file has been saved successfully to "C:\Users\Alec\Desktop\aswMBR.txt"
  • 0

Advertisements

#17
bergz22
Posted 21 September 2013 - 09:40 AM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
Computer seems to be running better. I'm going to be out of town and not get much of a chance to use it.
  • 0

#18
Jasmyne
Posted 21 September 2013 - 09:42 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Computer seems to be running better. I'm going to be out of town and not get much of a chance to use it.


Good to hear it's running better. I'll have more instructions for you when you get back. :)
  • 0

#19
Jasmyne
Posted 21 September 2013 - 04:00 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
A few more scans to make sure all the remnants are gone.

Step 1 - MBAM Scan

Since you already have Malwarebytes' Anti-Malware installed.

  • Please open the program.
  • Click on the Update tab then click Check for Updates

    Posted Image
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, check the following settings:
    • On the Settings tab, Scanner Settings, leave the default boxes checked but change the drop-down boxes to Show in results list and check for removal.

    Posted Image
  • On the Scanner tab, check Perform quick scan.

    Posted Image
  • When the scan is complete, click OK, then Show Results to view the results.

    Posted Image
  • Make sure that everything is checked, and click Remove Selected.

    Posted Image
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and Paste the entire report in your next reply.

Step 2 - ESET Online Scan

ESET Online Scan
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here

  • You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Make sure that the option Remove found threats is NOT checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. MBAM Log
2. ESET Log
  • 0

#20
bergz22
Posted 26 September 2013 - 03:16 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.26.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Alec :: ALEC-PC [administrator]

9/26/2013 4:12:52 PM
mbam-log-2013-09-26 (16-12-52).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202235
Time elapsed: 3 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#21
bergz22
Posted 26 September 2013 - 05:41 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c337ce1c420dd346adf4b6de00149577
# engine=15275
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-26 10:29:38
# local_time=2013-09-26 05:29:38 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 5868221 131778028 0 0
# scanned=271959
# found=16
# cleaned=0
# scan_time=4140
sh=4E289A018FA334C22401DD7DC6538B43886D3821 ft=1 fh=d2a54123d5778a5c vn="multiple threats" ac=I fn="C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe"
sh=533EBEE5E8DB5053E1F062B23F74DC1C72B153CE ft=1 fh=4a9334026ea419e3 vn="Win32/OpenCandy application" ac=I fn="C:\Program Files (x86)\FrostWire 5\OCSetupHlp.dll"
sh=EC75974F9ACE9C43AA974FBBB975D02F88DD0BDF ft=1 fh=c71c00113eef2777 vn="a variant of Win32/Toolbar.CrossRider.H application" ac=I fn="C:\Program Files (x86)\hosts\hosts-bho.dll"
sh=C375149DD32A9A7AA6A73A52CD72CFDF0CC3C41C ft=1 fh=c71c00113f60402f vn="probably a variant of Win32/Toolbar.CrossRider.H application" ac=I fn="C:\Program Files (x86)\hosts\hosts-buttonutil.dll"
sh=8A67BD72C58D6AB22C7441CB3E5AF1887B7E5189 ft=1 fh=a4d2b54ac5ecb309 vn="a variant of Win32/Toolbar.CrossRider.I application" ac=I fn="C:\Program Files (x86)\hosts\hosts-buttonutil.exe"
sh=04076BE368D8AD1575E6CEC539FC18BB1F1D798C ft=1 fh=f81b3a0590318296 vn="a variant of Win32/Toolbar.CrossRider.I application" ac=I fn="C:\Program Files (x86)\hosts\hosts-codedownloader.exe"
sh=87BB6719A9D5B8F9B9A6992DEAD4AB8F315E30A7 ft=1 fh=e982e12c695e76ed vn="a variant of Win32/Toolbar.CrossRider.I application" ac=I fn="C:\Program Files (x86)\hosts\hosts-helper.exe"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A application" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js"
sh=9D9EAECE8FE80DD400A1AF12595A5A32E931ABFE ft=1 fh=cbc008fcedd632fd vn="a variant of Win32/Toolbar.Montiera.A application" ac=I fn="C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll"
sh=A7EB94C32CA25DC1A9EB461D2D97D48475E010B4 ft=1 fh=25e3ce73ae44cbb0 vn="probably a variant of Win32/Toolbar.Montiera.A application" ac=I fn="C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll"
sh=F4B7C5EDCBC1F368EE26C78433BA029FC827378E ft=1 fh=d7b6dde4f0823c4d vn="a variant of Win32/Toolbar.Montiera.A application" ac=I fn="C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe"
sh=FFDAD98417B9E383A128BAD3EE7A16BD4E982975 ft=1 fh=ac5a706d9bc4c6c9 vn="a variant of Win32/Toolbar.Escort.A application" ac=I fn="C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll"
sh=05B0AD9BA68922C9353131A0F0360836DA81A0DD ft=1 fh=ba9794dc5d50fc1a vn="multiple threats" ac=I fn="C:\Users\Alec\.frostwire5\updates\frostwire-5.6.4.windows.exe"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=E32AA2E78D2C8F0E9316080E71A714BEFE851E6C ft=1 fh=374915f71a49693e vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=7D4A3CA3A3789D1EA7530FE4727D6BA8E8B47B83 ft=1 fh=4d32dd9dfb87fc86 vn="Win32/Conduit.SearchProtect.E application" ac=I fn="C:\_OTL\MovedFiles\09192013_154833\C_Program Files (x86)\SearchProtect\bin\CltMngSvc.exe"
  • 0

#22
Jasmyne
Posted 27 September 2013 - 06:43 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
One more fix to get rid of the files ESET found. Let me know how your computer is running.

Step 1 - OTL Fix

Warning: This fix was created specifically for the problems on this computer ONLY. If you are not this user, do NOT follow these directions as they could do more damage to your computer.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the Protection tab
Remove the tick from "Start with Windows"
Reboot and start with number 1. below to run the OTL fix.
Posted Image


  • Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

    :Commands
[createrestorepoint]

:Files
C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe
C:\Program Files (x86)\FrostWire 5\OCSetupHlp.dll
C:\Program Files (x86)\hosts\hosts-bho.dll
C:\Program Files (x86)\hosts\hosts-buttonutil.dll
C:\Program Files (x86)\hosts\hosts-buttonutil.exe
C:\Program Files (x86)\hosts\hosts-codedownloader.exe
C:\Program Files (x86)\hosts\hosts-helper.exe
C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll
C:\Users\Alec\.frostwire5\updates\frostwire-5.6.4.windows.exe
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0

:Commands
[emptytemp]
  • Please re-open OTL on your desktop.
  • Place the mouse pointer inside the Custom Scans/Fixes textbox, right click and click Paste. This will put the above script inside the textbox.
  • Click the Run Fix button.

    Posted Image
  • Let the program run unhindered.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A report will open. Copy and Paste that report in your next reply. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

Step 2 - New OTL Scan
  • Please re-open OTL by double-clicking on the icon. If your computer is Windows Vista, 7 or 8, please right-click the icon and choose Run as administrator.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan shouldn't take long.

    Posted Image
  • When the scan completes, it will open one notepad file, OTL.Txt. It will be saved in the same location as OTL.
  • Please copy and paste the contents of this file, and post it in your next reply.

Step 3 - Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix
2. New OTL Log
3. Security Check Log
4. How is you computer running?
  • 0

#23
bergz22
Posted 27 September 2013 - 03:24 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Program Files (x86)\FrostWire 5\frostwire-installer.exe moved successfully.
C:\Program Files (x86)\FrostWire 5\OCSetupHlp.dll moved successfully.
C:\Program Files (x86)\hosts\hosts-bho.dll moved successfully.
C:\Program Files (x86)\hosts\hosts-buttonutil.dll moved successfully.
C:\Program Files (x86)\hosts\hosts-buttonutil.exe moved successfully.
C:\Program Files (x86)\hosts\hosts-codedownloader.exe moved successfully.
C:\Program Files (x86)\hosts\hosts-helper.exe moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js moved successfully.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiApp.dll moved successfully.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividiEng.dll moved successfully.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\ividisrv.exe moved successfully.
C:\Program Files (x86)\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll moved successfully.
C:\Users\Alec\.frostwire5\updates\frostwire-5.6.4.windows.exe moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0 moved successfully.
File\Folder C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Alec
->Temp folder emptied: 1246712 bytes
->Temporary Internet Files folder emptied: 130614 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 375269029 bytes
->Flash cache emptied: 2302 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80282 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 314444 bytes

Total Files Cleaned = 360.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 09272013_162215

Files\Folders moved on Reboot...
C:\Users\Alec\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Alec\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#24
bergz22
Posted 27 September 2013 - 03:32 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
OTL logfile created on: 9/27/2013 4:25:29 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alec\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 71.68% Memory free
7.99 Gb Paging File | 6.72 Gb Available in Paging File | 84.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 809.38 Gb Free Space | 86.90% Space Free | Partition Type: NTFS

Computer Name: ALEC-PC | User Name: Alec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/18 19:31:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
PRC - [2013/09/17 10:13:53 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/03/25 14:02:12 | 000,888,960 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe
PRC - [2010/01/22 15:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/12/28 08:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/07/07 14:13:38 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
PRC - [2009/03/30 09:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
PRC - [2009/02/23 12:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/17 10:13:38 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/09/29 22:33:07 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/07/30 15:54:04 | 000,170,496 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/03/30 09:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
MOD - [2009/02/06 19:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL


========== Services (SafeList) ==========

SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/08/06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/07/27 21:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/29 12:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/05/29 09:05:54 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdecoms.exe -- (lxde_device)
SRV:64bit: - [2007/05/29 09:04:44 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdeserv.exe -- (lxdeCATSCustConnectService)
SRV - [2013/09/19 19:37:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/17 10:13:52 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/06 13:32:13 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/12/11 22:45:42 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/09/10 16:50:28 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/28 08:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 12:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007/05/29 09:07:58 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdecoms.exe -- (lxde_device)
SRV - [2007/05/29 09:04:44 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdeserv.exe -- (lxdeCATSCustConnectService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/27 23:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/27 20:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/14 01:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/26 04:29:24 | 000,397,600 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/10 13:44:46 | 000,028,984 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\DVDSYS64_100507.sys -- (MSI_DVD_010507)
DRV:64bit: - [2010/05/10 13:44:40 | 000,033,592 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\msibios64_100507.sys -- (MSI_MSIBIOS_010507)
DRV:64bit: - [2010/05/10 13:44:18 | 000,014,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\VGASYS64_100507.sys -- (MSI_VGASYS_010507)
DRV:64bit: - [2010/03/02 06:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/01/22 15:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 15:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/29 03:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/19 15:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/09/29 20:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/07/30 22:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:64bit: - [2009/07/15 22:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/10 08:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATITool64.sys -- (ATITool)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:2.7.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..browser.startup.homepage: "http://us.yahoo.com?fr=fp-comodo"
FF - prefs.js..keyword.URL: "http://us.search.yah...ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/07/10 09:30:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/17 10:13:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/17 10:13:33 | 000,000,000 | ---D | M]

[2010/12/18 22:46:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alec\AppData\Roaming\Mozilla\Extensions
[2010/12/18 21:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\epwj04nw.default\extensions
[2010/12/18 21:56:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\epwj04nw.default\extensions\[email protected]
[2010/12/12 15:48:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\ez56a8zz.default\extensions
[2010/12/12 16:11:56 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\ez56a8zz.default\extensions\[email protected]
[2013/09/26 13:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\w1wclqr1.default\extensions
[2011/05/14 20:51:56 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\w1wclqr1.default\extensions\[email protected]
[2013/09/21 10:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/17 10:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/17 10:13:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/17 10:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2013/09/17 10:13:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [QFan Help] C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...ine/install.cab (WebSDev Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4051F84-E9C7-4A45-841C-8FCAEC1F1E0B}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (V)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/26 16:17:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013/09/26 16:17:19 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Alec\Desktop\esetsmartinstaller_enu.exe
[2013/09/21 10:38:53 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Alec\Desktop\aswMBR.exe
[2013/09/19 16:03:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/09/19 15:59:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/19 15:48:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/18 19:31:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
[2013/09/18 19:28:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2013/09/17 18:13:24 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Roaming\Oracle
[2013/09/17 18:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/09/17 18:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/09/17 18:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/09/17 11:25:01 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\hosts
[2013/09/17 11:24:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hosts
[2013/09/17 11:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unitech LLC
[2013/09/17 10:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/04 09:05:06 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\DDMSettings

========== Files - Modified Within 30 Days ==========

[2013/09/27 16:25:40 | 000,891,144 | ---- | M] () -- C:\Users\Alec\Desktop\SecurityCheck.exe
[2013/09/27 16:24:26 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/27 16:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/27 16:24:10 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/27 16:11:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/27 15:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/27 10:52:55 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/27 10:52:55 | 000,015,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/26 16:17:20 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Alec\Desktop\esetsmartinstaller_enu.exe
[2013/09/21 20:40:04 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/21 20:40:04 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/21 20:40:04 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/21 10:39:44 | 000,000,512 | ---- | M] () -- C:\Users\Alec\Desktop\MBR.dat
[2013/09/21 10:38:57 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Alec\Desktop\aswMBR.exe
[2013/09/19 15:59:41 | 001,039,554 | ---- | M] () -- C:\Users\Alec\Desktop\adwcleaner.exe
[2013/09/19 11:42:26 | 001,037,118 | ---- | M] () -- C:\Users\Alec\Desktop\Attachments_2013919.zip
[2013/09/18 19:31:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
[2013/09/17 18:10:23 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/09/12 03:25:03 | 000,427,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2013/09/27 16:25:45 | 000,891,144 | ---- | C] () -- C:\Users\Alec\Desktop\SecurityCheck.exe
[2013/09/21 10:39:44 | 000,000,512 | ---- | C] () -- C:\Users\Alec\Desktop\MBR.dat
[2013/09/19 15:59:39 | 001,039,554 | ---- | C] () -- C:\Users\Alec\Desktop\adwcleaner.exe
[2013/09/19 11:42:34 | 001,037,118 | ---- | C] () -- C:\Users\Alec\Desktop\Attachments_2013919.zip
[2013/03/27 15:29:50 | 000,084,667 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012/12/12 12:04:54 | 000,001,071 | ---- | C] () -- C:\Users\Alec\Documents - Shortcut.lnk
[2012/04/19 17:16:48 | 000,109,016 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/05/09 18:10:22 | 000,009,512 | ---- | C] () -- C:\Users\Alec\regfile.reg
[2010/12/24 22:35:44 | 000,007,606 | ---- | C] () -- C:\Users\Alec\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/05/15 10:36:56 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Driver Smith
[2011/10/14 15:51:15 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\FrostWire
[2013/08/31 16:29:22 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\GRLevel2
[2011/05/14 19:05:14 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\IObit
[2011/02/28 21:58:20 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Lexmark Productivity Studio
[2013/09/17 18:13:24 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Oracle
[2011/11/02 19:08:12 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Origin
[2011/05/14 21:09:57 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\QFX Software
[2012/08/29 18:18:00 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\SoftGrid Client
[2011/03/19 20:26:42 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\TP
[2011/07/27 17:38:17 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\TS3Client
[2011/07/25 19:25:06 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\ts3overlay

========== Purity Check ==========



< End of report >
  • 0

#25
bergz22
Posted 27 September 2013 - 03:33 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 5.0
hosts
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 40
Java version out of Date!
Adobe Flash Player 11.8.800.168
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (24.0)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

Advertisements

#26
bergz22
Posted 27 September 2013 - 03:34 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
Computer seems to be running a lot better.
  • 0

#27
Jasmyne
Posted 28 September 2013 - 09:29 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
I have a few recommendations for you before we clean up all our tools. :)

Enable User Account Control (UAC)

Open User Account Control Settings by clicking the Start button, and then clicking Control Panel. In the search box, type uac, and then click Change User Account Control settings.

To turn on UAC, move the slider to choose when you want to be notified, and then click OK. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Important Updates

~Java~

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser)

~Adobe Reader~
Please go here to update Adobe Reader. Be sure to uncheck "Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer - optional."


And finally the best part!

Congratulations and Good Work, It looks like your log is clean. :thumbsup:

Please reply to acknowledge that you have seen this message, otherwise the topic will remain open for 2 days. Within those two days if you encounter any issues you hadn't previously noticed, just let me know and we'll take care of it, otherwise the topic will be closed.

Now for some final "housekeeping" procedures.

Step 1 - Create a New Restore Point

  • So that you know you have a good uninfected restore point, Click on the Start buttonPosted Image and go to the Control Panel
  • In the Search Box on the right-hand side type System Protection
  • Next choose Create a restore point
    Posted Image
  • Choose a name for the new restore point and then Click Create
    Posted Image
  • When it finishes it you should get a dialogue box stating "The restore point was created successfully." Then click Close, and then Click Ok to close the Systems Properties Box.

Step 2 - Delete Old Restore Points

Just in case you need to use System Restore sometime in the future, you need to delete all the restore points except the one we just made so you don't accidentally restore back to a time when the computer was infected. Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

  • Open Disk Cleanup by clicking the Start buttonPosted Image. In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
  • Click the More Options tab

    Posted Image
  • Under System Restore and Shadow Copies, click Clean up.

    Posted Image
  • In the Disk Cleanup dialog box, click Delete.

    Posted Image
  • When the next Disk Cleanup dialog box opens, click Delete again.

    Posted Image
  • When it is finished, click OK.

Step 3 - OTL Cleanup
  • Open OTL
  • Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so.

The following is general advise for keeping your computer malware free in the future. :)

~~~~~~~~~~~~~~~~~~~~Anti Malware Protection ~~~~~~~~~~~~~~~~~~~~


MalwareBytes Anti-Malware This is an excellent Anti-Malware product. It offers free malware scanning, free malware removal, and free updates. It is recommended to periodically run a Quick Scan to keep your PC as clean as possible. Remember to check for updates before running a scan, so click the Update tab along the top, then click Check for Updates.

~~~~~~~~~~~~~~~~~~~~Free Antivirus Protection ~~~~~~~~~~~~~~~~~~~~

Always make sure you have an antivirus program! If for some reason in the future you'd like to switch programs here are some recomendations: Microsoft Security Essentials or Avast! Antivirus both are FREE to use. Please remember that you can only have one Antivirus installed at a time.

~~~~~~~~~~~~~~~~~~~~Free Firewall Programs ~~~~~~~~~~~~~~~~~~~~


If for some reason in the future you'd like to switch, Comodo Personal Firewall and Sunbelt Personal Firewall are two good options for a FREE firewall to help protect your computer from any unwanted intruders.

~~~~~~~~~~~~~~~~~~~~Staying Updated ~~~~~~~~~~~~~~~~~~~~


Keeping your PC updated is important to protect yourself against future infections. There are many infections which will exploit loopholes within Windows itself, Java and Adobe Reader. Keeping these updated is a very good habit to get into.

Automatic Updates Updates to your Operating System are vital in closing loopholes and fixing bugs which some infections exploit. To keep your Windows updated, ensure that 'Automatic Updates' is enabled on your PC so updates are downloaded and installed automatically. Click here to find out how.

File Hippo Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link.

~~~~~~~~~~~~~~~~~~~~Alternate Browsers ~~~~~~~~~~~~~~~~~~~~


Using an alternative web browser can help protect your PC from infections which exploit security holes within Internet Explorer. They can also be quicker to load pages and offer more tools and features such as Firefox's huge add-on list.

Firefox - My personal choice, easy to use and has a large number of excellent add-ons that can be installed to help keep you away from malicious sites and reduce advertisements and popups etc. AdBlockPlus and WOT are very useful add-ons that are worth having installed.

Google Chrome - Is another browser that's easy to use and is worth trying if you want to test out new browsers.

Happy surfing! :wave:
  • 0

#28
bergz22
Posted 28 September 2013 - 03:00 PM

bergz22

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 332 posts
Awesome Thanks!
  • 0

#29
Jasmyne
Posted 28 September 2013 - 04:39 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
You're Welcome!!
  • 0

#30
Jasmyne
Posted 30 September 2013 - 10:50 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP