Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ccleaner-free space drive wiper stops early. [Solved]

Started by reach1 , Sep 14 2014 06:21 PM

  • This topic is locked This topic is locked

#16
Biscuithd
Posted 22 September 2014 - 05:11 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Now my computer is dramatically slower than its ever been.

Sorry to hear that!
 
After seeing the ComboFix log I can tell you that I'm not surprised. The files in the Temp folder that CF removed are a portend of lurking bad news. Let's see if we can't flush out the baddies with these next scans.
 
RogueKiller.png Scan with RogueKiller
 
Please download RogueKiller and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 
  • Right-click on RogueKiller.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the pre-scan will be done. It shouldn't take more than 2-3 minutes.
  • Accept the Terms of use.
  • When the Scan button becomes available, please click it. RogueKiller will start a full scan.
  • Let this process run uninterrupted!.
  • When finished, a Report button will become available. Click it. You will be presented with a logfile.
Please include the content of this logfile in your next reply.
 
FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please copy and paste their content into your next reply.

 


  • 0

Advertisements

#17
reach1
Posted 22 September 2014 - 05:41 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Wait I see what happened, Some of the processes I turned off like the printer spool turned back on. Ill have to go through them all again :/ Also I noticed that Prio reset my processes prioritys. More work for me.


  • 0

#18
reach1
Posted 22 September 2014 - 06:00 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

User : Owner [Admin rights]
Mode : Scan -- Date : 09/22/2014  17:56:30

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 16 ¤¤¤
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.SysRestore] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore | DisableSR : 1  -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0  -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0  -> FOUND
[PUM.StartMenu] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0  -> FOUND
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\Main | Start Page :   -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-21-1606980848-1957994488-289805187-1003\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] nwmxb5r5.default-1402543570379 : user_pref("browser.startup.homepage", "http://www.bing.com/"); -> FOUND

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 831dec1f62c3a1bec76a445dd5f1c07d
[BSP] 8d2a0d12d9750d3f6308814ee997e3bc : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 38146 MB
User = LL1 ... OK
User = LL2 ... OK
 


  • 0

#19
reach1
Posted 22 September 2014 - 06:05 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014 01
Ran by Owner (administrator) on GATEWAY400VTX on 22-09-2014 18:04:22
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKU\S-1-5-21-1606980848-1957994488-289805187-1003\...\Policies\Explorer: [NoRecentDocsHistory] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL =
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.22.0.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.43

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379
FF Homepage: hxxp://www.bing.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Extension: Disconnect - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\Extensions\[email protected] [2014-09-20]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\Extensions\[email protected] [2014-09-20]
FF Extension: Go-Mobile - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\Extensions\[email protected] [2014-09-20]
FF Extension: Zoom Page - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\Extensions\[email protected] [2014-09-20]
FF Extension: Adblock Plus - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nwmxb5r5.default-1402543570379\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-20]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-06-14]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2014-05-13] (Phoenix Technologies) [File not signed]
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 STAC97; C:\WINDOWS\System32\drivers\STAC97.sys [244560 2003-10-02] (SigmaTel, Inc.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
S3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2216064 2009-11-11] (Intel® Corporation)
S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [120830 2003-10-08] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [98842 2003-10-08] (Intel Corporation)
U5 AppMgmt; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CFcatchme; \??\C:\ComboFix\CFcatchme.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 18:03 - 2014-09-22 18:04 - 00000000 ____D () C:\FRST
2014-09-22 17:50 - 2014-09-22 17:50 - 00033512 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-09-22 17:50 - 2014-09-22 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-09-22 17:18 - 2014-09-22 17:18 - 00080744 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-22 17:17 - 2014-09-22 17:17 - 00008856 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-09-22 15:59 - 2014-09-22 15:59 - 00011782 _____ () C:\ComboFix.txt
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\Administrator.GATEWAY400VTX\Local Settings\temp
2014-09-22 15:53 - 2014-09-22 15:53 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-09-22 15:37 - 2014-09-22 15:37 - 00000000 _RSHD () C:\cmdcons
2014-09-22 15:37 - 2014-06-09 19:07 - 00000210 _____ () C:\Boot.bak
2014-09-22 15:37 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-09-22 15:35 - 2011-06-26 00:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-09-22 15:35 - 2010-11-07 11:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-09-22 15:35 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-09-22 15:35 - 2000-08-30 18:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-09-22 15:34 - 2014-09-22 15:59 - 00000000 ____D () C:\Qoobox
2014-09-22 15:34 - 2014-09-22 15:57 - 00000000 ____D () C:\WINDOWS\erdnt
2014-09-22 04:06 - 2014-09-22 17:18 - 00005392 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-20 14:19 - 2014-09-20 14:23 - 00012392 _____ () C:\zoek-results.log
2014-09-20 14:14 - 2014-09-20 14:14 - 00000000 ____D () C:\zoek_backup
2014-09-20 02:21 - 2014-09-20 02:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-20 02:13 - 2014-09-20 03:57 - 00000000 ____D () C:\AdwCleaner
2014-09-20 01:54 - 2014-09-20 01:54 - 00000000 ____D () C:\_OTL
2014-09-18 23:55 - 2014-09-19 00:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-15 14:05 - 2014-09-20 16:29 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 14:04 - 2014-09-15 14:04 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 14:04 - 2014-09-15 14:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-15 14:04 - 2014-09-15 14:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 14:04 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-15 14:04 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-14 13:07 - 2014-09-22 17:18 - 00032582 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-14 03:11 - 2014-09-14 03:26 - 00000178 ___SH () C:\Documents and Settings\Administrator.GATEWAY400VTX\ntuser.ini
2014-09-14 03:11 - 2014-09-14 03:22 - 00000000 ____D () C:\Documents and Settings\Administrator.GATEWAY400VTX
2014-09-14 03:11 - 2014-04-05 14:22 - 00001599 _____ () C:\Documents and Settings\Administrator.GATEWAY400VTX\Start Menu\Programs\Remote Assistance.lnk
2014-09-14 03:11 - 2014-04-05 14:22 - 00000000 ___RD () C:\Documents and Settings\Administrator.GATEWAY400VTX\Start Menu\Programs\Accessories
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 18:04 - 2014-09-22 18:03 - 00000000 ____D () C:\FRST
2014-09-22 18:04 - 2014-04-05 14:37 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-09-22 17:50 - 2014-09-22 17:50 - 00033512 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-09-22 17:50 - 2014-09-22 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-09-22 17:32 - 2014-05-09 07:45 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-09-22 17:19 - 2014-05-08 14:47 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-09-22 17:18 - 2014-09-22 17:18 - 00080744 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-22 17:18 - 2014-09-22 04:06 - 00005392 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-22 17:18 - 2014-09-14 13:07 - 00032582 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-22 17:18 - 2014-06-14 22:11 - 00271632 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-09-22 17:18 - 2014-05-08 18:06 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-09-22 17:18 - 2014-05-08 18:06 - 00065536 _____ () C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2014-09-22 17:18 - 2014-04-05 17:26 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-09-22 17:18 - 2014-04-05 14:34 - 00000178 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2014-09-22 17:18 - 2014-04-05 14:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-22 17:18 - 2004-08-04 06:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-22 17:17 - 2014-09-22 17:17 - 00008856 _____ () C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-09-22 17:17 - 2014-04-05 14:37 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-09-22 17:15 - 2014-04-05 14:19 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-09-22 16:48 - 2014-04-05 14:37 - 00000000 ____D () C:\Documents and Settings\Owner
2014-09-22 16:48 - 2014-04-05 14:31 - 00000000 ___SD () C:\Documents and Settings\Owner\UserData
2014-09-22 16:26 - 2014-06-13 17:40 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-22 15:59 - 2014-09-22 15:59 - 00011782 _____ () C:\ComboFix.txt
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:59 - 00000000 ____D () C:\Documents and Settings\Administrator.GATEWAY400VTX\Local Settings\temp
2014-09-22 15:59 - 2014-09-22 15:34 - 00000000 ____D () C:\Qoobox
2014-09-22 15:59 - 2014-04-05 14:34 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-09-22 15:59 - 2014-04-05 14:25 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-22 15:57 - 2014-09-22 15:34 - 00000000 ____D () C:\WINDOWS\erdnt
2014-09-22 15:55 - 2004-08-04 06:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-09-22 15:53 - 2014-09-22 15:53 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-09-22 15:53 - 2014-09-22 15:53 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-09-22 15:53 - 2014-04-05 08:05 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-09-22 15:53 - 2014-04-05 08:05 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-09-22 15:53 - 2014-04-05 08:04 - 19398656 _____ () C:\WINDOWS\system32\config\software.bak
2014-09-22 15:53 - 2014-04-05 08:04 - 06291456 _____ () C:\WINDOWS\system32\config\system.bak
2014-09-22 15:53 - 2014-04-05 08:04 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2014-09-22 15:37 - 2014-09-22 15:37 - 00000000 _RSHD () C:\cmdcons
2014-09-22 15:37 - 2014-04-05 08:04 - 00000327 __RSH () C:\boot.ini
2014-09-20 16:29 - 2014-09-15 14:05 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 14:23 - 2014-09-20 14:19 - 00012392 _____ () C:\zoek-results.log
2014-09-20 14:14 - 2014-09-20 14:14 - 00000000 ____D () C:\zoek_backup
2014-09-20 14:07 - 2014-05-09 07:45 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Mozilla
2014-09-20 03:57 - 2014-09-20 02:13 - 00000000 ____D () C:\AdwCleaner
2014-09-20 02:21 - 2014-09-20 02:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-20 01:54 - 2014-09-20 01:54 - 00000000 ____D () C:\_OTL
2014-09-19 00:35 - 2014-09-18 23:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-19 00:35 - 2014-05-09 07:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-15 14:57 - 2014-04-05 14:19 - 00000000 ____D () C:\WINDOWS\srchasst
2014-09-15 14:04 - 2014-09-15 14:04 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 14:04 - 2014-09-15 14:04 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-15 14:04 - 2014-09-15 14:04 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 02:32 - 2014-05-14 18:23 - 00000000 ____D () C:\Program Files\OpenDownloaderManager
2014-09-14 03:26 - 2014-09-14 03:11 - 00000178 ___SH () C:\Documents and Settings\Administrator.GATEWAY400VTX\ntuser.ini
2014-09-14 03:22 - 2014-09-14 03:11 - 00000000 ____D () C:\Documents and Settings\Administrator.GATEWAY400VTX
2014-09-09 15:26 - 2014-06-13 17:40 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-09 15:26 - 2014-06-13 17:40 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-30 15:04 - 2014-08-30 15:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-09-2014 01
Ran by Owner at 2014-09-22 18:05:29
Running from C:\Documents and Settings\Owner\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Edition (Disabled - Up to date) {9488E0FA-F058-4673-850E-E755F112BABC}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
GTW Modem (HKLM\...\GTW Modem) (Version:  - )
InfraRecorder (HKLM\...\InfraRecorder) (Version:  - Christian Kindahl)
Intel® Extreme Graphics 2 Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4497 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 06:00 - 2014-09-22 15:54 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-15 00:07 - 2013-03-19 12:07 - 00508136 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-06-15 00:07 - 2013-09-03 14:29 - 00095088 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2014-09-18 23:55 - 2014-09-18 23:55 - 03734640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe

==================== Faulty Device Manager Devices =============

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® PRO/Wireless 2915ABG Network Connection
Description: Intel® PRO/Wireless 2915ABG Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: w29n51
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PCI Modem
Description: PCI Modem
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor:  Mobile Intel® Celeron® CPU 2.20GHz
Percentage of memory in use: 59%
Total physical RAM: 1014.42 MB
Available physical RAM: 411.99 MB
Total Pagefile: 2440.02 MB
Available Pagefile: 1783.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.25 GB) (Free:31.39 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: 2BE2254E)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#20
Biscuithd
Posted 23 September 2014 - 06:17 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Nothing alarming in those scans. How is the machine working now?


  • 0

#21
reach1
Posted 23 September 2014 - 05:53 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Well I tell you what, My OS startup time is noticeably faster and after I disabled the unneeded processes that were turned back on through these steps, programs like my web browser are running a tick smoother. Must of removed a bunch of spyware, thanks for that.

 

Ccleaner drive wipe must just stop if the drive is clean, that has to be the case. I just wish Piriform had a clear yes or no answer to this on there help page.

 

I did notice 2 fragmented files and one fragmented folder when I run defrag, I wish I could fix that some how. Besides that I'm good I guess.


  • 0

#22
Biscuithd
Posted 24 September 2014 - 05:45 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Well I tell you what, My OS startup time is noticeably faster and after I disabled the unneeded processes that were turned back on through these steps, programs like my web browser are running a tick smoother. Must of removed a bunch of spyware, thanks for that.

 

I'm glad we did some good :)

 

 

Ccleaner drive wipe must just stop if the drive is clean, that has to be the case. I just wish Piriform had a clear yes or no answer to this on there help page.

 

Wish I could help you there, but, I don't know the tool that well. Some Helpers here adore it and others don't. I'm not a big fan of Registry Cleaners as there are other ways to acheive a better result. If you are using ccleaner to Clean your Registry, there's a better chance that it will cause problems rather than fix them. By way of example, part of the OTL fix that I did for you are things that ccleaner is "supposed" to do. On the other hand, if you're looking to clean up Temp files, then TFC will do it (here) without touching your Registry.

 

 

I did notice 2 fragmented files and one fragmented folder when I run defrag, I wish I could fix that some how.

 

You can chase fragmented files for a long time and still not defrag everything. Sometimes it's like chasing shadows.

 

BTW, you know that a fragmented file is not a broken, damaged or useless file, just a file that is in two or more pieces on the HD rather than in contiguous space. If you had hundreds or more, I'd chase that, but two? You'll never notice a speed difference with two.

 

 

Besides that I'm good I guess.

 

Well, not quite ;)   I just wanted to see how things are at your end before I head into the final cleanup. You'll be surprised at what MBAM and ESET will do to for a final clean of your system. Also, I will removed all my diagnostic and repair tools in the final step, but feel free to hang on to MBAM and ESET and use them every once in a while.

 

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

 

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.

 

 

We'll search for some remnants that might be hiding.
 
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update
 
  • Once it has updated select Settings > Detection and Protection >Tick Scan for rootkits

MBAMsettings.JPG

 
  • Go back to the Dashboard and select Scan Now

MBAMScan.JPG

 
  • If threats are detected, click the Apply Actions button, MBAM will ask for a reboot

MBAMReboot.JPG

 
  • On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop.

MBAMLog.JPG

 
 
Please post that log for my review.
 
ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.
Click there Run ESET Online Scanner.

If using Internet Explorer:
  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.

Don't forget to re-enable previously switched-off protection software!


  • 0

#23
reach1
Posted 24 September 2014 - 02:08 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

 Results of screen317's Security Check version 0.99.87  
 Windows XP Service Pack 3 x86   
 Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 Bitdefender Antivirus Free Edition   
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner     
 Adobe Flash Player     15.0.0.152  
 Mozilla Firefox (32.0.2)
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 1%
````````````````````End of Log``````````````````````
 


  • 0

#24
reach1
Posted 24 September 2014 - 02:35 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/24/2014
Scan Time: 2:12:25 PM
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.24.10
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 403921
Time Elapsed: 20 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#25
reach1
Posted 24 September 2014 - 03:08 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8127f3df11af33478d93e67b4dbf4721
# engine=20283
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-24 09:04:21
# local_time=2014-09-24 03:04:21 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode_1='Bitdefender Antivirus Free Edition'
# compatibility_mode=2059 16777213 100 100 0 121921342 0 0
# scanned=19684
# found=0
# cleaned=0
# scan_time=1056
 


  • 0

Advertisements

#26
Biscuithd
Posted 25 September 2014 - 06:45 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Good news ----- Your log appears clean! :yeah:  

 

My best suggestion is that you update Internet Explorer to the current version. There are four threat vectors that hit PC's hardest these days, Adobe vulnerabilities, Flash Vulnerabilities, Operating System/IE vulnerabilities and use of P2P software. You are good on all except Explorer. I will note that XP is in limited update these days, but you know that right?

 

That said, I'm going to send you on your way! If you have questions, issues, etc. Don't hesitate to stop back.

 

A good workman always cleans up after himself so..The following piece of code will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransom-ware. (This is really important!)

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe wavey.gif.pagespeed.ce.4AQn4GwL8t.gif

 

If you have any questions or further problems, feel free to stop back It's been a pleasure!!

 

I keep the topic open for a few days in case you have questions. xthumbsup.gif.pagespeed.ic.7aXFW0A4z_.pn


  • 0

#27
reach1
Posted 25 September 2014 - 04:47 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Everything is done exept updating Internet Explorer, Because I am using XP I can only update IE to version 8 and that means there is no auto update for it. Since there are no more updates that I can get for XP or IE, this makes IE nothing more than a security risk unless I update my OS or switch to a Linix OS.

 

How can I remove IE from Windows XP?


  • 0

#28
reach1
Posted 25 September 2014 - 05:57 PM

reach1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts

Well I went to MS and tryed to download IE 8 for XP and it told me my system is not compatible. It said I must upgrade my OS, lol MS is full of prune juice. Anyways, now I don't know how to upgrade, disable or remove IE.


  • 0

#29
Biscuithd
Posted 25 September 2014 - 06:56 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

In Control Panel there is an option, on the left I think, Turn Windows Features On or Off. You can turn off IE there.


  • 0

#30
Biscuithd
Posted 29 September 2014 - 06:34 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Were you able to turn IE off as you wanted to do? Do you still need help?


  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP