Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Outbound Traffic - Security Issue [Solved]

Outbound Outbound Traffic Security Norton 360 Security Request Suspicious Outbound Activity

  • This topic is locked This topic is locked

#16
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, orwellian1984.

I'm glad to hear that it got better.

I've noticed earlier that you have a plenty of programs running that aren't really needed to be active unless you have to use them at a certain moment.
It looks like you have CCleaner installed. You can use it's function to disable some programs from Startup (Tools>Startup). My recommendations are:
  • QuickTime
  • PowerISO
  • iTunesHelper
You could also remove CCleaner from startup (Options>untick "Run CCleaner when the computer starts")

Additionally, check if your uninstall list and remove any programs that you aren't using anymore.

 
Another thing you can try is xbootmgr. You can find the instructions below.

xbootmgr

Download the SDK web installer from here
Run the installer and select the following:

Leave the location to default
wdk%20location.JPG

Windows Performance Toolkit
Wintoolkitselect.JPG

You must reboot on completion of the install

After reboot set aside about 30 minutes when you will not need the computer

When ready start an elevated command prompt :

Go Start > All Programs > Accessories
Right click Command Prompt and select Run as Administrator

Then copy and paste the following command into the black box :

xbootmgr -trace boot -prepSystem -verboseReadyBoot

sdk%20command.JPG

Now your PC will be restarted 6 times. With a two minute pause before the tool runs after the desktop loads
After the second reboot the MS defragmentation program is running and is placing the files into an optimized layout, so that Windows will boot up faster
The last Reboots are training of readyBoot. After the training is finished, you'll notice a huge improvement in startup.

Note: If you're getting an error about physical prefetcher, install the updates listen in this topic.
  • 0

Advertisements


#17
orwellian1984

orwellian1984

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Followed all instructions.

 

Switched off startup items.

 

Appears to be running faster at startup.

 

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes    HKLM:Run    AdobeAAMUpdater-1.0    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes    HKLM:Run    APSDaemon    Apple Inc.    "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes    HKLM:Run    HotKeysCmds    Intel Corporation    C:\Windows\system32\hkcmd.exe
Yes    HKLM:Run    IAStorIcon    Intel Corporation    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
Yes    HKLM:Run    IgfxTray    Intel Corporation    C:\Windows\system32\igfxtray.exe
Yes    HKLM:Run    ISBMgr.exe    Sony Corporation    "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
No    HKLM:Run    iTunesHelper    Apple Inc.    "C:\Program Files\iTunes\iTunesHelper.exe"
Yes    HKLM:Run    NvCplDaemon    Microsoft Corporation    RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
Yes    HKLM:Run    Persistence    Intel Corporation    C:\Windows\system32\igfxpers.exe
Yes    HKLM:Run    PMBVolumeWatcher    Sony Corporation    c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
No    HKLM:Run    PWRISOVM.EXE    Power Software Ltd    C:\Program Files\PowerISO\PWRISOVM.EXE -startup
No    HKLM:Run    QuickTime Task    Apple Inc.    "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
Yes    HKLM:Run    RtHDVCpl    Realtek Semiconductor    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
Yes    HKLM:Run    SHTtray.exe    Sony Corporation    C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
Yes    HKLM:Run    SynTPEnh    Synaptics Incorporated    %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes    Startup Common    Bluetooth.lnk    Broadcom Corporation.    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
 

Can you advise me about what I can do to protect my computer in the future that you haven't already told me about previously?

 

Do I need to have my anti-virus, anti-malware, anti-adware programs etc installed constantly or set up a routine installation? If yes with regards a routine re-installation of software, how often should I do this and which programs should I use?

 

Should I keep the programs I've installed through this Malware removal process you have guided me through on my computer or should I remove them?

 

Awaiting further instruction.

 

Thanks.


  • 0

#18
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, orwellian1984.
 

Can you advise me about what I can do to protect my computer in the future that you haven't already told me about previously?

You'll find everything below :)
 

Do I need to have my anti-virus, anti-malware, anti-adware programs etc installed constantly or set up a routine installation? If yes with regards a routine re-installation of software, how often should I do this and which programs should I use?

Having an Antivirus constantly running is crucial. Everything else is your own choice. Keeping Malwarebytes' Anti-Malware installed and doing a scan once in a while is a good addition.
 

Should I keep the programs I've installed through this Malware removal process you have guided me through on my computer or should I remove them?

We'll remove them, only Malwarebytes' Anti-Malware will stay :)

 
Good news. Your system looks clean and we can delete the tools that we've used. I've also prepared some tips for you to stay safe in the future.

 
DelFix
Now that your system looks clean, we can clear system restore points and malware removal tools that we've used. To do that, download and run Delfix.
  • Note: Make sure that the following options are checked:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset System Settings
k0dPuvD.png
After the cleaning is done, DelFix.txt will be opened in Notepad. If it won't, you can find it in C:\ directory. Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.

Also, delete any other .exe .txt, .bat .reg or .zip files that we used and are remaining and empty the Recycle bin.

 
Uninstalling programs

Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove ESET Online Scanner v3

 
Preventing Re-Infection

As prevention is better than cure, I have listed some tips for you to stay safe on the internet in the future. Make a good use of them.

 
Adobe products have to always be updated, because they also are being used to infect your computer.
  • If you want to update Adobe Flash Player, visit this site.
  • If you want to update Adobe Reader, visit this site.
  • Warning!: Make sure to uncheck Optional offer box when downloading Adobe products or you will install an adware on your computer.
 
Turning on Automatic Updates is a crucial security measure. Keeping them out-of-date is like begging to get your system infected.
  • Click Start > Control Panel > System and Security > Windows Update
  • Under Windows Update click Turn automatic updating on or off
  • Make sure that your settings are set so that you will receive updates automatically and click OK.
 
Heimdal Free is one of programs that can check for out-of-date programs on your computer. You can get it here.

 
Recommendations for security programs
  • Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
  • WinPatrol as a robust security monitor will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes a snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
  • NoScript is a Firefox add-on that increases safety during surfing online by blocking malicious scripts.
  • Unchecky will help you to avoid adware and PUPs by automatically removing checkmarks for these when installing programs.
  • Web of Trust is an add-on for multiple browsers that warns you before entering websites with bad reputation.
 
Cryptolocker prevention
Cryptolocker is a new ransomware that heavily encrypts your important files. At the moment there are no programs that can decrypt these files. You can read how to protect against it here.

 
For some good tips about how to prevent infection in the future, visit this site.

 

Remember to post the Delfix log :)


  • 0

#19
orwellian1984

orwellian1984

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

# DelFix v1.010 - Logfile created 17/08/2015 at 01:09:35
# Updated 26/04/2015 by Xplode
# Username : Val - JOEL
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.1.0.5_11.08.2015_22.48.15_log.txt
Deleted : C:\TDSSKiller.3.1.0.5_11.08.2015_23.00.22_log.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #641 [Windows Update | 08/11/2015 17:00:16]
Deleted : RP #642 [JRT Pre-Junkware Removal | 08/11/2015 17:59:32]
Deleted : RP #643 [Windows Update | 08/11/2015 19:09:21]
Deleted : RP #644 [Windows Update | 08/12/2015 15:25:12]
Deleted : RP #645 [Windows Update | 08/13/2015 17:00:23]
Deleted : RP #646 [Removed Java™ 6 Update 17 | 08/16/2015 10:50:19]
Deleted : RP #647 [Removed Java™ 6 Update 17 (64-bit) | 08/16/2015 10:53:15]
Deleted : RP #649 [Restore Point Created by FRST | 08/16/2015 11:08:19]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 


  • 0

#20
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Alright. Unless you have any other problems or questions, this topic will be closed :)
  • 0

#21
orwellian1984

orwellian1984

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Thanks for your help.


  • 0

#22
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts

My pleasure.

Stay safe :wave:


  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: Outbound, Outbound Traffic, Security, Norton 360, Security Request, Suspicious Outbound Activity

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP