Spyware protect 2009

View previous topic View next topic Go down

Spyware protect 2009

Post by bronbron81 on 6th April 2009, 7:39 pm

I know it is phony anti virus program. I need help getting rid of it please.

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 7:56 pm

Please download the current version of HijackThis from [You must be registered and logged in to see this link.]

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 9:24 pm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:40 PM, on 4/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.65.122 browser-security.microsoft.com
O1 - Hosts: 91.212.65.122 spyware-protector-2009.com
O1 - Hosts: 91.212.65.122 [You must be registered and logged in to see this link.]
O1 - Hosts: 91.212.65.122 secure.spyware-protector-2009.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: BHO - {ABD42510-9B22-41cd-9DCD-8182A2D07C63} - C:\WINDOWS\system32\iehelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [Vista Rainbar] C:\Program Files\Vista Rainbar\launcher.exe
O4 - HKCU\..\Run: [ViStart] C:\Program Files\ViStart\ViStart.exe
O4 - HKCU\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe
O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe
O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe
O4 - S-1-5-18 Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe (User 'Default user')
O4 - Startup: Vongo Tray.lnk = C:\Program Files\Vongo\Tray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: eBoostr Control Panel.lnk = C:\Program Files\eBoostr\eBoostrCP.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=64&bd=pavilion&pf=laptop
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: eBoostr Service (EBOOSTRSVC) - Unknown owner - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe

--
End of file - 9455 bytes

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 9:25 pm

Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 91.212.65.122 browser-security.microsoft.com
    O1 - Hosts: 91.212.65.122 spyware-protector-2009.com
    O1 - Hosts: 91.212.65.122 [You must be registered and logged in to see this link.]
    O1 - Hosts: 91.212.65.122 secure.spyware-protector-2009.com
    O2 - BHO: BHO - {ABD42510-9B22-41cd-9DCD-8182A2D07C63} - C:\WINDOWS\system32\iehelper.dll
    O4 - HKCU\..\Run: [system tool] C:\WINDOWS\sysguard.exe


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 9:41 pm

Malwarebytes' Anti-Malware 1.35
Database version: 1945
Windows 5.1.2600 Service Pack 2

4/6/2009 5:37:18 PM
mbam-log-2009-04-06 (17-37-18).txt

Scan type: Quick Scan
Objects scanned: 79521
Time elapsed: 2 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AvScan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\sysguard.exe (Trojan.Agent) -> Quarantined and deleted successfully.

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 9:46 pm

Hi,
Lets go deeper.


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 9:51 pm

DDS (Ver_09-03-16.01) - NTFSx86 NETWORK
Run by Michael at 17:50:26.06 on Mon 04/06/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.479.213 [GMT -4:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Outdated)
AV: Norton Internet Security 2006 *On-access scanning enabled* (Outdated)
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated)
FW: Norton Internet Worm Protection *disabled*
FW: BitDefender Firewall *disabled*
FW: Norton Internet Security 2006 *disabled*
FW: Kaspersky Internet Security *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Michael.MIKES\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
mDefault_Page_URL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
mWinlogon: UIHost=c:\windows\system32\logonuiX.exe
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2009\ievkbd.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [LClock] c:\program files\lclock\LClock.exe
uRun: [Vista Rainbar] c:\program files\vista rainbar\launcher.exe
uRun: [ViStart] c:\program files\vistart\ViStart.exe
uRun: [VisualTooltip] c:\program files\visualtooltip\VisualToolTip.exe
uRun: [DLD.EXE] c:\program files\download direct\DLD.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] nwiz.exe /installquiet /nodetect
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: []
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
mRun: [RecGuard] c:\windows\sminst\RecGuard.exe
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DrvIcon] c:\program files\vista drive icon\DrvIcon.exe
mRun: [LogonStudio] "c:\program files\wincustomize\logonstudio\logonstudio.exe" /RANDOM
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe"
mRunOnce: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\docume~1\michae~1.mik\startm~1\programs\startup\vongot~1.lnk - c:\program files\vongo\Tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eboost~1.lnk - c:\program files\eboostr\eBoostrCP.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [You must be registered and logged in to see this link.]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [You must be registered and logged in to see this link.]
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\michae~1.mik\applic~1\mozilla\firefox\profiles\pjz93rc0.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]

---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -

============= SERVICES / DRIVERS ===============

R0 eBoost;eBoostr caching filter driver;c:\windows\system32\drivers\EBoost.sys [2008-5-19 94840]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-3-8 64160]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 951632]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
S0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
S1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-31 226832]
S2 AVP;Kaspersky Internet Security;c:\program files\kaspersky lab\kaspersky internet security 2009\avp.exe [2008-11-11 206088]
S2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-7-2 82696]
S2 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccevtmgr.exe" --> c:\program files\common files\symantec shared\ccEvtMgr.exe [?]

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 9:51 pm

S2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccsetmgr.exe" --> c:\program files\common files\symantec shared\ccSetMgr.exe [?]
S2 EBOOSTRSVC;eBoostr Service;c:\program files\eboostr\EBstrSvc.exe [2008-5-19 340600]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]
S3 Arrakis3;BitDefender Arrakis Server;"c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe" --> c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [?]
S3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-8-12 111112]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]

=============== Created Last 30 ================

2009-04-06 17:22 --d----- c:\program files\Trend Micro
2009-04-05 13:58 45,056 a------- c:\windows\system32\WNASPI32.DLL
2009-04-05 13:58 16,512 a------- c:\windows\system32\drivers\ASPI32.SYS
2009-04-05 13:58 --d----- c:\program files\ImTOO
2009-04-05 13:53 53,248 a------- c:\windows\system32\xvid.ax
2009-04-05 13:53 --d----- c:\program files\Plato DVD Ripper Professional
2009-04-04 23:59 168,448 a------- c:\windows\system32\unrar.dll
2009-04-04 23:59 414 a------- c:\windows\system32\lame_acm.xml
2009-04-04 23:59 839,680 a------- c:\windows\system32\lameACM.acm
2009-04-04 23:59 795,648 a------- c:\windows\system32\xvidcore.dll
2009-04-04 23:59 217,088 a------- c:\windows\system32\yv12vfw.dll
2009-04-04 23:59 118,784 a------- c:\windows\system32\ac3acm.acm
2009-04-04 23:59 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2009-04-04 23:59 684,032 a------- c:\windows\system32\divx.dll
2009-04-04 23:59 130,048 a------- c:\windows\system32\xvidvfw.dll
2009-04-04 23:59 86,016 a------- c:\windows\system32\dpl100.dll
2009-04-04 23:59 67,584 a------- c:\windows\system32\ff_vfw.dll
2009-04-04 23:59 547 a------- c:\windows\system32\ff_vfw.dll.manifest
2009-04-04 23:58 60,273 a------- c:\windows\system32\pthreadGC2.dll
2009-04-04 23:58 --d----- c:\program files\K-Lite Codec Pack
2009-04-01 18:41 67,768 a------- c:\docume~1\michae~1.mik\applic~1\GDIPFONTCACHEV1.DAT
2009-03-31 22:54 --d----- c:\program files\NVT Malware Remover Tool
2009-03-31 15:55 101,287 a------- c:\windows\system32\drivers\klin.dat
2009-03-31 15:55 89,601 a------- c:\windows\system32\drivers\klick.dat
2009-03-31 15:54 1,953,312 a--sh--- c:\windows\system32\drivers\fidbox.dat
2009-03-31 15:54 393,248 a--sh--- c:\windows\system32\drivers\fidbox2.dat
2009-03-31 15:54 18,436 a--sh--- c:\windows\system32\drivers\fidbox.idx
2009-03-31 15:54 3,472 a--sh--- c:\windows\system32\drivers\fidbox2.idx
2009-03-31 15:54 --d----- c:\program files\Kaspersky Lab
2009-03-31 15:54 --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-03-31 15:31 --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-03-30 22:02 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-03-30 22:02 25,856 a------- c:\windows\system32\dllcache\usbprint.sys
2009-03-30 22:01 31,616 a------- c:\windows\system32\drivers\usbccgp.sys
2009-03-30 22:01 31,616 a------- c:\windows\system32\dllcache\usbccgp.sys
2009-03-22 21:29 225,280 a------- c:\windows\system32\rewire.dll
2009-03-22 21:29 --d----- c:\program files\VstPlugins
2009-03-22 21:29 1,294,336 a------- c:\windows\system32\vorbis.acm
2009-03-22 21:27 --d----- c:\program files\Image-Line
2009-03-15 22:26 --d----- c:\program files\Hide Your IP Address
2009-03-15 21:53 104,237 a------- c:\windows\Rapishare Free Account Check Uninstaller.exe
2009-03-15 21:53 --d----- c:\program files\Rapishare Free Account Check
2009-03-15 19:27 24 a------- c:\windows\LogonStudio.ini
2009-03-15 19:27 187,392 a------- c:\windows\system32\JPGUtils.dll
2009-03-15 19:27 198,656 a------- c:\windows\system32\comdlg32.ocx
2009-03-15 19:27 --d----- c:\program files\WinCustomize
2009-03-15 19:27 --d----- c:\program files\common files\Stardock
2009-03-14 14:02 --d----- c:\program files\common files\Macrovision Shared
2009-03-12 17:52 --d----- c:\program files\ViOrb
2009-03-12 17:32 --d----- c:\windows\system32\VIRepair
2009-03-12 17:23 --d----- c:\docume~1\michae~1.mik\applic~1\Styler
2009-03-12 17:19 --d----- c:\program files\ViSplore
2009-03-12 17:19 --d----- c:\program files\TrueTransparency
2009-03-12 17:19 --d----- c:\program files\WinFlip
2009-03-12 17:19 --d----- c:\program files\Styler
2009-03-12 17:19 --d----- c:\program files\Vista Rainbar
2009-03-12 17:19 220,672 a------- c:\windows\system32\logon.scr
2009-03-12 17:19 220,672 a------- c:\windows\system32\dllcache\logon.scr
2009-03-12 17:16 78,942 a------- c:\windows\Icon_1.ico
2009-03-12 17:16 --d----- c:\windows\system32\VITrans
2009-03-12 17:16 --d----- C:\VTPFiles
2009-03-12 17:15 111,104 a------- c:\windows\system32\Uharc.exe
2009-03-12 17:15 94,208 a------- c:\windows\system32\pskill.exe
2009-03-12 17:15 69,632 a------- c:\windows\system32\moveex.exe
2009-03-12 17:15 19,968 a------- c:\windows\system32\reico.exe
2009-03-12 17:15 8,636 a------- c:\windows\system32\modifype.exe
2009-03-12 17:12 20,480 a------- c:\windows\system32\scrnrdr.exe
2009-03-11 18:47 --d----- c:\docume~1\alluse~1\applic~1\iTunesFolderWatch
2009-03-11 18:46 --d----- c:\program files\JezSoft
2009-03-11 18:06 --d----- c:\program files\RocketDock
2009-03-11 17:50 -cd-h--- c:\docume~1\alluse~1\applic~1\{B98A2B83-8BB0-42E7-AA1D-D6FA6E7C8F31}
2009-03-11 17:50 --d----- c:\program files\Stardock
2009-03-11 15:37 --d----- c:\docume~1\alluse~1\applic~1\eboostr
2009-03-11 15:37 --d----- c:\program files\eBoostr
2009-03-10 21:59 15,688 a------- c:\windows\system32\lsdelete.exe
2009-03-09 21:44 218,624 a------- c:\windows\system32\uxtheme.backup
2009-03-09 21:44 218,624 a------- c:\windows\system32\dllcache\uxtheme.dll
2009-03-09 00:53 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-03-09 00:53 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-09 00:52 --d----- c:\program files\iPod
2009-03-09 00:52 --d----- c:\program files\iTunes
2009-03-09 00:52 --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-09 00:51 --d----- c:\program files\Bonjour
2009-03-09 00:36 --d----- c:\docume~1\michae~1.mik\applic~1\LimeWire
2009-03-09 00:32 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-09 00:32 73,728 a------- c:\windows\system32\javacpl.cpl
2009-03-09 00:31 --d----- c:\program files\LimeWire
2009-03-08 22:16 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-03-08 22:10 --d----- c:\program files\Lavasoft
2009-03-08 14:31 -cd-h--- c:\docume~1\alluse~1\applic~1\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-03-08 14:30 --d----- c:\docume~1\michae~1.mik\applic~1\Malwarebytes
2009-03-08 14:30 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-08 14:30 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-08 14:30 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-08 14:30 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-08 13:48 --d----- c:\program files\MSXML 4.0
2009-03-07 19:41 --d----- c:\docume~1\michae~1.mik\applic~1\ESET
2009-03-07 19:39 --d----- c:\program files\ESET
2009-03-07 18:00 --d----- c:\windows\system32\CatRoot_bak
2009-03-07 18:00 272,128 -------- c:\windows\system32\drivers\bthport.sys
2009-03-07 18:00 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2009-03-07 17:58 23,040 -------- c:\windows\kb913800.exe
2009-03-07 17:58 202,752 -------- c:\windows\system32\dllcache\rmcast.sys
2009-03-07 17:57 453,632 -------- c:\windows\system32\dllcache\mrxsmb.sys
2009-03-07 17:57 333,184 -------- c:\windows\system32\dllcache\srv.sys
2009-03-07 17:57 331,776 -------- c:\windows\system32\dllcache\msadce.dll
2009-03-07 17:57 683,520 -------- c:\windows\system32\dllcache\inetcomm.dll
2009-03-07 17:57 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-03-07 17:57 332,800 -------- c:\windows\system32\dllcache\netapi32.dll
2009-03-07 17:57 1,106,944 -------- c:\windows\system32\dllcache\msxml3.dll

==================== Find3M ====================

2009-03-31 16:09 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-03-15 19:41 2,591,744 a------- c:\windows\system32\logonuiX.exe
2009-03-07 19:36 81,984 a------- c:\windows\system32\bdod.bin
2009-03-05 17:11 111,112 a------- c:\windows\system32\drivers\bdfm.sys
2009-03-05 17:11 82,696 a------- c:\windows\system32\drivers\BDVEDISK.sys
2009-03-05 01:26 1,658 a--shr-- c:\windows\system32\drivers\103C_HP_NTBK_HP Pavilion dv6000 (RG253UA#ABA)_YN_0Pavi_QCNF6414BPK_E432250001_46_I30B7_SQuanta_V65.2B_BF.3D_T071122_WXP2_L409_M479_J80_7AMD_8Turion 64 Technology MK-36_92.01_#090302_N14E44311_(RG253UA#ABA)_XMOBILE.MRK
2009-03-02 20:18 92,819 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-09 06:19 1,846,272 a------- c:\windows\system32\win32k.sys
2009-02-09 06:19 1,846,272 -------- c:\windows\system32\dllcache\win32k.sys

============= FINISH: 17:50:45.98 ===============

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 9:56 pm

Hello.
This looks fine, we just need to remove 2 of the 3 AV's you are running.

  • Open HijackThis
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 10:02 pm

Ad-Aware
Ad-Aware
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 7.0.5
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Mobile Device Support
Apple Software Update
Bonjour
CC_ccProxyExt
ccCommon
ccPxyCore
Conexant HD Audio
Critical Update for Windows Media Player 11 (KB959772)
eBoostr 2
FL Studio 7
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896256)
Hotfix for Windows XP (KB909095)
Hotfix for Windows XP (KB910728)
Hotfix for Windows XP (KB912436)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
HP Help and Support
HP Imaging Device Functions 6.0
HP Photosmart Premier Software 6.0
HP Quick Launch Buttons 6.10 A2
HP QuickPlay 2.3
HP Update
HP User Guides 0031
HP Wireless Assistant 2.00 G2
IconPackager
IconPackager
IL Download Manager
ImTOO DVD Ripper Ultimate
iTunes
iTunesFolderWatch
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 11
Kaspersky Internet Security 2009
Kaspersky Internet Security 2009
K-Lite Codec Pack 4.7.5 (Full)
LimeWire PRO 5.0.11
LogonStudio
Macromedia Flash Player 8
Macromedia Shockwave Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB930494)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office Standard Edition 2003
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Works
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 5.0
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Protection Center
NVIDIA Drivers
NVT Malware Remover Tool v2.0.8b1
Office 2003 Trial Assistant
Otto
PDF Settings
PeerGuardian 2.0
Plato DVD Ripper Professional 6.66.14
Quicken 2006
QuickTime
Rapishare Free Account Check
RocketDock 1.3.5
Royale Remixed Theme
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Soft Data Fax Modem with SmartCP
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SonicAC3Encoder
SonicMPEGEncoder
Synaptics Pointing Device Driver
TourSetup
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB911164)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
ViOrb
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Vongo
Windows Installer 3.1 (KB893803)
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885855
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890546
Windows XP Hotfix - KB891220
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB892559
Windows XP Media Center Edition 2005 KB925766
WinRAR archiver
Wireless Home Network Setup

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 10:10 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    J2SE Runtime Environment 5.0 Update 6
    Java(TM) 6 Update 11
    Kaspersky Internet Security 2009
    Kaspersky Internet Security 2009
    LimeWire PRO 5.0.11
    Norton Internet Security
    Norton Internet Security
    Norton Internet Security
    Norton Protection Center


Then update and enable BitDefender please.
Let me know how that goes and how the machine is running now.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by bronbron81 on 6th April 2009, 10:57 pm

Everything is working like normal again. Thank you so much!

bronbron81
Intermediate
Intermediate

Posts Posts : 72
Joined Joined : 2009-03-02
OS OS : Window Xp Media center edition 2005
Points Points : 28666
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Spyware protect 2009

Post by Belahzur on 6th April 2009, 11:38 pm

Great. Smile

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers. Goofy

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]
A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
[You must be registered and logged in to see this link.]
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.
[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or
[You must be registered and logged in to see this link.]
A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.
The link can be found [You must be registered and logged in to see this link.].

Hopefully this should take care of your problems! Good luck. Big Grin


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245111
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum