Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My HJT log, after help from other forum here!


  • This topic is locked This topic is locked
30 replies to this topic

#1 waterface

waterface

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 17 February 2009 - 04:41 PM

Hi
I posted in the 'am i infected' forum & was helped but advised to post a HJT log to make sure my system wasn't infected with any nasties.
I had an issue where i was being redirected to my Google homepage when clicking on a link. Malwarebytes anti-malware has found nothing, neither did Superantispywareblaster, but on the occasion that i had the issue i received this prompt from my antivir!

Virus or unwanted program 'HTML/Shellcode.Gen [virus]'
detected in file 'C:\Documents and Settings\Administrator\Local Settings\Temp\q067xcua.pdf.
Action performed: Deny access

Here is my HJT log & help appreciated :thumbup2:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:16, on 17/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.orange.co.uk/iesearch/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 4330 bytes

BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:05:53 PM

Posted 01 March 2009 - 01:31 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 04 March 2009 - 08:34 AM

My pc does seem to be running ok now & superantispyware has not found anything & neither does my AV. I guess it has resolved the issue.
If need be to make sure, i will run the programme, but am unsure as to how to disable my AV without uninstalling!
Do i need to disable the scanner and the guard that is working all the time?

thanks

wf

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:05:53 PM

Posted 04 March 2009 - 09:09 AM

Directions for disabling your AV are here > http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/ AVIRA ANTIVIR

If you feel the problems are solved now we'll close this thread.
You can always ask for it to be reopened.
Or if a new problem, start another thread.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#5 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 04 March 2009 - 12:08 PM

thanks, i will do this a little later & post my log & let you know, just to make sure there are no hidden nasties!, maybe tomorrow as i am busy until then.

Many thanks

wf

#6 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 06 March 2009 - 01:09 PM

Ok, here is my logfile done with my AV disabled & offline.
There is another attached file.


DDS (Ver_09-02-01.01) - NTFSx86
Run by Administrator at 18:02:35.79 on 06/03/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.503.298 [GMT 0:00]

AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\Administrator\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://www.orange.co.uk/iesearch/
mDefault_Page_URL = hxxp://www.orange.co.uk
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [Ashampoo FireWall] "c:\program files\ashampoo\ashampoo firewall\FireWall.exe" -TRAY
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\90yhb3fy.default\
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.orange.co.uk/all?brand=ouk&p=_ffadr&pt=ffcd&tab=web&q=

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2008-8-15 11840]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-4 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 55024]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2008-8-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2008-8-15 151297]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2008-8-15 52032]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]
S3 BTCOMM;BTCOMM;c:\windows\system32\drivers\btcomm.sys --> c:\windows\system32\drivers\Btcomm.sys [?]
S3 BTKRNBDG;Bluetooth COM Bridge;c:\windows\system32\drivers\btkrnbdg.sys --> c:\windows\system32\drivers\btkrnbdg.sys [?]
S3 CSRBC01;%CSRBC01.SvcDesc%;c:\windows\system32\drivers\csrbc01.sys --> c:\windows\system32\drivers\csrbc01.sys [?]
S3 vad_multi;Windigo Virtual Audio Device (WDM);c:\windows\system32\drivers\vadmulti.sys --> c:\windows\system32\drivers\vadmulti.sys [?]

=============== Created Last 30 ================

2009-02-16 18:56 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-02-16 18:55 <DIR> --d----- c:\documents and settings\administrator\.housecall6.6

==================== Find3M ====================

2009-02-11 10:19 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 10:19 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-30 21:10 410,984 a------- c:\windows\system32\deploytk.dll
2003-04-09 14:01 90,112 a------- c:\windows\inf\MdmXSdk.dll

============= FINISH: 18:03:00.84 ===============

#7 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 13 March 2009 - 10:39 AM

my AV recently found this :-

Virus or unwanted program 'HEUR/HTML.Malware [heuristic]'
detected in file 'C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\90yhb3fy.default\Cache\9D89DAEBd01.
Action performed: Deny access

so here is another HJT log if needed!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:38:43, on 13/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.orange.co.uk/iesearch/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.orange.co.uk
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.orange.co.uk
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 4342 bytes

#8 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 20 March 2009 - 09:55 AM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.


Since it has been a while, I would like to see a New pair of DDS logs please. Next run an online scan as well. :thumbup2:

Run Kaspersky Online Scanner
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

In your next reply please include the following:
  • DSS.txt
  • Attach.txt
  • Kaspersky's Log
  • What Problems do you still have?

Important Note: For other users who are reading this topic,the instructions provided in this topic are for the original topic starter ONLY. Even if you have similar problems or even log entries to those given here, please do not follow the directions, especially those involving specific tools and scripts. Doing so can result in serious damage to your computer. Instead, please start your own topic and feel free to link to any relevant topics as needed.Please Do NOT follow the instructions provided for this topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#9 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 22 March 2009 - 06:29 PM

Hi EB & thanks
here is my Kaspersky log file, my DDS logfile & Attach logfile.
However, in the Kaspersky scan, i didn't go to 'settings' & 'save' before i clicked 'My computer' & let the scan start! Do i need to do it again? Also, after i accepted, i had an issue with a java window opening

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, March 22, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, March 22, 2009 20:52:37
Records in database: 1952222
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\

Scan statistics:
Files scanned: 16669
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 00:34:04

No malware has been detected. The scan area is clean.

The selected area was scanned.



DDS (Ver_09-03-16.01) - NTFSx86
Run by Administrator at 23:13:28.21 on 22/03/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.503.251 [GMT 0:00]

AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\MailWasher\MailWasher.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearch Bar = hxxp://www.orange.co.uk/iesearch/
mDefault_Page_URL = hxxp://www.orange.co.uk
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {E97B5F2E-CA8E-4D34-BDA3-44EEC4ED2B12} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [Ashampoo FireWall] "c:\program files\ashampoo\ashampoo firewall\FireWall.exe" -TRAY
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\ashampoo\ashampoo firewall\spi.dll
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\90yhb3fy.default\
FF - prefs.js: browser.startup.homepage - www.google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.orange.co.uk/all?brand=ouk&p=_ffadr&pt=ffcd&tab=web&q=

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir personaledition classic\avgio.sys [2008-8-15 11840]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-4 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 55024]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler;c:\program files\avira\antivir personaledition classic\sched.exe [2008-8-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard;c:\program files\avira\antivir personaledition classic\avguard.exe [2008-8-15 151297]
R3 avgntflt;avgntflt;c:\program files\avira\antivir personaledition classic\avgntflt.sys [2008-8-15 52032]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]
S3 BTCOMM;BTCOMM;c:\windows\system32\drivers\btcomm.sys --> c:\windows\system32\drivers\Btcomm.sys [?]
S3 BTKRNBDG;Bluetooth COM Bridge;c:\windows\system32\drivers\btkrnbdg.sys --> c:\windows\system32\drivers\btkrnbdg.sys [?]
S3 CSRBC01;%CSRBC01.SvcDesc%;c:\windows\system32\drivers\csrbc01.sys --> c:\windows\system32\drivers\csrbc01.sys [?]
S3 vad_multi;Windigo Virtual Audio Device (WDM);c:\windows\system32\drivers\vadmulti.sys --> c:\windows\system32\drivers\vadmulti.sys [?]

=============== Created Last 30 ================


==================== Find3M ====================

2009-02-16 18:56 102,664 a------- c:\windows\system32\drivers\tmcomm.sys
2009-02-11 10:19 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 10:19 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-30 21:10 410,984 a------- c:\windows\system32\deploytk.dll
2003-04-09 14:01 90,112 a------- c:\windows\inf\MdmXSdk.dll

============= FINISH: 23:14:05.39 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 09/11/2007 19:51:47
System Uptime: 22/03/2009 21:27:57 (2 hours ago)

Motherboard: Compaq | | 07E4h
Processor: Intel® Pentium® 4 CPU 2.00GHz | XU1 PROCESSOR | 1994/400mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 32.293 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&36B16CB7&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&36B16CB7&0
Service: i8042prt

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Windigo Virtual Audio Device (WDM)
Device ID: ROOT\MEDIA\0000
Manufacturer: Windigo BT Audio
Name: Windigo Virtual Audio Device (WDM)
PNP Device ID: ROOT\MEDIA\0000
Service: vad_multi

==== System Restore Points ===================

RP239: 19/12/2008 13:12:32 - System Checkpoint
RP240: 20/12/2008 21:32:09 - System Checkpoint
RP241: 23/12/2008 20:27:26 - System Checkpoint
RP242: 24/12/2008 20:31:52 - Installed XTNDConnect Blue Manager
RP243: 24/12/2008 20:46:39 - Removed XTNDConnect Blue Manager
RP244: 30/12/2008 21:08:34 - Removed Java™ 6 Update 10
RP245: 30/12/2008 21:10:32 - Installed Java™ 6 Update 11
RP246: 03/01/2009 17:20:16 - System Checkpoint
RP247: 04/01/2009 22:18:40 - System Checkpoint
RP248: 14/01/2009 10:50:04 - System Checkpoint
RP249: 18/01/2009 23:48:20 - System Checkpoint
RP250: 22/01/2009 17:31:01 - System Checkpoint
RP251: 26/01/2009 16:57:27 - System Checkpoint
RP252: 06/02/2009 11:31:24 - System Checkpoint
RP253: 09/02/2009 10:36:21 - System Checkpoint
RP254: 11/02/2009 00:37:27 - System Checkpoint
RP255: 13/02/2009 10:33:53 - System Checkpoint
RP256: 16/02/2009 15:46:52 - System Checkpoint
RP257: 17/02/2009 17:50:45 - System Checkpoint
RP258: 20/02/2009 10:51:08 - System Checkpoint
RP259: 23/02/2009 17:44:52 - System Checkpoint
RP260: 27/02/2009 15:27:11 - System Checkpoint
RP261: 28/02/2009 20:50:00 - System Checkpoint
RP262: 03/03/2009 20:06:21 - System Checkpoint
RP263: 07/03/2009 19:11:29 - System Checkpoint
RP264: 09/03/2009 14:15:44 - System Checkpoint
RP265: 10/03/2009 19:23:47 - System Checkpoint
RP266: 12/03/2009 07:58:45 - System Checkpoint
RP267: 13/03/2009 14:49:51 - System Checkpoint
RP268: 14/03/2009 20:25:42 - System Checkpoint
RP269: 16/03/2009 17:25:20 - System Checkpoint
RP270: 18/03/2009 00:25:28 - System Checkpoint
RP271: 19/03/2009 15:55:37 - System Checkpoint
RP272: 22/03/2009 22:46:28 - System Checkpoint

==== Installed Programs ======================

Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Ashampoo FireWall 1.20
Avira AntiVir Personal - Free Antivirus
CCleaner (remove only)
Foxit Reader
HijackThis 2.0.2
HP Product Detection
Intel® Extreme Graphics Driver
Intel® PRO Network Connections 12.0.36.0
Java™ 6 Update 11
MailWasher
Malwarebytes' Anti-Malware
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.20)
MSN
NetWaiting
PC Inspector File Recovery
SoundMAX WDM Driver
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Update for Windows XP (KB911164)
WebFldrs XP
Windows Driver Package - MSN (usbccgp) USB (04/19/2006 1.1.0.2)
Windows Live Messenger
Windows Live Sign-in Assistant
Zoom V.92 PCI Voice Faxmodem

==== Event Viewer Messages From Past Week ========

19/03/2009 23:16:35, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

==== End Of File ===========================


many thanks

#10 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 22 March 2009 - 06:35 PM

Hello WF.

I think we met before?

I think it's okay since you were able to get the Kaspersky log. :thumbup2:

Could you please let me know any problems you currently have? The logs look okay and the Kaspersky scan was clean.

There is some house-work we can do though.

With regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#11 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 22 March 2009 - 06:47 PM

Hi EB
Yes, we met before!, my pc seems ok at the moment however sometimes it takes time to scroll down my browser & i can hear it working overtime inside fan etc when streaming & runnng SAS!!

Like my CPU fan (i think) works overtime more often of late & am wondering if there's a way of knowing what condition the hardware in my pc is in!, if it's worn out etc!

I am currently just using Superantispyware only but have Adaware & Spybot which i never use as they rarely find anything & Spybot takes so long! Do i need these 2 programmes if i have SAS?

I thought i needed to keep Spybot & keep the 'immunization' updated?

Thanks

#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 22 March 2009 - 07:02 PM

Hi again.

Hardware doesn't go in this forum but I will answer your questions regarding security wise.

Do i need these 2 programmes if i have SAS?

I thought i needed to keep Spybot & keep the 'immunization' updated?

I don't find AA and SB S&D very useful now. I don't think they are necessary IMO. If it was me, I would uninstall it. The 'immunization' feature is just an extra thing. You can instead use Spyware Blaster which does the exact same thing and uses NO system resources. Just remember to update it every week or so.

If you do want a real-time protection anti-spyware program installed, I think Spyware Terminator is a good anti-spyware program and it's free.

You might also want to have a firewall installed for your protection.

Install Firewall

Install a third-party firewall from the following selection of excellent programsThe main reason you would prefer a third-party firewall over the Windows XP Firewall is because Windows Firewall only stops incoming signals from accessing your computer. However, it will not stop Outgoing signles (possibly ones that could intrude your privacy) from sending information to the Internet or to other networks.

After you have installed one of the above firewalls, please disable your Windows Firewall, if you had it enabled.

*Note: If you choose the PC Tools Firewall Plus and you are asked to install ThreatFire do not do so.

Regarding your Hardware problem you might want to start a topic over here: http://www.bleepingcomputer.com/forums/f/7/internal-hardware/

Other problems regarding Windows XP itself start a topic over here: http://www.bleepingcomputer.com/forums/f/56/windows-xp-home-and-professional/

With Regards,
extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 22 March 2009 - 07:10 PM

Hi EB

I do have Ashampoo Firewall installed although am not sure if it is updated or whether it automatically does this!

Is Superantispyware similar to Spyware blaster & can i use the simultaneously?

I run SAS weekly & my Avir Antivirus programme & thats all! I also have Malwarebytes antimalware installed, but hardly use it unless i have been prompted to here!!

Is immunization necessary?

I will start a thread on the 'hardware' forum.

Thanks

wf

#14 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:53 PM

Posted 22 March 2009 - 07:19 PM

Hello.

Is Superantispyware similar to Spyware blaster & can i use the simultaneously?

No. They are actually quite different. Spyware Blaster is like the immunization for Spybot S&D at that's all it does. Yes, you can use it simultaneously. Just to let you know Spyware Blaster does NOT scan for any malware as it's not a anti-spyware scanner but just to protect you from known Active X controls.

I run SAS weekly & my Avir Antivirus programme & thats all! I also have Malwarebytes antimalware installed, but hardly use it unless i have been prompted to here!!

That's fine. You should also use MBAM's quick scan every week or so as it only takes a few minutes and it can find abd remove certain malware that most scanners can not.

For my protection all I have is: Avira and MBAM

Is immunization necessary?

Well, it really depends on you. For me, I use to have Spywareblaster installed and also SAS but I got tired of updating it and scanning with SAS as it takes a long time and it rarely finds anything so I removed them. Spywareblaster is actually a very good program and it's really helpful especially if you go surfing on the web a lot and downloading things on the web. Spyware Blaster takes no resources so why not have it installed?

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#15 waterface

waterface
  • Topic Starter

  • Members
  • 177 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 22 March 2009 - 07:30 PM

Thanks
Finally
I will look into Spyware blaster & use it instead of Spybot & Adaware. If it works in real time, i wonder if it will clash with my Avir guard etc!

Does my firewall have to be updated i wonder?, as i don't recall ever doing so & it does still seem to be protectig me when i look at the logs that it shows & they all seem up to date!

Many thanks for your advice!

wf




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users