TechSpot

Very slow Win7

By boetius
Oct 3, 2011
  1. Hi,
    Most processes (esp. saving) are very slow - MS Word, Outlook, Act!
    Running MS Sec. Essentials

    Is there a virus or malware?
    Thanks very much,
    Mike

    = = = = = = = = = = = = = = = = = = = = = = = = =
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 7849

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    10/2/2011 10:06:58 PM
    mbam-log-2011-10-02 (22-06-58).txt

    Scan type: Full scan (C:\|D:\|)
    Objects scanned: 356987
    Time elapsed: 44 minute(s), 49 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\program files (x86)\UltraVNC\vnchooks.dll (Spyware.Passwords) -> Quarantined and deleted successfully.
    = = = = = = = = = = = = = = = = = = = = = = = = =

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-10-03 07:25:30
    Windows 6.1.7601 Service Pack 1
    Running: eqk7rxsr.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002713d5d391
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002713d5d391 (not active ControlSet)

    ---- EOF - GMER 1.0.15 ----

    = = = = = = = = = = = = = = = = = = = = = = = = =

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by MDK at 7:34:42 on 2011-10-03
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1910.834 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientSvc.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
    C:\Program Files\Windows Home Server\esClient.exe
    C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
    C:\Program Files (x86)\Google\Update\1.3.21.69\GoogleCrashHandler.exe
    C:\Program Files (x86)\JouleMeter\JoulemeterService.exe
    C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Users\MDK\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mstart.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
    C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientTray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mcomm.exe
    C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mlauncher.exe
    C:\Program Files\Windows Home Server\WHSTrayApp.exe
    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
    C:\Program Files\Windows Home Server\WHSConnector.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: {d5233fcd-d258-4903-89b8-fb1568e7413d} - mscoree.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    TB: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SansaDispatch] C:\Users\MDK\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    uRun: [GoToMeeting] "C:\Program Files (x86)\Citrix\GoToMeeting\457\g2mstart.exe" "/Trigger RunAtLogon"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Act.Outlook.Service] "C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe"
    mRun: [Act! Preloader] "C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe" -preload
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [WHSClient] C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientTray.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\MDK\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    TCP: DhcpNameServer = 216.146.35.35 216.146.36.36
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B} : DhcpNameServer = 216.146.35.35 216.146.36.36
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\37471697F6E6C696E656F536F6E666 : DhcpNameServer = 192.168.54.1
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\37471697F6E6C696E656F5C4F6262697 : DhcpNameServer = 192.168.60.1
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\A4F637865716 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\C696E6B6379737 : DhcpNameServer = 68.87.85.102 68.87.69.150
    TCP: Interfaces\{05C1ABB1-2895-4E29-AD47-55B40D6BD19B}\F46756274627966756D2435333 : DhcpNameServer = 192.168.0.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Foxit PDF Creator Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO-X64: Ask Toolbar BHO - No File
    BHO-X64: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
    BHO-X64: Google Gears Helper - No File
    TB-X64: Foxit PDF Creator Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Act.Outlook.Service] "C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe"
    mRun-x64: [Act! Preloader] "C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe" -preload
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [WHSClient] C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientTray.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\MDK\AppData\Roaming\Mozilla\Firefox\Profiles\1e59rl3h.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/reader/view/?hl=en&tab=wy#stream/feed%2Fhttp%3A%2F%2Ffeeds2.feedburner.com%2Fducttapemarketing%2FnRUD|https://www.google.com/calendar/render?sa=N&hl=en&tab=lc|https://mail.google.com/mail/#inbox
    FF - component: C:\Program Files (x86)\Google\Google Gears\Firefox\lib\ff36\gears.dll
    FF - component: C:\Users\MDK\AppData\Roaming\Mozilla\Firefox\Profiles\1e59rl3h.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
    FF - component: C:\Users\MDK\AppData\Roaming\Mozilla\Firefox\Profiles\1e59rl3h.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}\platform\WINNT_x86-msvc\components\enbar.dll
    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\MDK\AppData\Roaming\Mozilla\plugins\npatgpc.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-20 98208]
    R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-1-10 231280]
    R2 AutoExitClientService;AutoExit for WHS Client Service;C:\Program Files (x86)\ASoft\AutoExitWHS\AEClientSvc.exe [2011-1-6 24576]
    R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
    R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys --> C:\Windows\system32\drivers\cpuz134_x64.sys [?]
    R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2011-1-10 109936]
    R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-20 13336]
    R2 Joulemeter Service;Joulemeter Service;C:\Program Files (x86)\JouleMeter\JoulemeterService.exe [2010-9-10 64816]
    R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-8 373640]
    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
    R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-20 2320920]
    R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2011-1-10 489840]
    R3 BackupReader;BackupReader;C:\Windows\system32\DRIVERS\BackupReader.sys --> C:\Windows\system32\DRIVERS\BackupReader.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 ACT! Scheduler;ACT! Scheduler;C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [2009-8-24 81920]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-7 136176]
    S2 MSSQL$ACT7;SQL Server (ACT7);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
    S3 gbridge;Gbridge Virtual Miniport;C:\Windows\system32\DRIVERS\gbridge64.sys --> C:\Windows\system32\DRIVERS\gbridge64.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-7 136176]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
    S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-20 225280]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 DynDNS Updater;DynDNS Updater;C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe [2010-4-16 103800]
    .
    =============== Created Last 30 ================
    .
    2011-10-03 12:26:02 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55F81D4E-8DD0-4C92-BB16-1F9181CBE41D}\offreg.dll
    2011-10-03 12:26:00 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55F81D4E-8DD0-4C92-BB16-1F9181CBE41D}\mpengine.dll
    2011-10-02 22:57:16 -------- d-----w- C:\Users\MDK\AppData\Roaming\Malwarebytes
    2011-10-02 22:57:06 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-10-02 22:57:01 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-10-02 22:57:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-09-08 14:11:24 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E1BADA1B-44CB-4EA3-897A-ECB7086A214A}\gapaengine.dll
    2011-09-08 12:22:01 -------- d-----w- C:\Program Files (x86)\Ask.com
    .
    ==================== Find3M ====================
    .
    2011-10-03 03:11:20 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-02 20:42:58 848 --sha-w- C:\ProgramData\KGyGaAvL.sys
    2011-09-09 19:51:46 60304 ----a-w- C:\Users\MDK\g2mdlhlpx.exe
    2011-08-26 13:24:12 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-08-26 13:23:56 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
    2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-16 05:37:12 421888 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-09 05:26:20 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-07-09 04:29:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    .
    ============= FINISH: 7:35:14.30 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 11/27/2010 7:21:03 AM
    System Uptime: 10/2/2011 10:08:42 PM (9 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1439
    Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz | CPU | 919/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 217 GiB total, 160.442 GiB free.
    D: is FIXED (NTFS) - 16 GiB total, 2.307 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP269: 9/16/2011 7:02:39 AM - Installed Java(TM) 6 Update 26
    RP270: 9/18/2011 3:00:48 AM - Windows Update
    RP271: 9/21/2011 2:55:27 PM - Windows Update
    RP272: 9/26/2011 8:01:54 PM - Windows Update
    RP273: 9/28/2011 3:00:21 AM - Windows Update
    RP274: 10/2/2011 3:34:30 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    3ivx MPEG-4 5.0.3 (remove only)
    Acrobat.com
    ACT! by Sage 2010
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3 MUI
    Adobe Shockwave Player 11.5
    Amazon MP3 Downloader 1.0.12
    Apple Application Support
    Apple Software Update
    Ask Toolbar
    ASoft AutoExit 2009 for WHS
    Audacity 1.2.6
    Business Contact Manager for Outlook 2007 SP2
    CinemaNow Media Manager
    Click to Call with Skype
    ConvertHelper 2.2
    CyberLink DVD Suite
    CyberLink MediaShow
    CyberLink PowerDVD 9
    CyberLink YouCam
    D3DX10
    DynDNS Updater
    Easy Thumbnails (Remove only)
    Energy Star Digital Logo
    ESU for Microsoft Windows 7
    Evernote v. 4.2.2
    Exact Audio Copy 0.99pb3
    FileZilla Client 3.4.0
    FlipShare
    Foxit PDF Editor
    Foxit Reader
    Google Chrome
    Google Earth
    Google Gears
    Google SketchUp 8
    Google Update Helper
    GoToMeeting 5.0.0.799
    HandBrake 0.9.5
    HP Advisor
    HP Customer Experience Enhancements
    HP Documentation
    HP MediaSmart CinemaNow 2.0
    HP Power Manager
    HP Setup
    HP Software Framework
    HPAsset component for HP Active Support Library
    Inkscape 0.48.0
    Intel(R) Control Center
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    IrfanView (remove only)
    Java Auto Updater
    Java(TM) 6 Update 26
    Joulemeter
    Junk Mail filter update
    LabelPrint
    Logitech Harmony Remote Software
    LogMeIn
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MediaMonkey 3.2
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Primary Interop Assemblies
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office 2010
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Small Business 2007
    Microsoft Office Small Business Connectivity Components
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2005 Express Edition (ACT7)
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
    Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
    Microsoft SQL Server Setup Support Files (English)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft WSE 3.0 Runtime
    MozBackup 1.4.10
    Mozilla Firefox 4.0b11 (x86 en-US)
    Mozilla Firefox 7.0.1 (x86 en-US)
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee Plugin 1.0
    Network Recording Player
    PhotoNow!
    Picasa 3
    Power2Go
    PowerDirector
    PuTTY version 0.60
    QuickTime
    Readefine Desktop
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    Roxio CinemaNow 2.0
    Sansa Updater
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2553074)
    Security Update for 2007 Microsoft Office System (KB2553089)
    Security Update for 2007 Microsoft Office System (KB2553090)
    Security Update for 2007 Microsoft Office System (KB2584063)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft Office Excel 2007 (KB2553073)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Skype™ 5.5
    UltraVNC 1.0.8.2
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Outlook 2007 (KB2583910)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2553110)
    VLC media player 1.1.5
    WebEx
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    yEd Graph Editor
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/30/2011 2:15:14 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.416.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    9/29/2011 6:09:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.416.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    9/28/2011 2:15:29 PM, Error: NetBT [4321] - The name "MSHOME :1d" could not be registered on the interface with IP address 192.168.0.9. The computer with the IP address 192.168.0.4 did not allow the name to be claimed by this computer.
    9/28/2011 1:38:53 PM, Error: BROWSER [8009] - The browser was unable to promote itself to master browser. The computer that currently believes it is the master browser is SERVER.
    9/27/2011 1:03:24 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service.
    9/26/2011 7:51:46 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
    9/26/2011 4:39:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.85.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    9/26/2011 4:30:49 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.
    9/26/2011 4:30:49 PM, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/2/2011 5:04:41 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WHSConnector service.
    10/2/2011 11:55:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.631.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    10/2/2011 10:12:40 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The system cannot find the file specified.
    10/2/2011 10:09:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (ACT7) service to connect.
    10/2/2011 10:09:59 PM, Error: Service Control Manager [7000] - The SQL Server (ACT7) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    10/2/2011 1:57:29 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.631.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    .
    ==== End Of File ===========================
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! Please know that I was already on the board when you posted, so I picked up your thread. The log reviews and subsequent work will not be this fast!

    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.

    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    [Slow] has a lot of reasons- malware is just one of them. For a system to suddenly become drastically slow suddenly, you would have to have a massive malware infection for that to be the cause and I'm not seeing that now.

    Here are some of the reasons you are slow:
    1. Joulemeter is installed. It is software to estimate the power consumption of your computer. Version 1.2 of Joulemeter is a research preview that enables advanced users to try out some of the features of Joulemeter energy modeling.
    Note This application sends information to Microsoft Research about your computer.
    As far as I can see, ot has no other purpose that doing MS research.

    2. You are running 2 PDF Readers::
    You have Foxit PDF Editor & Foxit Reader
    You also have the Adobe Reader which does the same thing and with a lot of bulk! Keep Foxit. Uninstall Adobe Reder in Add/Remove Programs, then delete it's program folder.

    3. You have 2 versions of Firefox:
    Mozilla Firefox 4.0b11 (x86 en-US)
    Mozilla Firefox 7.0.1 (x86 en-US)
    Keep one, uninstall the other.

    4. You have the Askbar installed. This considered 'foistware', it is not a virus or malware, but it is installed without your permission or knowledge. It is often a pre-checked items on some download screens. It usually puts multiple entries on the system, including the registry. This can be removed fairly easily.

    5. 13 plugins in FF>> a lot!

    6. You have UltraVNC installed. This is:
    I note you are also using LogMeIn. If this is work related and/or you are remotely connecting to other computers, you should be getting IT help, not posting on a free internet forum staffed by volunteers.
    ===========================================
    Please address the issues above. And let me know about the work connection before was go on.
    One of them should be removed.
     
  3. boetius

    boetius TS Rookie Topic Starter Posts: 51

    Nos. 1 - 4 - deleted as directed.
    Disabled several FF plugins (MS Office, VLC, Logitech Harmony, Windows Live Photo Gallery).
    #6 - LogMeIn deleted.
    I am a self-employed painting contractor with no corporate or other Help Desk. LogMeIn was for access to my wife's computer when we travel; UltraVNC was an in-over-your-head attempt at easier access to the rest of our network (pictures, music, etc.). I'm still working on it. :)

    Techspot was very helpful last year in removing some pesky malware from my daughter's computer; I assumed I might have a similar problem.

    If I am in the wrong forum please advise. Thanks very much.
    Mike
     
  4. boetius

    boetius TS Rookie Topic Starter Posts: 51

    To clarify: I am a single painting contractor - no corporate interest or help desk and I do not offer computer or tech help or advice to anyone.

    Would you offer a next step to remedy my situation?
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Sorry Mike-I'm running behind. I'll be glad to help. If I ask about a program or entry, it doesn't mean it's 'bad'. Many times, there are processes running that the user isn't aware of, of maybe one that's running in the background be could be started when needed instead.

    You subject is that you have a 'very slow Win 7' so some of my questions and comments were related to that. There are quite few auto-up-daters running also. These start on boot, run in the background and contact the internet several time every day looking for updates that may be 6 months down the line. So I'll list some and you can choose whether you want to stop them.
    =======================================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once installed, you should see a blue screen prompt that says:
      The Recovery Console was successfully installed.
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
    ========================================
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    Please post the entire log with heading resembling this:
    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
     
  6. boetius

    boetius TS Rookie Topic Starter Posts: 51

    ComboFix 11-10-08.01 - MDK 10/08/2011 10:54:06.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1910.675 [GMT -5:00]
    Running from: c:\users\MDK\Documents\Downloads\Virus\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
    c:\users\MDK\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    c:\users\MDK\Documents\~WRL0005.tmp
    c:\users\MDK\g2mdlhlpx.exe
    c:\users\MDK\GoToAssistDownloadHelper.exe
    c:\windows\SysWow64\comct332.ocx
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))))
    .
    .
    2011-10-08 15:59 . 2011-10-08 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-10-08 15:35 . 2011-10-08 15:35 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B3A9BEA-6ACE-4F6F-9E21-36AF489756B9}\offreg.dll
    2011-10-08 13:51 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B3A9BEA-6ACE-4F6F-9E21-36AF489756B9}\mpengine.dll
    2011-10-05 16:11 . 2011-10-05 16:11 -------- d-----w- C:\nes
    2011-10-02 22:57 . 2011-10-02 22:57 -------- d-----w- c:\users\MDK\AppData\Roaming\Malwarebytes
    2011-10-02 22:57 . 2011-10-02 22:57 -------- d-----w- c:\programdata\Malwarebytes
    2011-10-02 22:57 . 2011-10-02 22:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-10-02 22:57 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-09-16 12:03 . 2011-09-16 12:03 -------- d-----w- c:\program files (x86)\Common Files\Java
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-10-08 15:43 . 2010-11-29 02:46 848 --sha-w- c:\programdata\KGyGaAvL.sys
    2011-10-03 03:11 . 2011-05-17 01:48 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-13 00:26 . 2011-01-16 22:23 9049936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2011-08-26 13:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2011-08-26 13:23 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2011-07-22 05:42 . 2011-08-11 08:03 2303488 ----a-w- c:\windows\system32\jscript9.dll
    2011-07-22 05:36 . 2011-08-11 08:03 1389056 ----a-w- c:\windows\system32\wininet.dll
    2011-07-22 05:32 . 2011-08-11 08:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2011-07-22 02:54 . 2011-08-11 08:03 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
    2011-07-22 02:48 . 2011-08-11 08:03 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
    2011-07-22 02:44 . 2011-08-11 08:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2011-07-16 05:41 . 2011-08-10 19:56 362496 ----a-w- c:\windows\system32\wow64win.dll
    2011-07-16 05:41 . 2011-08-10 19:56 243200 ----a-w- c:\windows\system32\wow64.dll
    2011-07-16 05:41 . 2011-08-10 19:56 13312 ----a-w- c:\windows\system32\wow64cpu.dll
    2011-07-16 05:39 . 2011-08-10 19:56 16384 ----a-w- c:\windows\system32\ntvdm64.dll
    2011-07-16 05:37 . 2011-08-10 19:56 421888 ----a-w- c:\windows\system32\KernelBase.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 05:21 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 04:29 . 2011-08-10 19:56 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
    2011-07-16 04:26 . 2011-08-10 19:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-07-16 04:25 . 2011-08-10 19:56 25600 ----a-w- c:\windows\SysWow64\setup16.exe
    2011-07-16 04:24 . 2011-08-10 19:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll
    2011-07-16 04:24 . 2011-08-10 19:56 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2011-07-16 04:15 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    2011-07-16 02:21 . 2011-08-10 19:56 7680 ----a-w- c:\windows\SysWow64\instnm.exe
    2011-07-16 02:21 . 2011-08-10 19:56 2048 ----a-w- c:\windows\SysWow64\user.exe
    2011-07-16 02:17 . 2011-08-10 19:56 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-10 19:56 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-10 19:56 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-07-16 02:17 . 2011-08-10 19:56 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-07-13 04:53 . 2011-08-09 08:01 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "GoToMeeting"="c:\program files (x86)\Citrix\GoToMeeting\457\g2mstart.exe" [2010-11-30 39816]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
    "Act.Outlook.Service"="c:\program files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe" [2009-08-24 28672]
    "Act! Preloader"="c:\program files (x86)\ACT\Act for Windows\ActSage.exe" [2009-08-24 331776]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
    "WHSClient"="c:\program files (x86)\ASoft\AutoExitWHS\AEClientTray.exe" [2010-08-29 94208]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    .
    c:\users\MDK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-2-16 967168]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Windows Home Server.lnk - c:\windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2010-12-28 666992]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux2"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 ACT! Scheduler;ACT! Scheduler;c:\program files (x86)\ACT\Act for Windows\Act.Scheduler.exe [2009-08-24 81920]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
    R3 gbridge;Gbridge Virtual Miniport;c:\windows\system32\DRIVERS\gbridge64.sys [x]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 136176]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-23 225280]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    R4 DynDNS Updater;DynDNS Updater;c:\program files (x86)\DynDNS Updater\DynUpSvc.exe [2010-04-16 103800]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
    S2 arXfrSvc;Windows Media Center TV Archive Transfer Service;c:\program files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-01-10 231280]
    S2 AutoExitClientService;AutoExit for WHS Client Service;c:\program files (x86)\ASoft\AutoExitWHS\AEClientSvc.exe [2010-08-29 24576]
    S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]
    S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
    S2 esClient;Windows Media Center Client Service;c:\program files\Windows Home Server\esClient.exe [2011-01-10 109936]
    S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440]
    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
    S2 MSSQL$ACT7;SQL Server (ACT7);c:\program files (x86)\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
    S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-17 315392]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
    S2 WHSConnector;Windows Home Server Connector Service;c:\program files\Windows Home Server\WHSConnector.exe [2011-01-10 489840]
    S3 BackupReader;BackupReader;c:\windows\system32\DRIVERS\BackupReader.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
    S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 22:56]
    .
    2011-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-07 22:56]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-03-13 6234144]
    "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    TCP: DhcpNameServer = 216.146.35.35 216.146.36.36
    FF - ProfilePath - c:\users\MDK\AppData\Roaming\Mozilla\Firefox\Profiles\1e59rl3h.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/reader/view/?hl=en&tab=wy#stream/feed%2Fhttp%3A%2F%2Ffeeds2.feedburner.com%2Fducttapemarketing%2FnRUD|https://www.google.com/calendar/render?sa=N&hl=en&tab=lc|https://mail.google.com/mail/#inbox
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKCU-Run-SansaDispatch - c:\users\MDK\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    HKLM-Run-LogMeIn GUI - c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-10-08 11:02:47
    ComboFix-quarantined-files.txt 2011-10-08 16:02
    .
    Pre-Run: 172,814,835,712 bytes free
    Post-Run: 172,665,679,872 bytes free
    .
    - - End Of File - - C1C1A402D62B4B2A5E951C2855630378
     
  7. boetius

    boetius TS Rookie Topic Starter Posts: 51

    ESET - no malware found, no log produced.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    The logs look good other than the auto-updates and numerous processes running as mentioned before.

    Please check and see how much RAM is installed. You should be able to do that on the Control Panel> System. RAM should show on the lower part.

    You can also use the following to uncheck processes that don't need to start on boot:
    • Click on the Windows 7 start icon in the bottom left corner of your screen.
    • Type MSCONFIG in the search box> press enter or double-click on the MSCONFIG program that appears in the search results.
      [​IMG]
    • Click on Selective Startup
    • Click on the Startup tab. You will now see the System Msconfig Utility
      [​IMG]

      Windows 7 loads almost all of Windows' essential programs are loaded through Windows Services. So most of the startup items you see here are optional and can be turned off.
      Important! When in doubt, leave it on-or- use a Startup database to identify a process you are not sure of.
    • Uncheck any process you don't want to start on boot.
    • When finished> click on OK
      Reboot the computer.
    • When you see this message come up: Check 'don't show this message again'> then Restart.
    [​IMG]
    Images courtesy NetSquirrel

    The only processes that need to start on boot are the antivirus program, third party firewall if you have one, touchpad if on laptop and network processes if using third party software for network. Any other entries in this section can be Unchecked.

    This does not remove a process or program- it can still be accessed when needed through All Programs. And you can go back at a later time and reset the default programs if needed.
     
  9. boetius

    boetius TS Rookie Topic Starter Posts: 51

    2 GB RAM
    Unchecked most of Startup, will continue to uncheck one by one.
    Anything else I need to do?
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Have you noticed any improvement in the speed?
     
  11. boetius

    boetius TS Rookie Topic Starter Posts: 51

    Yes, speed is much better. Emptied trash, Defragged. As good as I might expect. If there is anything else I should do or consider please let me know; I assume there is not.
    Thank you very much for your help and your patience.
    Best regards,
    Mike Kelly
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're very welcome. Glad to help.

    A note for you Mike: I checked out the Spyware.Passwords that Mbam found on c:\program files (x86)\UltraVNC\vnchooks.dll. It appears that when installed by the Administrator, UltraVNC also loads vnchooks.dll.

    Turns out that not only is this a False Positive, but Spyware.Passwords installs via exploit without user interaction. Once installed, it slows down the system dramatically. So consider that if you keep this program.
    ================================================
    You're also running this: Legitimate but unnecessary:
    uRun: [SansaDispatch] C:\Users\MDK\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
    This is an updater for a memory card. Not only does it not need to run in the background, but is also noted to use high resources.
    =======================================
    The system is clean and you can Remove all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
      [o] Click START> then RUN
      [o] Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    • Download OTCleanIt by OldTimer and save it to your Desktop.
      [o] Double click OTCleanIt.exe.
      [o] Click the CleanUp! button.
      [o] If you are prompted to Reboot during the cleanup, select Yes.
      [o]The tool will delete itself once it finishes.
      Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
      Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
    • Set a new, clean Restore Point
      [o] Click on Start> right click on Computer> Properties
      [o] Select System Protection
      [o] Click on the Create button (near bottom)
      [o] Type a name for the Restore Point
      [o] Click on Create again to save the restore point.
    • Deleting all but the most recent System Protection point in Windows 7
      [o] Click Start> Computer> right click the C Drive and choose Properties> enter.
      [o] Click Disk Cleanup from there.
      [​IMG]
      [o] Click Clean up system files
      This restarts Disk Cleanup to run in elevated mode.
      [o] Click the More Options tab
      [​IMG]
      [o] Click the Clean up under System Restore and Shadow Copies.
      [o] Click OK.
      [o] You will get a confirmation screen> Just click Delete.
      [o] Click OK on the Disk Cleanup Screen.
      [o] Click Delete Files on the Confirmation screen.
    [​IMG]
    This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
    Images courtesy lytebyte.

    Empty the Recycle Bin

    Let me know if you have any questions.
     
  13. boetius

    boetius TS Rookie Topic Starter Posts: 51

    UltraVNC deleted
    SansaUpdater deleted
    All tools deleted, System Restore point established.
    Reboot.
    Running lean and mean.
    Thanks very much for your help. I'll pass your good Karma along!
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    "Lean and mean" are music to my ears! Leaving some tip for continued security:

    Tips for added security and safer browsing: (Links are in Bold Blue)
    1. Browser Security
      [o] Safe Settings (Please ignore the suggestion to use the Registry Editor in this section "Creating a Custom Security Zone")
      [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
      [o] Replace the Host Files
      [o] Google Toolbar Pop Up Blocker
      [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
    2. Have layered Security:
      [o]Antivirus :(only one):Both of the following programs are free and known to be good:
      [o]Avira-AntiVir-Personal-Free-Antivirus
      [o]Avast-Free Antivirus
      [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
      [o]Comodo
      [o]Zone Alarm
    3. Antimalware: I recommend all of the following:
      [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
      [o]Spybot Search & Destroy
    4. Updates: Stay current:
      [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
      [o]Adobe Reader Install current, uninstall old.
      [o]Java Updates Install current, uninstall old.
    5. Tracking Cookies
      Reset Cookie:
      [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
      [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
      I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
      AdBlock Plus
      Easy List
      [o]For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    6. Do regular Maintenance
      Clean the temporary internet files often:
      [o] Temporary File Cleaner]
      or
      [o] ATF Cleaner by Atribune
    7. Restore Points:
      [o]See System Restore Guide
    8. Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
    Please let me know if you find any bad link.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...