TechSpot

Why is my firewall shutting off periodically?

By Eaglesail
Dec 27, 2010
  1. Recently I have been getting security alerts informing me that my firewall has been disabled. This has happened about 5 times starting about a week ago. When this has happened I simply turn it back on and all is well, until the next day and it happens again. I've run all three of my virus/malware removers, Spy-Bot, Malwarebytes and SuperAntiSpy and still have the problem. As far as I know, everything is up to date on my pc, and is basically clean and operates very well.

    Also, recently, my yahoo email address book was hacked and the addresses there were used to send advertisements, supposedly supported by me. Now this!

    I googled this subject but there doesn't seem to be much on this subject. I suspect there is a virus lurking within my pc. Any help would be appreciated....Steve in Connecticut.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  3. Eaglesail

    Eaglesail TS Rookie Topic Starter

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by HP_Administrator at 8:29:42.64 on Tue 12/28/2010
    Internet Explorer: 8.0.6001.18702
    Malwarebytes Anti-Malware log
    GMER log
    DDS logs: both DDS.txt and Attach.txt


    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1173 [GMT -5:00]


    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\arservice.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\DISC\DISCover.exe
    C:\Program Files\DISC\DiscUpdateMgr.exe
    C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\program files\real\realplayer\update\realsched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\DISC\DiscGui.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    C:\Program Files\DISC\DiscStreamHub.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    c:\windows\system\hpsysdrv.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\HP_Administrator\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.com/
    uSearch Page = hxxp://search.live.com
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uSearch Bar = hxxp://search.live.com/sphome.aspx
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
    mSearchAssistant = hxxp://search.live.com/sphome.aspx
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
    BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
    BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
    TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [ISUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
    mRun: [DISCover] c:\program files\disc\DISCover.exe
    mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdateMgr.exe
    mRun: [DMAScheduler] c:\program files\sonic\digitalmedia plus\digitalmedia archive\DMAScheduler.exe
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [PCDrProfiler]
    mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
    mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
    mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"
    mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [<NO NAME>]
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [MsgCenterExe] "c:\program files\common files\real\update_ob\RealOneMessageCenter.exe" -osboot
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda3100v2\WNDA3100v2.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe.vir
    IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
    IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    Trusted Zone: trymedia.com
    DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} - hxxp://72.87.93.7:50000/SysCamInst.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1292162942109
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1293365276109
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Notify: AtiExtEvent - Ati2evxx.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2010-10-7 278528]
    R3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2010-10-7 632576]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-20 136176]
    S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2010-12-8 50704]

    =============== Created Last 30 ================

    2010-12-26 16:01:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-26 16:01:54 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-26 16:01:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-12-26 14:35:06 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-12-25 21:35:17 185344 ----a-w- c:\windows\system32\Thawbrkr.dll
    2010-12-25 21:35:17 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll
    2010-12-25 21:35:16 10752 ----a-w- c:\windows\system32\dllcache\c_iscii.dll
    2010-12-25 21:35:16 10752 ----a-w- c:\windows\system32\c_iscii.dll
    2010-12-25 21:35:14 5632 ----a-w- c:\windows\system32\kbdusa.dll
    2010-12-25 21:35:14 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
    2010-12-25 21:35:09 6144 ----a-w- c:\windows\system32\ftlx041e.dll
    2010-12-25 21:35:09 6144 ----a-w- c:\windows\system32\dllcache\ftlx041e.dll
    2010-12-25 14:52:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2010-12-25 14:52:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2010-12-23 14:08:08 -------- d-----w- c:\docume~1\hp_adm~1\locals~1\applic~1\Real
    2010-12-23 14:07:47 -------- d-----w- c:\program files\common files\xing shared
    2010-12-16 13:32:54 -------- d-----w- c:\docume~1\hp_adm~1\locals~1\applic~1\AskToolbar
    2010-12-16 12:35:32 -------- d-----w- c:\program files\Ask.com
    2010-12-16 12:35:21 -------- d-----w- c:\program files\Glary Undelete
    2010-12-16 12:35:21 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\GlarySoft
    2010-12-16 12:11:56 -------- d-----w- c:\docume~1\hp_adm~1\locals~1\applic~1\DVDPlay
    2010-12-15 18:34:31 45568 ------w- c:\windows\system32\dllcache\wab.exe
    2010-12-15 18:28:47 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
    2010-12-13 19:49:14 -------- d-sh--w- c:\documents and settings\hp_administrator\IECompatCache
    2010-12-12 16:45:40 -------- d-sh--w- c:\documents and settings\hp_administrator\PrivacIE
    2010-12-12 16:42:54 -------- d-sh--w- c:\documents and settings\hp_administrator\IETldCache
    2010-12-12 16:41:02 7680 ------w- c:\windows\system32\dllcache\iecompat.dll
    2010-12-12 16:40:18 -------- d-----w- c:\windows\ie8updates
    2010-12-12 16:39:30 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
    2010-12-12 16:39:30 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
    2010-12-12 16:39:30 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
    2010-12-12 16:39:29 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
    2010-12-12 16:39:29 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
    2010-12-12 16:39:29 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
    2010-12-12 16:39:29 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
    2010-12-12 16:37:31 -------- dc-h--w- c:\windows\ie8
    2010-12-12 16:06:44 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
    2010-12-12 16:06:44 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
    2010-12-12 16:05:57 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
    2010-12-12 15:59:05 726528 ----a-w- c:\windows\system32\dllcache\jscript.dll
    2010-12-12 15:37:58 -------- d-----w- c:\windows\system32\scripting
    2010-12-12 15:37:58 -------- d-----w- c:\windows\system32\en
    2010-12-12 15:37:58 -------- d-----w- c:\windows\l2schemas
    2010-12-12 15:37:57 -------- d-----w- c:\windows\system32\bits
    2010-12-12 15:33:45 -------- d-----w- c:\windows\network diagnostic
    2010-12-12 15:24:55 397312 ------w- c:\windows\system32\mmcex.dll
    2010-12-12 14:52:58 -------- d-----w- c:\program files\MSXML 4.0
    2010-12-12 14:31:21 1853312 ------w- c:\windows\system32\dllcache\win32k.sys
    2010-12-12 14:30:20 357248 ------w- c:\windows\system32\dllcache\srv.sys
    2010-12-12 14:30:14 84992 ------w- c:\windows\system32\dllcache\avifil32.dll
    2010-12-12 14:30:14 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll
    2010-12-12 14:30:14 11264 ------w- c:\windows\system32\dllcache\msrle32.dll
    2010-12-12 14:30:13 8704 ------w- c:\windows\system32\dllcache\tsbyuv.dll
    2010-12-12 14:30:05 17920 ------w- c:\windows\system32\dllcache\msyuv.dll
    2010-12-12 14:30:05 1291776 ------w- c:\windows\system32\dllcache\quartz.dll
    2010-12-12 14:29:57 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
    2010-12-12 14:29:57 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
    2010-12-12 14:29:22 270336 ------w- c:\windows\system32\dllcache\oakley.dll
    2010-12-12 14:29:18 79872 ------w- c:\windows\system32\dllcache\raschap.dll
    2010-12-12 14:29:18 149504 ------w- c:\windows\system32\dllcache\rastls.dll
    2010-12-12 14:29:08 54272 ------w- c:\windows\system32\dllcache\wdigest.dll
    2010-12-12 14:29:08 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
    2010-12-12 14:29:07 92928 ------w- c:\windows\system32\dllcache\ksecdd.sys
    2010-12-12 14:29:07 301568 ------w- c:\windows\system32\dllcache\kerberos.dll
    2010-12-12 14:27:02 132096 ------w- c:\windows\system32\dllcache\wkssvc.dll
    2010-12-12 14:25:56 5120 ----a-w- c:\windows\system32\xpsp4res.dll
    2010-12-12 14:25:56 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
    2010-12-12 14:25:50 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
    2010-12-12 14:25:46 149504 ------w- c:\windows\system32\dllcache\schannel.dll
    2010-12-12 14:25:13 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
    2010-12-12 14:25:13 245248 ------w- c:\windows\system32\dllcache\mswsock.dll
    2010-12-12 14:25:13 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
    2010-12-12 14:25:13 147968 ------w- c:\windows\system32\dllcache\dnsapi.dll
    2010-12-12 14:25:13 138496 ------w- c:\windows\system32\dllcache\afd.sys
    2010-12-12 14:25:09 272128 ------w- c:\windows\system32\drivers\bthport.sys
    2010-12-12 14:22:07 28672 ------w- c:\windows\system32\verclsid.exe
    2010-12-12 14:16:43 -------- d-----w- c:\windows\system32\PreInstall
    2010-12-12 14:09:43 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
    2010-12-12 14:09:43 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2010-12-12 14:09:42 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2010-12-12 14:09:42 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
    2010-12-12 14:09:42 -------- d-----w- c:\windows\system32\SoftwareDistribution
    2010-12-09 13:47:12 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2010-12-09 13:47:11 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-12-09 13:33:08 -------- d-----w- c:\program files\Microsoft
    2010-12-09 13:33:07 -------- d-----w- c:\program files\MSN Toolbar
    2010-12-09 13:31:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\Driver Whiz
    2010-12-09 02:24:32 53299 ----a-w- c:\windows\system32\pthreadVC.dll
    2010-12-09 02:24:32 50704 ----a-w- c:\windows\system32\drivers\npf.sys
    2010-12-09 02:24:32 499712 ----a-w- c:\windows\system32\msvc97b9.rra
    2010-12-09 02:24:32 348160 ----a-w- c:\windows\system32\msvc9874.rra
    2010-12-09 02:24:32 281104 ----a-w- c:\windows\system32\wpcap.dll
    2010-12-09 02:24:32 100880 ----a-w- c:\windows\system32\Packet.dll
    2010-12-09 02:24:31 89088 ----a-w- c:\windows\system32\ATL794cb.rra
    2010-12-09 02:24:31 1060864 ----a-w- c:\windows\system32\MFC7972c.rra
    2010-12-09 02:09:49 -------- d-sh--r- C:\cmdcons
    2010-12-09 01:52:30 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
    2010-12-08 22:44:31 -------- d-sh--r- c:\windows\system32\dllcache

    ==================== Find3M ====================

    2010-11-18 18:12:44 81920 ------w- c:\windows\system32\isign32.dll
    2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-11-06 00:26:58 43520 ------w- c:\windows\system32\licmgr10.dll
    2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
    2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

    ============= FINISH: 8:30:16.39 ===============

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/8/2010 9:04:45 PM
    System Uptime: 12/28/2010 3:27:27 AM (5 hours ago)

    Motherboard: MSI | | AMETHYST-M
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ | Socket 939 | 2188/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 271 GiB total, 238.159 GiB free.
    D: is FIXED (FAT32) - 8 GiB total, 0.415 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP1: 12/8/2010 9:24:28 PM - Installed NETGEAR WNDA3100v2 wireless USB 2.0 adapter
    RP2: 12/9/2010 8:30:12 AM - Installed Driver Whiz.
    RP3: 12/9/2010 8:46:49 AM - Installed Java(TM) 6 Update 22
    RP4: 12/12/2010 9:15:58 AM - Software Distribution Service 3.0
    RP5: 12/12/2010 9:33:21 AM - Software Distribution Service 3.0
    RP6: 12/12/2010 10:25:54 AM - Software Distribution Service 3.0
    RP7: 12/12/2010 11:06:49 AM - Software Distribution Service 3.0
    RP8: 12/12/2010 11:20:31 AM - Software Distribution Service 3.0
    RP9: 12/12/2010 11:32:35 AM - Software Distribution Service 3.0
    RP10: 12/12/2010 11:48:39 AM - Software Distribution Service 3.0
    RP11: 12/12/2010 12:04:14 PM - Software Distribution Service 3.0
    RP12: 12/12/2010 12:42:44 PM - Removed Driver Whiz.
    RP13: 12/12/2010 3:12:26 PM - Software Distribution Service 3.0
    RP14: 12/13/2010 9:34:31 AM - Software Distribution Service 3.0
    RP15: 12/13/2010 9:48:53 AM - Software Distribution Service 3.0
    RP16: 12/13/2010 6:29:33 PM - Installed PC Inspector File Recovery
    RP17: 12/13/2010 7:12:21 PM - Removed PC Inspector File Recovery
    RP18: 12/16/2010 8:55:56 AM - System Checkpoint
    RP19: 12/18/2010 1:10:57 PM - System Checkpoint
    RP20: 12/22/2010 4:17:27 PM - System Checkpoint
    RP21: 12/24/2010 2:35:29 AM - Software Distribution Service 3.0
    RP22: 12/25/2010 8:23:26 AM - Installed Java(TM) 6 Update 23
    RP23: 12/26/2010 9:35:02 AM - Software Distribution Service 3.0
    RP24: 12/28/2010 5:03:28 AM - System Checkpoint

    ==== Installed Programs ======================

    5 Card Slingo from HP Media Center (remove only)
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.0
    Agere Systems PCI-SV92PP Soft Modem
    AiO_Scan
    AiO_Scan_CDA
    AiOSoftware
    AiOSoftwareNPI
    Ask Toolbar
    AstroPop Deluxe from HP Media Center (remove only)
    ATI Control Panel
    ATI Display Driver
    Barnyard Invasion from HP Media Center (remove only)
    Bejeweled 2 Deluxe from HP Media Center (remove only)
    Blackhawk Striker 2 from HP Media Center (remove only)
    Blasterball 2 from HP Media Center (remove only)
    Blasterball 2 Remix from HP Media Center (remove only)
    Boggle Supreme from HP Media Center (remove only)
    Bookworm Deluxe from HP Media Center (remove only)
    Bounce Symphony from HP Media Center (remove only)
    BufferChm
    CameraDrivers
    Chuzzle Deluxe from HP Media Center (remove only)
    CP_AtenaShokunin1Config
    CP_CalendarTemplates1
    cp_LightScribeConfig
    cp_OnlineProjectsConfig
    CP_Package_Basic1
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    CP_Panorama1Config
    cp_PosterPrintConfig
    cp_UpdateProjectsConfig
    Crystal Maze from HP Media Center (remove only)
    CueTour
    Customer Experience Enhancement
    Destinations
    DISCover
    DocProc
    DocumentViewer
    DocumentViewerQFolder
    Easy Internet Sign-up
    Family Feud
    FATE from HP Media Center (remove only)
    Fax
    Fax_CDA
    FullDPAppQFolder
    GemMaster Mystic
    Glary Undelete 1.6.0.262
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 10 (KB910393)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB981793)
    HP Boot Optimizer
    HP Deskjet Printer Preload
    HP DigitalMedia Archive
    HP Document Viewer 5.3
    HP DVD Play 1.0
    HP Game Console and games
    HP Imaging Device Functions 6.0
    HP Multimedia Keyboard Software
    HP Photosmart 330,380,420,470,7800,8000,8200 Series
    HP Photosmart Cameras 5.0
    HP Photosmart for Media Center PC
    HP Photosmart Premier Software 6.0
    HP PSC & OfficeJet 5.3.A
    HP PSC & OfficeJet 5.3.B
    HP Rhapsody
    HP Software Update
    HP Solution Center & Imaging Support Tools 5.3
    HP Web Helper
    HPProductAssistant
    HpSdpAppCoreApp
    Insaniquarium Deluxe from HP Media Center (remove only)
    InstantShareDevices
    J2SE Runtime Environment 5.0 Update 5
    Java Auto Updater
    Java(TM) 6 Update 23
    Lemonade Tycoon 2 from HP Media Center (remove only)
    Lexibox Deluxe from HP Media Center (remove only)
    LightScribe 1.4.62.1
    Mah Jong Quest from HP Media Center (remove only)
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Away Mode
    Microsoft Default Manager
    Microsoft Money 2006
    Microsoft Office 2003 Edition 60 Days Trial Welcome Tour
    Microsoft Office Standard Edition 2003
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    MSN Toolbar
    MSN Toolbar Platform
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 4.5
    muvee autoProducer unPlugged 1.2
    NETGEAR WNDA3100v2 wireless USB 2.0 adapter
    Netscape Browser (remove only)
    NewCopy
    NewCopy_CDA
    OptionalContentQFolder
    Otto
    PanoStandAlone
    PC-Doctor 5 for Windows
    PhotoGallery
    Polar Bowler from HP Media Center (remove only)
    Polar Golfer from HP Media Center (remove only)
    PS2
    PSPrinters08
    PSTAPlugin
    Puzzle Express from HP Media Center (remove only)
    Python 2.2 pywin32 extensions (build 203)
    Python 2.2.3
    Quicken 2006
    RandMap
    Readme
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Remove IntelliMover Demo
    Ricochet Lost Worlds from HP Media Center (remove only)
    Scan
    ScannerCopy
    SCRABBLE from HP Media Center (remove only)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360131)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Shooting Stars Pool from HP Media Center (remove only)
    Shrek 2 Ogre Bowler from HP Media Center (remove only)
    SkinsHP1
    Slingo Deluxe from HP Media Center (remove only)
    Snowboard SuperJam from HP Media Center (remove only)
    SolutionCenter
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Sonic_PrimoSDK
    Spybot - Search & Destroy
    Status
    Super Granny from HP Media Center (remove only)
    Tradewinds from HP Media Center (remove only)
    TrayApp
    Unload
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB953356)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    Updates from HP (remove only)
    WebFldrs XP
    WebReg
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live ID Sign-in Assistant
    Windows Media Format Runtime
    Windows XP Media Center Edition 2005 KB908250
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    Zuma Deluxe from HP Media Center (remove only)

    ==== Event Viewer Messages From Past Week ========

    12/28/2010 3:25:28 AM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    12/28/2010 3:25:28 AM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
    12/28/2010 3:25:28 AM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
    12/28/2010 3:25:28 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    12/28/2010 3:25:28 AM, error: Service Control Manager [7034] - The ARSVC service terminated unexpectedly. It has done this 1 time(s).
    12/28/2010 3:25:28 AM, error: Service Control Manager [7031] - The WSWNDA3100 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    12/28/2010 3:25:28 AM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    12/27/2010 9:57:26 AM, error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.120. The machine with the IP address 192.168.1.128 did not allow the name to be claimed by this machine.
    12/26/2010 6:10:06 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 30469A2FB97F. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    12/24/2010 3:55:49 PM, error: Service Control Manager [7034] - The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).
    12/23/2010 9:13:06 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
    12/23/2010 9:13:06 AM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
    12/23/2010 9:13:06 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
    12/22/2010 12:09:02 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

    ==== End Of File ===========================
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Please run the following scans:
    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    =============================================
    Download Combofix to your desktop from one of these locations:
    Link 1
    Link 2
    • Double click combofix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Query- Recovery Console image
      [​IMG]
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes it will open a text window. Please paste that log in your next reply.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Please note in the instructions for the Eset scan: Make sure that the option "Remove found threats" is Unchecked,
    Combofix will give me access to the Registry entries that may be disabling the firewall.
     
  5. Eaglesail

    Eaglesail TS Rookie Topic Starter

    I did follow your instruction and ran both ESET and COMBOFIX and it effectively disabled my wifi adapter (my only means for internet connection) so I tried reinstalling my adapter (via cd)and nothing happened. I ended up doing a system restore in order to reinstall my adapter. NOTE since performing the first steps you suggested, I have not had a repeat of my initial problem.
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I don't know of any reason why running either of those scans would disable the adapter. However, I did not see either of the logs that were generated. I expected to find a Registry entry in Combofix that was disabling the firewall.

    Are you saying that the problem has now been resolved?
    Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      [​IMG]
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.

    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.
    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
    • Go to Start > All Programs > Accessories > System Tools
    • Click "System Restore".
    • Choose "Create a Restore Point" on the first screen then click "Next".
    • Give the Restore Point a name> click "Create".
    • Go back and follow the path to > System Tools.
      [*]Choose Disc Cleanup
      [*]Click "OK" to select the partition or drive you want.
      [*]Click the "More Options" Tab.
      [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.


    Empty the Recycle Bin
     
  7. Eaglesail

    Eaglesail TS Rookie Topic Starter

    Bobbye.......I have performed these tasks and thank you very much for your help here. My system is performing very well and so far without my firewall being compromised as before..... Steve in Connecticut.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're very welcome- glad to help! Tips below will help you stay clean!

    Tips for added security and safer browsing:
    1. Browser Security Settings: Custom is fine if the user did the settings. Mine are Custom. Default is okay too, but sometimes too restrictive.
      This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features: Make Internet Explorer safer.
    2. Have layered Security:
      • Antivirus Software(only one):Both of the following programs are free and known to be good:
        [o]Avira Free
        [o]Avast Home
      • Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
        [o]Comodo
        [o]Zone Alarm
      • Antispyware: I recommend all of the following:
        [o]Spywareblaster: SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
      [o]Download ZonedOut and save to your desktop. this replaces IE/Spyad and manages the Zones in Internet explorer. This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
      For IE7 and IE8, Windows 2000 thru Vista. No Windows 7 yet.
      IE/Spyad is not longer being supported. If you have this on your system, you should replace it with the following program. Make sure your IE8 is Up-to-date before adding sites to your restricted zone.
      Known issue: If you have "immunized" your computer with Spybot Search and Destroy, and use ZonedOut to "Remove All" restricted sites - ZonedOut will remove your trusted sites as well. Note that if you remove Spybot Search and Destroys Immunization the problem goes away...
      [o]Replace the Host Files
      MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
      [o]Google Toolbar Get the free google toolbar to help stop pop up windows.
    3. Stay current on updates:
      [o] Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates.
      [o]Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
      [o]Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
    4. Reset Cookies to prevent Tracking Cookies:
      [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
      [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
      I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
      AdBlock Plus
      Easy List
    5. Do regular Maintenance
      Remove Temporary Internet Files regularly:
      [o]ATF Cleaner by Atribune
      OR
      [o]TFC
      Disable and Enable System Restore:
      [o]See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
    6. Practice Safe Email Handling
      [o] Don't open email from anyone you don't know.
      [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
      [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...