Inactive Spying

Status
Not open for further replies.
T

ttecht

Posts: 10   +0
i have to share some files with people from my office (transfer files from office pc to home pc by usb).i dont have any antivirus software installed on my pc.it occured to me someone from my office may have attached a virus to office files and monitoring my pc activities.I dont have any reason to believe so but just in case i will buy a new pc (since to my knowledge even formatting and antiviruses cant find some viruses) and use my old pc for office work.I have some questions

1should i change my modem too in case someone is already tracking me and can continue tracking me using my modem even if i change my pc

2should i change my internet membership in case someone can continue tracking me using my membership data

3if someone is tracking me is there any other way they can continue tracking me after i changed my pc

i am using cable internet

thanks
 
You are asking some impossible questions based on no information!

First< I strongly suggest that your computer has been compromised and you can 'safely' assume it is a danger to your personal information.

1. A cable modem connection is always connected.
2. You have no antivirus on the system.
3. You are using a flash drive to transfer files

Next.

1. Why don't you have an antivirus on the system?
2. Worms, Trojans, et al can be transmitted via USB
3. Before you pass another day, please do searches on the internet and get some idea of what is needed for a secure system.

I can't answer the "should I" and the "could I" but it appears you have no basic knowledge of computer security, based on your questions. Whether malware can be removed from a system depends on what type of malware it is. Can you be "tracked" if you change the system? >>>>>>

How would you be tracked if you have a different computer?>>>>>>

If the system has been compromised and your passwords stolen and you financial information breached and you don't change the passwords and reset the finances, yes< not matter which PC you use, you are not safe.
 
i didnt enter any important passwords.My main concern is the possibility of someone monitoring my browsing activities keystrokes etc.i did some research as you said and i will install an antivirus and firewall.but i want to make sure my pc is %100 virus free.

i take it that buying a new pc , modem and changing my isp save me from existent viruses.but instead of buying a new pc will buying a new hard disk makes my pc %100 virus free?I remember reading about bios viruses.which parts of pc can get infected?someone told me if i format both c and d i will be %100 virus free is that true?if i change my pc(of hard disk) , modem , ip and install antivirus ,firewall will someone previously monitoring me still be able to do so?
 
I answered you last paragraph previously:
If the system has been compromised and your passwords stolen and you financial information breached and you don't change the passwords and reset the finances, yes< not matter which PC you use, you are not safe.
Click to expand...

You are asking 'what if' or 'could they' theoretical questions that cannot be answered now. I have no information about your system and what's on it. It is reasonable to assume that without any security, it has probably been compromised.
========================================
Tips for added security and safer browsing: (Links are in Bold Blue)
  1. Browser Security
    [o] Safe Settings (Please ignore the suggestion to use the Registry Editor in this section "Creating a Custom Security Zone")
    [o] ZonedOut. This manages the Zones in Internet Explorer. (For IE7 and IE8, Windows 2000 thru Vista. No Windows 7)
    [o] Replace the Host Files
    [o] Google Toolbar Pop Up Blocker
    [o]Web of Trust (WOT) Site Advisor. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.
  2. Have layered Security:
    [o]Antivirus :(only one):Both of the following programs are free and known to be good:
    [o]Avira-AntiVir-Personal-Free-Antivirus
    [o]Avast-Free Antivirus
    [o]Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
    [o]Comodo
    [o]Zone Alarm
  3. Antimalware: I recommend all of the following:
    [o]Spywareblaster: SpywareBlaster protects against bad ActiveX.
    [o]Spybot Search & Destroy
  4. Updates: Stay current:
    [o] the Microsoft Download Sitefrequently. All updates marked Critical and the current SP updates.
    [o]Adobe Reader Install current, uninstall old.
    [o]Java Updates Install current, uninstall old.
  5. Tracking Cookies
    Reset Cookie:
    [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
    [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List
    [o]For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
  6. Do regular Maintenance
    Clean the temporary internet files often:
    [o] Temporary File Cleaner
    [o] ATF Cleaner by Atribune
  7. Restore Points:
    [o]See System Restore Guide
  8. Safe Email Handling
    [o] Don't open email from anyone you don't know.
    [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
    [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.
Please let me know if you find any bad link.
=======================================

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
==================================
My Guidelines: please read and follow:
  • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
  • Read my instructions carefully. If you don't understand or have a problem, ask me.
  • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
  • Follow the order of the tasks I give you. Order is crucial in cleaning process.
  • File sharing programs should be uninstalled or disabled during the cleaning process..
  • Observe these:
    [o] Don't use any other cleaning programs or scans while I'm helping you.
    [o] Don't use a Registry cleaner or make any changes in the Registry.
    [o] Don't download and install new programs- except those I give you.
  • Please let me know if there is any change in the system.

If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================
 
Here are the logs.I formatted c recently.As additional info I cannot change system clock and when i try to start in safe mode the screen goes blue and immediately restarts but works fine in normal mode .Thanks
 
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7695

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11.09.2011 23:38:42
mbam-log-2011-09-11 (23-38-35).txt

Scan type: Quick scan
Objects scanned: 179620
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-09-11 23:53:32
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\0000006a FUJITSU_MHY2080BH rev.0000000B
Running: bsp2qwgn.exe; Driver: C:\DOCUME~1\fklrszd\LOCALS~1\Temp\kfrdafog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xF4204D5A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xF4204BC5]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \FileSystem\Ntfs \Ntfs HFXP2.SYS (Hide Folders XP driver (for Win32)/FSPro Labs)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by fklrszd at 23:56:30 on 2011-09-11
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.383.179 [GMT 3:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com.tr/
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [DriverMax]
uRun: [DriverMax_RESTART]
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [VMSnap5] c:\windows\VMSnap5.EXE
mRun: [Domino] c:\windows\Domino.EXE
mRun: [BigDog305] c:\windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Desktop Lock] c:\progra~1\deskto~1\TLDL.EXE /Boot
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mPolicies-system: EnableLUA = 0 (0x0)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: Interfaces\{19783D77-7045-44FA-A140-5E6448EC3662} : DhcpNameServer = 62.248.80.162 62.248.80.161
Notify: DfLogon - LogonDll.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DeepFrz;DeepFrz;c:\windows\system32\drivers\DeepFrz.sys [2011-2-25 160792]
R0 HFXP2;HFXP2;c:\windows\system32\drivers\hfxp2.sys [2011-9-1 17264]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-9-11 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-9-11 320856]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-9-11 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-9-11 44768]
R2 DFServ;DFServ;c:\program files\faronics\deep freeze\install c-0\DFServ.exe [2011-2-25 1075200]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-11 366640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-11 22712]
R3 ZSMC0305;Shiny SH2166 webcam;c:\windows\system32\drivers\usbVM305.sys [2011-8-24 391737]
S3 WMI_MFC_TPSHOKER_80;WMI_MFC_TPSHOKER_80;\??\c:\windows\system32\drivers\mmlkg.sys --> c:\windows\system32\drivers\mmlkg.sys [?]
.
=============== Created Last 30 ================
.
2011-09-11 20:10:26 -------- d-----w- c:\program files\Desktop Lock
2011-09-11 20:10:26 -------- d-----w- c:\documents and settings\fklrszd\application data\TopLang
2011-09-11 20:10:26 -------- d-----w- c:\documents and settings\all users\application data\TopLang
2011-09-11 19:50:08 -------- d-----w- c:\documents and settings\all users\application data\Montpellier-Informatique
2011-09-11 17:27:42 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-11 17:27:06 41184 ----a-w- c:\windows\avastSS.scr
2011-09-11 17:26:55 -------- d-----w- c:\program files\AVAST Software
2011-09-11 17:26:55 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2011-09-11 17:02:33 -------- d-----w- c:\documents and settings\fklrszd\application data\Malwarebytes
2011-09-11 17:02:28 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-11 17:02:27 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-09-11 17:02:24 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-11 17:02:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-31 23:16:16 17264 ----a-w- c:\windows\system32\drivers\hfxp2.sys
2011-08-31 23:16:15 -------- d-----w- c:\program files\Hide Folders XP 2
2011-08-26 12:02:22 -------- d-----w- c:\documents and settings\fklrszd\local settings\application data\NPE
2011-08-26 11:26:39 -------- d-----w- c:\documents and settings\fklrszd\application data\Symantec
2011-08-26 11:07:36 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-08-26 09:35:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-25 17:31:30 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-08-25 00:46:08 16336548 ------w- C:\Persi0.sys
2011-08-25 00:46:04 65536 ----a-w- c:\windows\system32\LogonDll.dll
2011-08-24 23:38:03 -------- d-----w- c:\program files\Faronics
2011-08-24 18:12:30 -------- d-----w- c:\program files\webcamXP
2011-08-24 17:18:44 -------- d-----w- c:\program files\webcamXP2
2011-08-24 17:16:22 -------- d-----w- c:\documents and settings\fklrszd\local settings\application data\webcamXP 5
2011-08-24 17:11:08 -------- d-----w- c:\windows\system32\appmgmt
2011-08-24 16:56:06 -------- d-----w- c:\documents and settings\all users\application data\webcamXP 5
2011-08-24 16:50:56 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2011-08-24 16:50:49 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2011-08-24 16:50:46 16384 ----a-w- c:\windows\system32\ipsink.ax
2011-08-24 16:50:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2011-08-24 16:50:44 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2011-08-24 16:50:43 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2011-08-24 16:50:40 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2011-08-24 16:50:38 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2011-08-24 16:50:10 114688 ----a-r- c:\windows\VM305Cap.exe
2011-08-24 16:49:21 176128 ----a-r- c:\windows\amcap.exe
2011-08-24 16:49:20 81920 ----a-r- c:\windows\system32\VM305STI.dll
2011-08-24 16:49:20 391737 ----a-r- c:\windows\system32\drivers\usbVM305.sys
2011-08-24 16:49:20 208982 ----a-r- c:\windows\system32\VM305Prp.Ax
2011-08-24 16:49:13 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2011-08-24 16:49:13 28672 ----a-w- c:\windows\system32\vidcap.ax
2011-08-24 16:49:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2011-08-24 16:49:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2011-08-24 16:49:12 43008 ----a-w- c:\windows\system32\ksxbar.ax
2011-08-24 14:21:48 -------- d-----w- c:\documents and settings\fklrszd\application data\AVG10
2011-08-24 14:17:47 -------- d-----w- c:\windows\system32\drivers\AVG
2011-08-24 14:17:47 -------- d-----w- c:\documents and settings\all users\application data\AVG10
2011-08-24 14:17:22 -------- d-----w- c:\program files\AVG
2011-08-24 13:54:23 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2011-08-24 13:54:09 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2011-08-24 12:33:33 -------- d-----w- c:\windows\ie8updates
2011-08-24 12:28:47 361600 ------w- c:\windows\system32\dllcache\tcpip.sys
2011-08-24 12:28:47 245760 ------w- c:\windows\system32\dllcache\mswsock.dll
2011-08-24 12:28:47 226880 ------w- c:\windows\system32\dllcache\tcpip6.sys
2011-08-24 12:28:07 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2011-08-24 12:28:07 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-08-24 12:27:19 457856 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-08-24 12:27:05 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-08-24 12:26:35 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-08-24 12:23:39 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-08-24 12:23:11 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-08-24 12:22:34 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2011-08-24 12:22:34 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2011-08-24 12:21:26 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-24 12:21:17 105472 ------w- c:\windows\system32\dllcache\mup.sys
2011-08-24 12:21:06 1447424 ------w- c:\windows\system32\dllcache\msxml6.dll
2011-08-24 12:21:06 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2011-08-24 12:17:59 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2011-08-24 12:17:27 692736 ------w- c:\windows\system32\dllcache\inetcomm.dll
2011-08-24 12:17:12 726528 ------w- c:\windows\system32\dllcache\jscript.dll
2011-08-24 12:17:12 420864 ------w- c:\windows\system32\dllcache\vbscript.dll
2011-08-24 12:16:38 758784 ------w- c:\windows\system32\dllcache\vgx.dll
2011-08-24 12:16:11 713728 ------w- c:\windows\system32\dllcache\ntdll.dll
2011-08-24 12:16:11 2029056 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-08-24 12:16:10 2194688 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-08-24 12:16:10 2150912 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-08-24 12:13:04 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-24 12:12:47 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-08-24 12:12:41 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2011-08-24 12:12:41 5120 ----a-w- c:\windows\system32\xpsp4res.dll
.
==================== Find3M ====================
.
2011-08-24 14:46:07 86016 ----a-w- c:\windows\SOUNDMAN.EXE
2011-08-24 14:44:29 2808832 ----a-w- c:\windows\ALCWZRD.EXE
2011-08-24 14:28:04 45056 ----a-w- c:\windows\system32\shmgrate.exe
2011-08-24 14:28:01 16261632 ----a-w- c:\windows\RTHDCPL.EXE
2011-08-24 14:27:56 69632 ----a-w- c:\windows\ALCMTR.EXE
2011-07-15 13:29:35 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10:47 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:29:00 919552 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:28:59 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:28:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:21:10 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44:47 293376 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 23:57:12,67 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 24.08.2011 06:50:11
System Uptime: 11.09.2011 23:43:08 (0 hours ago)
.
Motherboard: MSI | | MS-1326X
Processor: Mobile AMD Sempron(tm) Processor 3600+ | CPU 1 | 2009/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 36 GiB total, 32,241 GiB free.
D: is FIXED (NTFS) - 38 GiB total, 15,354 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Agere Systems HDA Modem v6081
avast! Free Antivirus
AVG 2011
Desktop Lock 7.3
Driver Genius Professional Edition
DriverMax 5
HFSLIP Total Slipstream (v1.7.9_beta_d, build 81223)
Hide Folders XP 2.9.8 for Windows XP/Vista
Hotfix for Windows XP (KB954550-v5)
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 1.1 SP1
Microsoft .NET Framework 1.1 SP1 Türkçe Dil Paketi
Microsoft .NET Framework 2.0 SP2
Microsoft .NET Framework 2.0 SP2 Türkçe Dil Paketi
Microsoft .NET Framework 3.0 SP2
Microsoft .NET Framework 3.0 SP2 Türkçe Dil Paketi
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 Türkçe Dil Paketi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
NVIDIA Drivers
Realtek High Definition Audio Driver
webcamXP 2008
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2510531)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2544521)
Windows Internet Explorer 8 için Güvenlik Güncelleştirmesi (KB2559049)
Windows Media Player (KB2378111) için Güvenlik Güncelleştirmesi
Windows Media Player (KB954155) için Güvenlik Güncelleştirmesi
Windows Media Player (KB975558) için Güvenlik Güncelleştirmesi
Windows Media Player (KB978695) için Güvenlik Güncelleştirmesi
Windows XP için Düzeltme (KB2570791)
Windows XP için Güncelleştirme (KB2541763)
Windows XP için Güncelleştirme (KB955759)
Windows XP için Güncelleştirme (KB971029)
Windows XP için Güncelleştirme (KB971737)
Windows XP için Güncelleştirme (KB973687)
Windows XP için Güvenlik Güncelleştirmesi (KB2079403)
Windows XP için Güvenlik Güncelleştirmesi (KB2115168)
Windows XP için Güvenlik Güncelleştirmesi (KB2229593)
Windows XP için Güvenlik Güncelleştirmesi (KB2296011)
Windows XP için Güvenlik Güncelleştirmesi (KB2347290)
Windows XP için Güvenlik Güncelleştirmesi (KB2360937)
Windows XP için Güvenlik Güncelleştirmesi (KB2387149)
Windows XP için Güvenlik Güncelleştirmesi (KB2393802)
Windows XP için Güvenlik Güncelleştirmesi (KB2412687)
Windows XP için Güvenlik Güncelleştirmesi (KB2419632)
Windows XP için Güvenlik Güncelleştirmesi (KB2423089)
Windows XP için Güvenlik Güncelleştirmesi (KB2440591)
Windows XP için Güvenlik Güncelleştirmesi (KB2443105)
Windows XP için Güvenlik Güncelleştirmesi (KB2476490)
Windows XP için Güvenlik Güncelleştirmesi (KB2478960)
Windows XP için Güvenlik Güncelleştirmesi (KB2478971)
Windows XP için Güvenlik Güncelleştirmesi (KB2479943)
Windows XP için Güvenlik Güncelleştirmesi (KB2483185)
Windows XP için Güvenlik Güncelleştirmesi (KB2485663)
Windows XP için Güvenlik Güncelleştirmesi (KB2503665)
Windows XP için Güvenlik Güncelleştirmesi (KB2506212)
Windows XP için Güvenlik Güncelleştirmesi (KB2507618)
Windows XP için Güvenlik Güncelleştirmesi (KB2507938)
Windows XP için Güvenlik Güncelleştirmesi (KB2508272)
Windows XP için Güvenlik Güncelleştirmesi (KB2508429)
Windows XP için Güvenlik Güncelleştirmesi (KB2509553)
Windows XP için Güvenlik Güncelleştirmesi (KB2524375)
Windows XP için Güvenlik Güncelleştirmesi (KB2535512)
Windows XP için Güvenlik Güncelleştirmesi (KB2536276-v2)
Windows XP için Güvenlik Güncelleştirmesi (KB2544893)
Windows XP için Güvenlik Güncelleştirmesi (KB2555917)
Windows XP için Güvenlik Güncelleştirmesi (KB2562937)
Windows XP için Güvenlik Güncelleştirmesi (KB2566454)
Windows XP için Güvenlik Güncelleştirmesi (KB2567680)
Windows XP için Güvenlik Güncelleştirmesi (KB2570222)
Windows XP için Güvenlik Güncelleştirmesi (KB923789)
Windows XP için Güvenlik Güncelleştirmesi (KB969059)
Windows XP için Güvenlik Güncelleştirmesi (KB970430)
Windows XP için Güvenlik Güncelleştirmesi (KB972270)
Windows XP için Güvenlik Güncelleştirmesi (KB973904)
Windows XP için Güvenlik Güncelleştirmesi (KB974112)
Windows XP için Güvenlik Güncelleştirmesi (KB974318)
Windows XP için Güvenlik Güncelleştirmesi (KB974392)
Windows XP için Güvenlik Güncelleştirmesi (KB974571)
Windows XP için Güvenlik Güncelleştirmesi (KB975025)
Windows XP için Güvenlik Güncelleştirmesi (KB975467)
Windows XP için Güvenlik Güncelleştirmesi (KB975562)
Windows XP için Güvenlik Güncelleştirmesi (KB975713)
Windows XP için Güvenlik Güncelleştirmesi (KB977816)
Windows XP için Güvenlik Güncelleştirmesi (KB977914)
Windows XP için Güvenlik Güncelleştirmesi (KB978338)
Windows XP için Güvenlik Güncelleştirmesi (KB978542)
Windows XP için Güvenlik Güncelleştirmesi (KB978601)
Windows XP için Güvenlik Güncelleştirmesi (KB978706)
Windows XP için Güvenlik Güncelleştirmesi (KB979309)
Windows XP için Güvenlik Güncelleştirmesi (KB979482)
Windows XP için Güvenlik Güncelleştirmesi (KB979687)
Windows XP için Güvenlik Güncelleştirmesi (KB980436)
Windows XP için Güvenlik Güncelleştirmesi (KB981322)
Windows XP için Güvenlik Güncelleştirmesi (KB981997)
Windows XP için Güvenlik Güncelleştirmesi (KB982132)
Windows XP için Güvenlik Güncelleştirmesi (KB982665)
WinRAR 4.01 (32-bit)
XML Paper Specification Shared Components Language Pack 1.0
.
==== End Of File ===========================
 
It appears that you may have a file infector from the Sality family on the system.

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESETOnlineScan
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    [o] Double click on the
    esetSmartInstallDesktopIcon.png
    on your desktop.
  • Check 'Yes I accept terms of use.'
  • Click Start button
  • Accept any security warnings from your browser.
    esetonlinescannersettings_thumb.jpg
  • Uncheck 'Remove found threats'
  • Check 'Scan archives/
  • Leave remaining settings as is.
  • Press the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
  • When the scan completes, press List of found threats
  • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
  • Push the Back button
  • Push Finish

NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
============================================
You will need to remove AVG to run Combofix:
Download AppRemover and save to the desktop
  1. Double click the setup on the desktop> click Next
  2. Select “Remove Security Application”
  3. Let scan finish to determine security apps
  4. A screen like below will appear:
    image_preview
  5. Click on Next after choice has been made
  6. Check the AVG program you want to uninstall
  7. After uninstall shows complete, follow online prompts to Exit the program.
=============================
Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
--------------------------------------
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop
  • Double click combofix.exe & follow the prompts.
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Once installed, you should see a blue screen prompt that says:
    The Recovery Console was successfully installed.
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • .Close any open browsers.
  • .Double click combofix.exe
    cf-icon.jpg
    & follow the prompts to run.
  • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.

Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
===========================================
Download Security Check by screen317 from one of these links:
Link1
Link 2
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
 
AppRemover couldn't find AVG.I uninstalled it previously but there is a folder named AVG.Inside this folder there are avgcorex.dll avgcremx and notification files.Here are my logs
 
Eset:

C:\Documents and Settings\fklrszd\Desktop\cnet_wrar401_exe.exe a variant of Win32/InstallCore.C application
 
ComboFix 11-09-19.01 - fklrszd 19.09.2011 14:44:39.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1254.90.1055.18.383.144 [GMT 3:00]
Running from: c:\documents and settings\fklrszd\Desktop\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\mmc.exe . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2011-08-19 to 2011-09-19 )))))))))))))))))))))))))))))))
.
.
2011-09-13 20:09 . 2011-09-13 20:09 -------- d-----w- C:\c816ea9bd733ed30bf
2011-08-25 00:46 . 2011-08-25 00:46 16336548 ------w- C:\Persi0.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-24 14:28 . 2008-04-15 12:00 45056 ----a-w- c:\windows\system32\shmgrate.exe
2011-07-15 13:29 . 2009-09-30 00:17 457856 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-15 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-23 18:29 . 2009-09-30 00:26 919552 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:28 . 2009-09-30 00:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:28 . 2009-09-30 00:26 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:21 . 2009-09-30 00:26 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-09-30 . E47D77A2F5D64974D9B6724552EB44AD . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-15 110592]
"AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 88203]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-27 7561216]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
"Desktop Lock"="c:\progra~1\DESKTO~1\TLDL.EXE" [2011-08-24 200704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DfLogon]
2011-02-25 14:33 65536 ----a-w- c:\windows\system32\LogonDll.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:C /k:D *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\Program Files\\webcamXP 5\\wLite.exe"=
"c:\\Program Files\\webcamXP 5\\wService.exe"=
.
R0 DeepFrz;DeepFrz;c:\windows\system32\drivers\DeepFrz.sys [25.02.2011 17:36 160792]
R0 HFXP2;HFXP2;c:\windows\system32\drivers\hfxp2.sys [01.09.2011 02:16 17264]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.07.2011 19:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [13.07.2011 00:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12.08.2011 02:38 116608]
R2 DFServ;DFServ;c:\program files\Faronics\Deep Freeze\Install C-0\DFServ.exe [25.02.2011 17:27 1075200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.09.2011 20:02 366640]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [04.03.2011 11:39 584488]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11.09.2011 20:02 22712]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\5.tmp --> c:\windows\system32\5.tmp [?]
S3 WMI_MFC_TPSHOKER_80;WMI_MFC_TPSHOKER_80;\??\c:\windows\system32\drivers\mmlkg.sys --> c:\windows\system32\drivers\mmlkg.sys [?]
S3 wxpSvc;webcamXP Service;c:\program files\webcamXP 5\wService.exe [27.07.2011 22:58 5023744]
S3 ZSMC0305;Shiny SH2166 webcam;c:\windows\system32\drivers\usbVM305.sys [24.08.2011 19:49 391737]
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-19 c:\windows\Tasks\User_Feed_Synchronization-{88456747-37B8-4CD3-8DC8-CCC2802DEB07}.job
- c:\windows\system32\msfeedssync.exe [2009-09-30 00:27]
.
2011-09-19 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2011-08-24 19:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.tr/
TCP: DhcpNameServer = 62.248.80.162 62.248.80.161
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-BigDog305 - c:\windows\VM305_STI.EXE
AddRemove-wLite - c:\program files\webcamXP 5\wl-uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-19 14:49
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
BigDog305 = c:\windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)???????????????????0?????????@??????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
"ImagePath"="c:\program files\webcamXP 5\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\5.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(868)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\LogonDll.dll
.
- - - - - - - > 'explorer.exe'(3084)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
Completion time: 2011-09-19 14:51:38
ComboFix-quarantined-files.txt 2011-09-19 11:51
ComboFix2.txt 2011-09-12 20:04
.
Pre-Run: 33.836.236.800 bayt boş
Post-Run: 34.193.924.096 bayt boş
.
- - End Of File - - 46189A9CD274292EC026527DB672995E
 
Check up:

Results of screen317's Security Check version 0.99.18
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
AVG 2011
ESET Online Scanner v3
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 27
Adobe Flash Player
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
``````````End of Log````````````
 
As I said before, you have basically no security on this system.

Please run the MGA Diagnostics tool
  • You will be prompted to either “Run” or “Save” the tool. Choose to “Run” the tool and follow the on-screen prompts.
  • You will receive an Internet Explorer-Security Warning dialog box for the Windows Genuine Advantage Diagnostic Tool>
  • You must choose to Run this tool when prompted.
  • Once you are presented with the Diagnostics tool choose Continue to run the diagnostic report.
  • If the RESOLVE button is available after running the diagnostics, please click RESOLVE to allow the diagnostic tool to attempt a repair.
  • After running the MGA Diagnostic tool, click on the Windows tab and then click on Copy
  • Please return to this thread and Paste the results here for review.

This tool will is to look on the computer itself, in the documentation you received with the computer or with your retail purchase of Windows to see if you have a Certificate of Authenticity (COA). I
NOTE: The data collected with the Genuine Diagnostics Tool does NOT contain any information that can personally identify you and can be fully reviewed, by you, before being posted.
 
Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-BDWVG-33T78-VFDFQ
Windows Product Key Hash: p9eZJx1iExhjAzRVpNDOWPnpXEg=
Windows Product ID: 76407-640-9245215-23007
Windows Product ID Type: 1
Windows License Type: Volume
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {3E0C6079-A1D3-4E6F-9605-F01A20706AB1}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.42.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-543-80070002_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\WINDOWS\system32\syssetup.dll[5.1.2600.5512], Hr = 0x800b0100

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{3E0C6079-A1D3-4E6F-9605-F01A20706AB1}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-VFDFQ</PKey><PID>76407-640-9245215-23007</PID><PIDType>1</PIDType><SID>S-1-5-21-1844237615-1214440339-682003330</SID><SYSTEM><Manufacturer>Micro-Star International</Manufacturer><Model>VR330</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>A1326NMS V1.05</Version><SMBIOSVersion major="2" minor="5"/><Date>20070705000000.000000+000</Date></BIOS><HWID>1E3235E70184C05C</HWID><UserLCID>041F</UserLCID><SystemLCID>041F</SystemLCID><TimeZone>GTB Standart Saati(GMT+02:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1E840:MICRO-STAR INTERNATIONAL CO., LTD
Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

OEM Activation 2.0 Data-->
N/A
 
i didnt enter any important passwords.My main concern is the possibility of someone monitoring my browsing activities keystrokes etc.i did some research as you said and i will install an antivirus and firewall.but i want to make sure my pc is %100 virus free.
Click to expand...

ALL passwords are important because they get you or someone else into where the password is set for- just getting into your system my be all they want.

The bottom line on your 'can someone track me' question is simply this:
If you don't put security on your system, you leave it open to viruses, Trojans, worms, key loggers, PUP, pests Script, and on and on.

You have an AV only and it may not be working. See my Reply #4- I left you a list of security trips. I suggest you use as many as you can. To the best of my knowledge, AVG doesn't have a free- standing firewall.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Google's Find My Device network could be rolling out very soon
Replies
2
Views
106
theotherdave
theotherdave
A
Chrome will deprecate third-party cookies starting January 2024 as it implements Tracking...
Replies
4
Views
302
RandomWAN
R
midian182
TikTok is calling employees back into the office, will track attendance with a new tool
Replies
1
Views
363
Prrredictable
P

Latest posts

Back