xmas came early;-)

Started by Ghost, October 25, 2013, 10:50:46 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Ghost

October 25, 2013, 10:50:46 PM
hi all,
sister-inlaw bought all new w7 and acessories and gave me her vista home premium and peripherals.
thought i had better check it out to be sure its clean.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16514  BrowserJavaVersion: 10.45.2
Run by Mary at 18:36:39 on 2013-10-25
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2036.1128 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\dldtserv.exe
C:\Windows\system32\dldtcoms.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Dell V305\dldtmon.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Dell V305\dldtMsdMon.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com/
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
BHO: SpywareGuardDLBLOCK.CBrowserHelper: {4A368E80-174F-4872-96B5-0B27DDD11DB2} - c:\program files\spywareguard\dlprotect.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [RegistryMechanic] <no file>
StartupFolder: c:\users\mary\appdata\roaming\micros~1\windows\startm~1\programs\startup\spywar~1.lnk - c:\program files\spywareguard\sgmain.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\program files\avira\antivir desktop\avsda.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C2285EC4-3DD1-41B7-BA3F-214FFB9C20BA} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\imesha~1\mediabar\datamngr\datamngr.dll c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
SEH: SpywareGuard.Handler - {81559C35-8464-49F7-BB0E-07A383BEF910} - c:\program files\spywareguard\spywareguard.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mary\appdata\roaming\mozilla\firefox\profiles\44uqtzgf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-10-25 11:00; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\mary\appdata\roaming\mozilla\firefox\profiles\44uqtzgf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-10-25 11:01; {C49B68AC-0D21-40A7-9EE0-77D822273103}; c:\users\mary\appdata\roaming\mozilla\firefox\profiles\44uqtzgf.default\extensions\{C49B68AC-0D21-40A7-9EE0-77D822273103}.xpi
FF - ExtSQL: 2013-10-25 11:01; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\mary\appdata\roaming\mozilla\firefox\profiles\44uqtzgf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-10-25 37352]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-10-25 84024]
R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-10-25 108088]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-10-25 88840]
R2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe -service --> c:\windows\system32\dldtcoms.exe -service [?]
R2 dldtCATSCustConnectService;dldtCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\dldtserv.exe [2008-2-25 98984]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2013-10-25 815160]
.
=============== Created Last 30 ================
.
2013-10-25 22:22:15   --------   d-----w-   c:\users\mary\appdata\local\Microsoft Corporation
2013-10-25 22:21:24   --------   d-----w-   c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-10-25 21:09:54   --------   d-----w-   c:\programdata\Licenses
2013-10-25 20:01:47   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-10-25 19:03:49   9728   ----a-w-   c:\windows\system32\Wdfres.dll
2013-10-25 19:03:46   73216   ----a-w-   c:\windows\system32\WUDFSvc.dll
2013-10-25 19:03:46   66560   ----a-w-   c:\windows\system32\drivers\WUDFPf.sys
2013-10-25 19:03:46   47720   ----a-w-   c:\windows\system32\drivers\WdfLdr.sys
2013-10-25 19:03:46   34944   ----a-w-   c:\windows\system32\drivers\winusb.sys
2013-10-25 19:03:46   172032   ----a-w-   c:\windows\system32\WUDFPlatform.dll
2013-10-25 19:03:46   16896   ----a-w-   c:\windows\system32\winusb.dll
2013-10-25 19:03:46   155136   ----a-w-   c:\windows\system32\drivers\WUDFRd.sys
2013-10-25 19:03:45   613888   ----a-w-   c:\windows\system32\WUDFx.dll
2013-10-25 19:03:45   38912   ----a-w-   c:\windows\system32\WUDFCoinstaller.dll
2013-10-25 19:03:45   196608   ----a-w-   c:\windows\system32\WUDFHost.exe
2013-10-25 15:20:06   --------   d-----w-   c:\users\mary\appdata\roaming\Avira
2013-10-25 15:13:10   88840   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2013-10-25 15:13:10   37352   ----a-w-   c:\windows\system32\drivers\avkmgr.sys
2013-10-25 15:13:09   --------   d-----w-   c:\programdata\Avira
2013-10-25 15:13:09   --------   d-----w-   c:\program files\Avira
2013-10-25 14:59:03   --------   d-----w-   c:\program files\Mozilla Maintenance Service
2013-10-25 14:59:00   74648   ----a-w-   c:\program files\mozilla firefox\breakpadinjector.dll
2013-10-25 14:59:00   271256   ----a-w-   c:\program files\mozilla firefox\browser\components\browsercomps.dll
2013-10-25 14:58:59   770384   ----a-w-   c:\program files\mozilla firefox\msvcr100.dll
2013-10-25 14:58:59   421200   ----a-w-   c:\program files\mozilla firefox\msvcp100.dll
2013-10-25 14:58:56   27544   ----a-w-   c:\program files\mozilla firefox\plugin-hang-ui.exe
2013-10-25 14:58:56   170232   ----a-w-   c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-10-25 14:58:56   107416   ----a-w-   c:\program files\mozilla firefox\webapprt-stub.exe
2013-10-25 14:53:47   --------   d-----w-   c:\users\mary\appdata\roaming\Dell Imaging Toolbox
2013-10-25 14:03:16   102608   ----a-w-   c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-25 14:03:01   2050048   ----a-w-   c:\windows\system32\win32k.sys
2013-10-25 14:02:59   75776   ----a-w-   c:\windows\system32\synceng.dll
2013-10-25 14:02:57   905664   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2013-10-25 14:02:27   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-10-25 14:02:14   376320   ----a-w-   c:\windows\system32\dpnet.dll
2013-10-25 14:02:14   23040   ----a-w-   c:\windows\system32\dpnsvr.exe
2013-10-25 14:02:11   783360   ----a-w-   c:\windows\system32\rpcrt4.dll
2013-10-25 14:02:09   224640   ----a-w-   c:\windows\system32\drivers\volsnap.sys
2013-10-25 13:59:59   1548288   ----a-w-   c:\windows\system32\WMVDECOD.DLL
2013-10-25 13:59:49   24576   ----a-w-   c:\windows\system32\cryptdlg.dll
2013-10-25 13:59:14   443904   ----a-w-   c:\windows\system32\win32spl.dll
2013-10-25 13:59:14   37376   ----a-w-   c:\windows\system32\printcom.dll
2013-10-25 13:59:10   15872   ----a-w-   c:\windows\system32\drivers\usb8023.sys
2013-10-25 13:58:54   812544   ----a-w-   c:\windows\system32\certutil.exe
2013-10-25 13:58:53   41984   ----a-w-   c:\windows\system32\certenc.dll
2013-10-25 13:58:09   1400832   ----a-w-   c:\windows\system32\msxml6.dll
2013-10-25 13:57:48   527064   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
2013-10-25 13:57:41   615936   ----a-w-   c:\windows\system32\themeui.dll
2013-10-25 13:57:38   34304   ----a-w-   c:\windows\system32\atmlib.dll
2013-10-25 13:57:38   293376   ----a-w-   c:\windows\system32\atmfd.dll
2013-10-25 13:57:32   3603904   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-10-25 13:57:32   3551680   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-10-25 13:57:31   64000   ----a-w-   c:\windows\system32\smss.exe
2013-10-25 13:57:31   49152   ----a-w-   c:\windows\system32\csrsrv.dll
2013-10-25 13:57:31   1205168   ----a-w-   c:\windows\system32\ntdll.dll
2013-10-25 13:57:29   505344   ----a-w-   c:\windows\system32\qedit.dll
2013-10-25 13:56:15   376320   ----a-w-   c:\windows\system32\winsrv.dll
2013-10-25 13:56:06   532480   ----a-w-   c:\windows\system32\comctl32.dll
2013-10-25 13:55:54   2067968   ----a-w-   c:\windows\system32\mstscax.dll
2013-10-25 13:55:40   936960   ----a-w-   c:\program files\common files\microsoft shared\ink\journal.dll
2013-10-25 13:55:40   1218048   ----a-w-   c:\program files\windows journal\NBDoc.DLL
2013-10-25 13:55:39   983552   ----a-w-   c:\program files\windows journal\JNTFiltr.dll
2013-10-25 13:55:39   964608   ----a-w-   c:\program files\windows journal\JNWDRV.dll
2013-10-25 13:51:13   --------   d-----w-   c:\program files\VS Revo Group
2013-10-25 13:41:01   992768   ----a-w-   c:\windows\system32\crypt32.dll
2013-10-25 13:41:01   98304   ----a-w-   c:\windows\system32\cryptnet.dll
2013-10-25 13:41:01   172544   ----a-w-   c:\windows\system32\wintrust.dll
2013-10-25 13:41:01   133120   ----a-w-   c:\windows\system32\cryptsvc.dll
2013-10-25 13:39:14   7796464   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{a0e765e1-75e8-4216-b4d3-20d0b46d08af}\mpengine.dll
.
==================== Find3M  ====================
.
2013-10-25 18:09:01   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-25 18:09:01   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-09-22 10:22:59   1800704   ----a-w-   c:\windows\system32\jscript9.dll
2013-09-22 10:14:39   1427968   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-09-22 10:13:22   1129472   ----a-w-   c:\windows\system32\wininet.dll
2013-09-22 10:08:41   142848   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-09-22 10:06:58   420864   ----a-w-   c:\windows\system32\vbscript.dll
2013-09-22 10:03:18   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2013-09-03 18:35:12   238872   ------w-   c:\windows\system32\MpSigStub.exe
2013-08-27 02:47:50   219648   ----a-w-   c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47:50   189952   ----a-w-   c:\windows\system32\d3d10core.dll
2013-08-27 02:47:50   160768   ----a-w-   c:\windows\system32\d3d10_1.dll
2013-08-27 02:47:50   1029120   ----a-w-   c:\windows\system32\d3d10.dll
2013-08-27 01:52:08   1172480   ----a-w-   c:\windows\system32\d3d10warp.dll
2013-08-27 01:50:40   486400   ----a-w-   c:\windows\system32\d3d10level9.dll
2013-08-27 01:32:20   683008   ----a-w-   c:\windows\system32\d2d1.dll
2013-08-27 01:28:36   1069056   ----a-w-   c:\windows\system32\DWrite.dll
2013-08-27 01:28:35   798208   ----a-w-   c:\windows\system32\FntCache.dll
2013-08-01 03:16:32   638400   ----a-w-   c:\windows\system32\drivers\dxgkrnl.sys
2013-08-01 02:49:15   37376   ----a-w-   c:\windows\system32\cdd.dll
.
============= FINISH: 18:37:29.13 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 2/18/2011 3:27:57 PM
System Uptime: 10/25/2013 5:50:52 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0RY007
Processor: Intel(R) Core(TM)2 Duo CPU     E4600  @ 2.40GHz | Socket 775 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 227.657 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.609 GiB free.
E: is CDROM ()
F: is Removable
H: is Removable
I: is Removable
K: is Removable
L: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_020D1028&REV_02\3&2411E6FE&0&FB
Service:
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Avira Free Antivirus
CCleaner (remove only)
Dell Resource CD
Dell V305
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 45
Java Auto Updater
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
Realtek High Definition Audio Driver
Registry Mechanic 5.0
Revo Uninstaller 1.95
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
SpywareBlaster 5.0
SpywareGuard v2.2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Windows 7 Upgrade Advisor
.
==== End Of File ===========================

Results of screen317's Security Check version 0.99.74 
Windows Vista Service Pack 2 x86 (UAC is disabled!) 
Internet Explorer 9 
Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled! 
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````[/u]
SpywareBlaster 5.0   
SpywareGuard v2.2   
CCleaner (remove only)   
Java 7 Update 45 
Java version out of Date!
Adobe Flash Player    11.9.900.117 
Adobe Reader 10.1.3 Adobe Reader out of Date! 
Mozilla Firefox (24.0)
````````Process Check: objlist.exe by Laurent````````[/u] 
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````[/u]

thanks,
Ghost
yes i know reg mech is installed but it will be uninstalled;-)

Corrine

#1
October 26, 2013, 12:18:52 AM
Hi, Ghost.

You have it all wrong.  Christmas did not come early.  Rather, your birthday arrived a couple of days early.  Happy Early Birthday, Ghost!   :blowout:

Quote from: Ghostyes i know reg mech is installed but it will be uninstalled;-)
I couldn't help laughing when I saw that.  You know me too well.  I had made a note to remember to include a bit about registry cleaners. 

1.  SecurityCheck apparently hasn't been updated because your new-to-you computer has the most recent version of Java installed.  Adobe Reader does, however, need to be updated or replaced with an alternate reader.  I believe you already know my preference but will reference it here anyway.  :)  See Replacing Adobe Reader with Sumatra PDF.  If you wish to keep Adobe Reader, update checks can be manually activated by choosing Help > Check for Updates or you can get Adobe Reader XI (11.0.05) for Windows is available here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows.  Watch for unwanted extras. 

2.  In addition to SpywareGuard not being tested on Windows Vista, it appears that it is no longer supported as the download link has been removed.  Since SpywareBlaster is installed, I suggest you stick with that.

3.  The logs look clean but it wouldn't hurt to scan with Malwarebytes.  Please download Malwarebytes' Anti-Malware to your desktop from here.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    -- Update Malwarebytes' Anti-Malware and
    -- Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, check the following settings:
    -- On the Scanner tab, check Perform quick scan.
    -- On the Settings tab, Scanner Settings, leave the default boxes checked but change the drop-down boxes to Show in results list and check for removal.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:

  • Click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Please post contents of that file in your next reply.

** Note **

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.



4.  You'll probably want to create a new account for yourself.  I'd also suggest TFC followed by your favorite defraging tool:

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Ghost

#2
October 26, 2013, 12:49:52 AM
hi Corrine,
QuoteHappy Early Birthday, Ghost! 
thank you;-)
QuoteI couldn't help laughing when I saw that.  You know me too well.  I had made a note to remember to include a bit about registry cleaners. 
i knew it was coming but that was there when i first booted up;-)
QuoteAdobe Reader does, however, need to be updated or replaced with an alternate reader. 
i have updated adobe reader since i posted the frist scans;-)
QuoteSince SpywareBlaster is installed, I suggest you stick with that.
alright ill leave it alone.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.25.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Mary :: MARY-PC [administrator]

10/25/2013 8:31:25 PM
mbam-log-2013-10-25 (20-31-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 189522
Time elapsed: 4 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Mary\Downloads\super-mario (1).exe (Adware.Gamevance) -> Quarantined and deleted successfully.
C:\Users\Mary\Downloads\super-mario.exe (Adware.Gamevance) -> Quarantined and deleted successfully.

(end)

thanks,
Ghost

Corrine

#3
October 26, 2013, 02:15:02 PM
It certainly looks to me that you are good to go.  Have fun with your new-to-you toy, Ghost!


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Ghost

#4
October 26, 2013, 02:18:12 PM
morning Corrine,
QuoteIt certainly looks to me that you are good to go.  Have fun with your new-to-you toy, Ghost!
it sure looks that way;-)
thank you for your time and effort Corrine :rose:
Ghost
Print
Go Up Pages1
User actions