Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Installed Trial version of Nero9, did I get a virus?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby bof:) » August 21st, 2009, 12:12 pm

Here's the Rooter program log:

Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows Vista Home Edition (6.0.6002) Service Pack 2
[32_bits] - x86 Family 6 Model 15 Stepping 13, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Disabled !
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 7.0.6002.18005
Mozilla Firefox 3.0.10 (en-US)
.
C:\ [Fixed-NTFS] .. ( Total:111 Go - Free:56 Go )
D:\ [Fixed-NTFS] .. ( Total:108 Go - Free:93 Go )
E:\ [CD_Rom]
.
Scan : 15:45.07
Path : C:\Users\Dad\Desktop\Rooter.exe
User : Dad ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \SystemRoot\System32\smss.exe (460)
______ C:\Windows\system32\csrss.exe (592)
______ C:\Windows\system32\wininit.exe (636)
______ C:\Windows\system32\csrss.exe (648)
______ C:\Windows\system32\services.exe (684)
______ C:\Windows\system32\lsass.exe (696)
______ C:\Windows\system32\lsm.exe (708)
______ C:\Windows\system32\winlogon.exe (788)
______ C:\Windows\system32\svchost.exe (892)
______ C:\Windows\system32\svchost.exe (956)
______ C:\Windows\System32\svchost.exe (996)
______ C:\Windows\System32\svchost.exe (1052)
______ C:\Windows\System32\svchost.exe (1080)
______ C:\Windows\system32\svchost.exe (1092)
Locked audiodg.exe (1184)
______ C:\Windows\system32\SLsvc.exe (1212)
______ C:\Windows\system32\svchost.exe (1256)
______ C:\Windows\system32\svchost.exe (1360)
Locked vsmon.exe (1536)
______ C:\Windows\system32\WLANExt.exe (1772)
______ C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (1828)
______ C:\Program Files\Alwil Software\Avast4\ashServ.exe (1860)
______ C:\Windows\System32\spoolsv.exe (472)
______ C:\Windows\system32\svchost.exe (568)
______ C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (1668)
______ C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (2056)
______ C:\Acer\Empowering Technology\eNet\eNet Service.exe (2100)
______ C:\Program Files\Intel\WiFi\bin\EvtEng.exe (2144)
______ C:\Program Files\Common Files\LightScribe\LSSrvc.exe (2188)
______ C:\Acer\Mobility Center\MobilityService.exe (2236)
______ C:\Windows\system32\svchost.exe (2292)
______ C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (2328)
______ C:\Program Files\CyberLink\Shared Files\RichVideo.exe (2348)
______ C:\Windows\system32\svchost.exe (2388)
______ C:\Windows\system32\Tablet.exe (2408)
______ C:\Windows\System32\svchost.exe (2460)
______ C:\Windows\system32\SearchIndexer.exe (2508)
______ C:\Windows\system32\taskeng.exe (2680)
______ C:\Windows\system32\DRIVERS\xaudio.exe (2768)
______ C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (2804)
______ C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe (3012)
______ C:\Windows\system32\taskeng.exe (3156)
______ C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (3184)
______ C:\Windows\system32\Dwm.exe (3212)
______ C:\Windows\Explorer.EXE (3324)
______ C:\Windows\system32\wbem\wmiprvse.exe (3592)
______ C:\Windows\system32\wbem\wmiprvse.exe (3772)
______ C:\Windows\system32\wbem\unsecapp.exe (4000)
______ C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (4068)
______ C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (2300)
______ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3420)
______ C:\Windows\RtHDVCpl.exe (3540)
______ C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (3720)
______ C:\Acer\Empowering Technology\eAudio\eAudio.exe (1064)
______ C:\Windows\System32\hkcmd.exe (1476)
______ C:\Windows\System32\igfxpers.exe (1464)
Locked zlclient.exe (1544)
______ C:\Program Files\Alwil Software\Avast4\ashDisp.exe (3092)
______ C:\Program Files\Java\jre6\bin\jusched.exe (1724)
______ C:\Program Files\Windows Media Player\wmpnscfg.exe (1372)
______ C:\Windows\system32\igfxsrvc.exe (2284)
______ C:\Program Files\Windows Media Player\wmpnetwk.exe (3060)
______ C:\Users\Dad\AppData\Local\Temp\RtkBtMnt.exe (4180)
______ C:\Windows\system32\wuauclt.exe (5976)
______ C:\Program Files\Internet Explorer\ieuser.exe (3396)
______ C:\Program Files\Internet Explorer\iexplore.exe (4620)
______ C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (484)
______ C:\Program Files\Microsoft Works\WkDStore.exe (5800)
______ C:\Program Files\Microsoft Works\wkswp.exe (2024)
______ C:\Program Files\Microsoft Works\wkgdcach.exe (3924)
______ C:\Users\Dad\Desktop\Rooter.exe (5564)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:10478974464)
\Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:10479006720 | Length:119924582400)
\Device\Harddisk0\Partition3 (Start_Offset:130403589120 | Length:116165629440)
\Device\Harddisk0\Partition4 (Start_Offset:246569218560 | Length:3487518720)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 15:45.10
.
C:\Rooter$\Rooter_1.txt - (21/08/2009 | 15:45.10)
User avatar
bof:)
Regular Member
 
Posts: 165
Joined: July 16th, 2005, 2:43 pm
Location: UK
Advertisement
Register to Remove

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby bof:) » August 21st, 2009, 12:15 pm

And finally here's the RSIT log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dad at 2009-08-21 15:59:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 57 GB (50%) free of 114 GB
Total RAM: 3062 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:57, on 21/08/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Dad\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Dad\Desktop\RSIT MRU TOOL\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Dad.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\Windows\system32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7973 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-01-25 1157120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-01-25 1157120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-05-09 865840]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]
"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-04-27 1286144]
"Acer Tour"= []
"eRecoveryService"= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-02-16 981384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2007-05-04 502544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2007-05-03 206952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSet]
C:\Windows\PLFSet.dll [2007-03-10 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2007-04-27 1208320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-15 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TabUserW.exe.lnk]
C:\Windows\System32\WTablet\TabUserW.exe [2005-12-05 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Dad^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2009-04-16 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskmgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-08-21 15:45:10 ----D---- C:\Rooter$
2009-08-18 17:16:10 ----D---- C:\rsit
2009-08-12 13:03:11 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-12 13:03:11 ----A---- C:\Windows\system32\kerberos.dll
2009-08-12 13:03:10 ----A---- C:\Windows\system32\wdigest.dll
2009-08-12 13:03:10 ----A---- C:\Windows\system32\schannel.dll
2009-08-12 13:03:09 ----A---- C:\Windows\system32\secur32.dll
2009-08-12 13:03:09 ----A---- C:\Windows\system32\lsass.exe
2009-08-12 13:03:09 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-12 13:03:05 ----A---- C:\Windows\system32\mstscax.dll
2009-08-12 13:03:02 ----A---- C:\Windows\system32\avifil32.dll
2009-08-12 13:02:59 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-12 13:02:55 ----A---- C:\Windows\system32\atl.dll
2009-08-12 13:02:42 ----A---- C:\Windows\system32\wmp.dll
2009-08-12 13:02:40 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-12 13:02:40 ----A---- C:\Windows\system32\spwmp.dll
2009-08-12 13:02:40 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-12 13:02:39 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-11 20:26:18 ----A---- C:\Windows\Irremote.ini
2009-08-11 20:15:12 ----D---- C:\Program Files\Nero
2009-08-11 20:14:48 ----D---- C:\ProgramData\Nero
2009-08-11 20:14:48 ----D---- C:\Program Files\Common Files\Nero
2009-08-11 20:14:16 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-08-09 12:01:18 ----D---- C:\Users\Dad\AppData\Roaming\McAfee
2009-08-09 12:00:39 ----D---- C:\Program Files\McAfee
2009-08-05 13:46:53 ----A---- C:\Windows\system32\javaws.exe
2009-08-05 13:46:53 ----A---- C:\Windows\system32\javaw.exe
2009-08-05 13:46:53 ----A---- C:\Windows\system32\java.exe
2009-07-31 14:27:24 ----D---- C:\Users\Dad\AppData\Roaming\Intel
2009-07-31 14:27:24 ----D---- C:\ProgramData\Roaming
2009-07-31 14:26:38 ----D---- C:\Program Files\Cisco
2009-07-31 14:26:36 ----D---- C:\ProgramData\Intel
2009-07-31 14:26:36 ----D---- C:\Program Files\Common Files\Intel
2009-07-30 11:05:48 ----A---- C:\Windows\system32\mshtml.dll
2009-07-30 11:05:46 ----A---- C:\Windows\system32\ieframe.dll
2009-07-30 11:05:44 ----A---- C:\Windows\system32\urlmon.dll
2009-07-30 11:05:43 ----A---- C:\Windows\system32\wininet.dll
2009-07-30 11:05:43 ----A---- C:\Windows\system32\ieui.dll
2009-07-30 11:05:41 ----A---- C:\Windows\system32\ieencode.dll

======List of files/folders modified in the last 1 months======

2009-08-21 15:59:57 ----D---- C:\Windows\Prefetch
2009-08-21 15:59:55 ----D---- C:\Windows\Temp
2009-08-21 15:46:13 ----D---- C:\Windows\Internet Logs
2009-08-21 12:09:37 ----D---- C:\Windows\System32
2009-08-21 12:09:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-21 11:40:28 ----SHD---- C:\Windows\Installer
2009-08-21 11:40:24 ----D---- C:\Program Files\Java
2009-08-21 11:39:45 ----SHD---- C:\System Volume Information
2009-08-21 11:39:07 ----D---- C:\Program Files\Common Files
2009-08-20 06:31:04 ----RD---- C:\Program Files
2009-08-19 21:14:00 ----SD---- C:\Windows\Downloaded Program Files
2009-08-19 20:26:55 ----D---- C:\Program Files\Mozilla Firefox
2009-08-19 20:26:55 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-08-19 20:26:54 ----D---- C:\Users\Dad\AppData\Roaming\SUPERAntiSpyware.com
2009-08-19 20:26:54 ----D---- C:\Program Files\SUPERAntiSpyware
2009-08-19 20:25:00 ----D---- C:\Program Files\SpywareBlaster
2009-08-19 20:23:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-19 20:23:34 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-08-19 20:19:25 ----D---- C:\Program Files\a-squared Free
2009-08-19 17:48:21 ----D---- C:\Users\Dad\AppData\Roaming\Hoyle Card Games
2009-08-19 11:10:47 ----D---- C:\Windows
2009-08-19 11:10:45 ----D---- C:\Windows\inf
2009-08-19 10:40:39 ----AD---- C:\ProgramData\TEMP
2009-08-18 18:08:28 ----RD---- C:\DOWNLOADS
2009-08-18 16:50:25 ----D---- C:\Windows\system32\catroot2
2009-08-16 20:11:51 ----D---- C:\Users\Dad\AppData\Roaming\Skype
2009-08-16 20:10:02 ----D---- C:\Users\Dad\AppData\Roaming\skypePM
2009-08-13 16:44:51 ----D---- C:\Windows\Debug
2009-08-12 13:21:35 ----D---- C:\Windows\winsxs
2009-08-12 13:08:09 ----D---- C:\Windows\system32\drivers
2009-08-12 13:08:09 ----D---- C:\Program Files\Windows Media Player
2009-08-12 13:05:52 ----D---- C:\Windows\system32\catroot
2009-08-12 13:05:48 ----D---- C:\Program Files\Windows Mail
2009-08-11 20:14:48 ----HD---- C:\ProgramData
2009-08-10 18:29:55 ----D---- C:\Users\Dad\AppData\Roaming\U3
2009-08-09 12:00:49 ----SD---- C:\Users\Dad\AppData\Roaming\Microsoft
2009-08-09 12:00:39 ----D---- C:\ProgramData\McAfee
2009-08-04 11:43:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-31 14:26:36 ----D---- C:\Program Files\Intel
2009-07-30 01:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-25 23:36:36 ----D---- C:\Windows\rescache
2009-07-25 05:23:00 ----A---- C:\Windows\system32\deploytk.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2009-02-16 293528]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 13560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-03-15 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-24 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-22 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-03-15 8192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2007-05-04 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-03-15 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-03-15 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-10 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-02-08 1729152]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-05-09 185392]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-03-15 659968]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-04-19 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilDrv10631;EraserUtilDrv10631; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10631.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-24 2216448]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2006-09-19 80744]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-14 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-05-22 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-02-13 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-05-10 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
R2 TabletService;TabletService; C:\Windows\system32\Tablet.exe [2005-12-05 753664]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2009-02-16 2402184]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-05-16 163840]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-03-15 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []

-----------------EOF-----------------
User avatar
bof:)
Regular Member
 
Posts: 165
Joined: July 16th, 2005, 2:43 pm
Location: UK

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby Cypher » August 22nd, 2009, 6:45 am

Hi bof:) your latest set of logs are clean! :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Why you should not be using MSconfig to control startups!!

1. MSconfig was designed to be used only as a temporary debugging/troubleshooting tool. It was not meant to be used for long term solutions.
2. MSconfig does not show all startups anyway.
3. If you uninstall programs while they are being disabled with MSconfig, they will not be uninstall properly and you will have to resort to manual registry editing to properly get everything removed. MSconfig will leave orphan entries if/when installed software is uninstalled while under the control of MSconfig . When/if MSconfig is turned back to normal startup, it will give errors on boot due to those orphan entries.
4. MSconfig and Services:
  • If you uninstall programs while you have some of the programs services being controlled with MSconfig, the programs will not be uninstall properly and you will have to resort to manual registry editing to get everything properly removed.
  • When you uncheck a service in msconfig, you completely disable it. If you uncheck the wrong one, you may not be able to restart your computer.
  • It is safer to control services by using Control Panel, Administrative Tools, Services (this runs services.msc).
5. You can lock malware items into your registry that you may not see anymore until some point in time where you switch back to Normal Startup mode and now you can cause total reinfection of your PC with the malware. You need to remove the malware not mask it.
If you still don't understand why not to use MSconfig, see what Microsoft writes Here

The System Configuration utility helps you find problems with your Windows XP configuration. It does not manage the programs that run when Windows starts.

As you have WinPatrol installed i advise you to used it instead.

I would advise not not to re-enable TeaTimer as it will be in conflict with WinPatrol.

OTC

Download OTC by Old Timer and save it to your Desktop. This tool will remove all the tools we used to clean your pc.

  • Double-click OTC.exe
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? Prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it by yourself

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

Create a new, clean System Restore point

  1. Click on Start > All Programs > Accessories > System Tools > System Restore.
  2. On the Welcome Page, select Create a restore point. Click Next.
  3. Give this restore point a descriptive name and click Create.
  4. When done, click Close.

Warning: Do not clear infected System Restore points before creating a new System Restore point first!

Please read the above to create a new System Restore point first, then clear out the infected System Restore points.


Flush infected System Restore points

1. Right click on My Computer and select Properties.
2. Select the System Restore tab.
3. Check (tick) Turn off system restore on all drives box.
4. Click Apply.
5. Uncheck (untick) Turn off system restore on all drives box.
6. Click OK.
7. Restart your computer.
Note: Do this only ONCE, don't flush it regularly.

Install MVPS Hosts File From Here

The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Visit Microsoft often to get the latest updates for your computer
You can do that HERE

Please check out Tony Klein's article "How did I get infected in the first place?"

Read some information HERE On how to prevent Malware

Is your pc running slow?
Read What to do if your Computer is running slowly

Safe surfing! :)
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby bof:) » August 22nd, 2009, 2:41 pm

Hello CYPHER , thank you so much for all of your help and time, I am in your debt.

I've followed your instructions and have a question about SpywareBlaster ? It is mentioned in 'How to prevent Malware'....section 5.

I now understand that all of the antivirus/malware programs I had originally on my laptop can in some cases work against each other. They will also take up resources and slow my laptop down.

So, should I reinstall SpywareBlaster?

I have now on my laptop, Avast Antivirus (free version)/ Malwarebytes Anti-Malware /WinPatrol.

I've changed my firewall from Zone Alarm (free version) to Sunbelt personal (free version).

Once again thank you for your help,

A very happy bof:) :D
User avatar
bof:)
Regular Member
 
Posts: 165
Joined: July 16th, 2005, 2:43 pm
Location: UK

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby Cypher » August 23rd, 2009, 3:09 pm

Hi bof:)

It is advised to only have the following security software installed.

1 Anti-virus.
1 Firewal, The Vista in-built provides adequate protection as it is a two way firewall.
1 Anti-malware.

If you Installed MVPS Hosts File as i suggested, there is no need for SpywareBlaster as it a pseudo host.
SpywareBlaster is an outdated application now anyway and modern browsers have similar protection in-built..

I hope this answers your question.
If you have no further questions i will have this topic closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby bof:) » August 24th, 2009, 6:04 am

Thank you CYPHER I have no further questions.......once again many thanks for your help.

bof:)
User avatar
bof:)
Regular Member
 
Posts: 165
Joined: July 16th, 2005, 2:43 pm
Location: UK

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby Cypher » August 24th, 2009, 6:09 am

Thank you for the reply bof:)
Your welcome :) i will have this topic closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Installed Trial version of Nero9, did I get a virus?

Unread postby silver » August 24th, 2009, 8:29 pm

This topic is now closed
We are pleased to have been of assistance in getting you clean.

If you have been helped and wish to donate with the costs of this volunteer site, you can do so using this link
Donations For Malware Removal
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 103 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware