We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Vista Internet Security 2011

123468

Comments

  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    [+] Startup folders
    C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk (1815 bytes) (Unknown) (08/09/2009 16:52:31) (--A-) (b8d83d074f08c1b6b11238a986d6d224)
    C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk (1113 bytes) (Unknown) (30/10/2009 00:37:45) (--A-) (6cfcd0524d1bf56a4e8d45751e5f406a)
    [+] TCPIP nameservers

    [+] Internet Explorer settings
    Value: Start Page
    Data: http://www.google.co.uk/
    Key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
    Value: Window Title
    Data: Internet Explorer provided by Dell
    Key: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

    [+] Internet Explorer Trusted Sites

    [+] Windows Firewall allowed programs

    [+] Windows Firewall allowed ports

    [+] System Hijack
    Value: Hidden
    Data: 2
    Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Value: EnableDCOM
    Data: Y
    Key: HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
    Value: Start
    Data: 4
    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess

    [+] Executables in Temp folders
    C:\Users\terry\AppData\Local\Temp\94DF.tmp (311248 bytes) (Adobe Systems, Inc.) (05/04/2011 20:50:08) (--A-) (ee91d9228d93a2d652f1caa83c830f3d)
    C:\Users\terry\AppData\Local\Temp\ABA.tmp (311248 bytes) (Adobe Systems, Inc.) (05/04/2011 20:34:24) (--A-) (ee91d9228d93a2d652f1caa83c830f3d)
    C:\Users\terry\AppData\Local\Temp\ReimagePackage.exe (6999496 bytes) (Reimage®) (05/04/2011 21:00:08) (--A-) (89a0bdb18eccf9e1442a7cb6795aed26)
    [+] Executables in suspicious folders

    [+] Autorun.ini

    [+] Unknown .SYS files
    C:\Windows\system32\drivers\adp94xx.sys (422968 bytes) (Adaptec, Inc.) (02/11/2006 08:36:43) (--A-) (04f0fcac69c7c71a3ac4eb97fafc8303)
    C:\Windows\system32\drivers\adpahci.sys (300600 bytes) (Adaptec, Inc.) (02/11/2006 08:36:43) (--A-) (60505e0041f7751bdbb80f88bf45c2ce)
    C:\Windows\system32\drivers\adpu160m.sys (101432 bytes) (Adaptec, Inc.) (02/11/2006 08:36:43) (--A-) (8a42779b02aec986eab64ecfc98f8bd7)
    C:\Windows\system32\drivers\adpu320.sys (149560 bytes) (Adaptec, Inc.) (02/11/2006 08:36:43) (--A-) (241c9e37f8ce45ef51c3de27515ca4e5)
    C:\Windows\system32\drivers\aliide.sys (17464 bytes) (Acer Laboratories Inc.) (02/11/2006 09:51:35) (--A-) (9eaef5fc9b8e351afa7e78a6fae91f91)
    C:\Windows\system32\drivers\Apfiltr.sys (170032 bytes) (Alps Electric Co., Ltd.) (04/04/2009 03:52:06) (--A-) (b83f9da84f7079451c1c6a4a2f140920)
    C:\Windows\system32\drivers\arc.sys (79416 bytes) (Adaptec, Inc.) (02/11/2006 08:36:44) (--A-) (5d2888182fb46632511acee92fdad522)
    C:\Windows\system32\drivers\arcsas.sys (79928 bytes) (Adaptec, Inc.) (02/11/2006 08:36:44) (--A-) (5e2a321bd7c8b3624e41fdec3e244945)
    C:\Windows\system32\drivers\atikmdag.sys (2028032 bytes) (ATI Technologies Inc.) (02/11/2006 11:25:44) (--A-) (e642b131fb74caf4bb8a014f31113142)
    C:\Windows\system32\drivers\AVGIDSEH.sys (25608 bytes) (AVG Technologies) (13/12/2010 13:21:30) (--A-) (ab37408508b9754e657ec3a7d8af9e5c)
    C:\Windows\system32\drivers\bcm42rly.sys (18424 bytes) (Broadcom Corporation) (04/04/2009 01:15:34) (--A-) (423c7b87e886ac93d22936ea82665f83)
    C:\Windows\system32\drivers\BCMWL6.SYS (1331192 bytes) (Broadcom Corporation) (04/04/2009 03:52:10) (--A-) (b56999be8f22ba3071e4ceafa9e82e26)
    C:\Windows\system32\drivers\BrFiltLo.sys (13568 bytes) (Brother Industries, Ltd.) (02/11/2006 10:38:56) (--A-) (9f9acc7f7ccde8a15c282d3f88b43309)
    C:\Windows\system32\drivers\BrFiltUp.sys (5248 bytes) (Brother Industries, Ltd.) (02/11/2006 10:37:24) (--A-) (56801ad62213a41f6497f96dee83755a)
    C:\Windows\system32\drivers\BrSerId.sys (71808 bytes) (Brother Industries Ltd.) (02/11/2006 10:22:06) (--A-) (b304e75cff293029eddf094246747113)
    C:\Windows\system32\drivers\BrSerWdm.sys (62336 bytes) (Brother Industries Ltd.) (02/11/2006 10:36:51) (--A-) (203f0b1e73adadbbb7b7b1fabd901f6b)
    C:\Windows\system32\drivers\BrUsbMdm.sys (12160 bytes) (Brother Industries Ltd.) (02/11/2006 10:37:31) (--A-) (bd456606156ba17e60a04e18016ae54b)
    C:\Windows\system32\drivers\BrUsbSer.sys (11904 bytes) (Brother Industries Ltd.) (02/11/2006 10:38:00) (--A-) (af72ed54503f717a43268b3cc5faec2e)
    C:\Windows\system32\drivers\cdr4_xp.sys (9072 bytes) (Sonic Solutions) (17/10/2007 08:00:00) (--A-) (c716c877a528fae6d352a7430ae0a4a4)
    C:\Windows\system32\drivers\cdralw2k.sys (9200 bytes) (Sonic Solutions) (17/10/2007 08:00:00) (--A-) (17cd01a8b4d0a1e6cbf4bb07cd57043c)
    C:\Windows\system32\drivers\cmdide.sys (19000 bytes) (CMD Technology, Inc.) (02/11/2006 09:51:35) (--A-) (0ca25e686a4928484e9fdabd168ab629)
    C:\Windows\system32\drivers\DefragFs.sys (71696 bytes) (Raxco Software, Inc.) (08/06/2009 11:00:56) (--A-) (65c7122d1115a4e1db3e8c11df919a40)
    C:\Windows\system32\drivers\djsvs.sys (71272 bytes) (Adaptec, Inc.) (02/11/2006 08:36:49) (--A-) (ae1fdf7bf7bb6c6a70f67699d880592a)
    C:\Windows\system32\drivers\e1e6032.sys (220672 bytes) (Intel Corporation) (21/01/2008 03:32:51) (--A-) (908ed85b7806e8af3af5e9b74f7809d4)
    C:\Windows\system32\drivers\E1G60I32.sys (118784 bytes) (Intel Corporation) (21/01/2008 03:32:50) (--A-) (5425f74ac0c1dbd96a1e04f17d63f94c)
    C:\Windows\system32\drivers\elxstor.sys (342584 bytes) (Emulex) (02/11/2006 08:36:44) (--A-) (23b62471681a124889978f6295b3f4c6)
    C:\Windows\system32\drivers\hitmanpro35.sys (16968 bytes) (Unknown) (05/04/2011 21:56:35) (--A-) (30b90793a568281bef70fa57dde305a2)
    C:\Windows\system32\drivers\HpCISSs.sys (40504 bytes) (Hewlett-Packard Company) (02/11/2006 08:36:44) (--A-) (16ee7b23a009e00d835cdb79574a91a6)
    C:\Windows\system32\drivers\iaStor.sys (317976 bytes) (Intel Corporation) (04/04/2009 03:52:21) (--A-) (80c633722da72e97f3f5b3b11325696d)
    C:\Windows\system32\drivers\iaStorV.sys (235064 bytes) (Intel Corporation) (02/11/2006 08:36:44) (--A-) (54155ea1b0df185878e0fc9ec3ac3a14)
    C:\Windows\system32\drivers\igdkmd32.sys (2473472 bytes) (Intel Corporation) (04/04/2009 03:52:25) (--A-) (8dad27dd28a4274866767c89c0bf154f)
    C:\Windows\system32\drivers\iirsp.sys (41576 bytes) (Intel Corp./ICP vortex GmbH) (02/11/2006 08:36:44) (--A-) (2d077bf86e843f901d8db709c95b49a5)
    C:\Windows\system32\drivers\iteatapi.sys (35944 bytes) (Integrated Technology Express, Inc.) (02/11/2006 08:36:45) (--A-) (bced60d16156e428f8df8cf27b0df150)
    C:\Windows\system32\drivers\iteraid.sys (35944 bytes) (Integrated Technology Express, Inc.) (02/11/2006 08:36:44) (--A-) (06fa654504a498c30adca8bec4e87e7e)
    C:\Windows\system32\drivers\lsi_fc.sys (96312 bytes) (LSI Logic) (02/11/2006 08:36:47) (--A-) (c7e15e82879bf3235b559563d4185365)
    C:\Windows\system32\drivers\lsi_sas.sys (89656 bytes) (LSI Logic) (02/11/2006 08:36:46) (--A-) (ee01ebae8c9bf0fa072e0ff68718920a)
    C:\Windows\system32\drivers\lsi_scsi.sys (96312 bytes) (LSI Logic) (21/01/2008 03:32:48) (--A-) (912a04696e9ca30146a62afa1463dd5c)
    C:\Windows\system32\drivers\mbam.sys (20952 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:13) (--A-) (836e0e09ca9869be7eb39ef2cf3602c7)
    C:\Windows\system32\drivers\mbamswissarmy.sys (38224 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (d68e165c3123aba3b1282eddb4213bd8)
    C:\Windows\system32\drivers\megasas.sys (31288 bytes) (LSI Corporation) (02/11/2006 08:36:45) (--A-) (0001ce609d66632fa17b84705f658879)
    C:\Windows\system32\drivers\MegaSR.sys (386616 bytes) (LSI Corporation, Inc.) (21/01/2008 04:26:49) (--A-) (c252f32cd9a49dbfc25ecf26ebd51a99)
    C:\Windows\system32\drivers\Mraid35x.sys (33384 bytes) (LSI Logic Corporation) (02/11/2006 08:36:45) (--A-) (4fbbb70d30fd20ec51f80061703b001e)
    C:\Windows\system32\drivers\nfrd960.sys (45160 bytes) (IBM Corporation) (02/11/2006 08:36:44) (--A-) (2e7fb731d4790a1bc6270accefacb36e)
    C:\Windows\system32\drivers\ntrigdigi.sys (20608 bytes) (N-trig Innovative Technologies) (02/11/2006 08:36:50) (--A-) (e875c093aec0c978a90f30c9e0dfbb72)
    C:\Windows\system32\drivers\nvraid.sys (102968 bytes) (NVIDIA Corporation) (02/11/2006 08:36:46) (--A-) (2edf9e7751554b42cbb60116de727101)
    C:\Windows\system32\drivers\nvstor.sys (45112 bytes) (NVIDIA Corporation) (02/11/2006 08:36:46) (--A-) (abed0c09758d1d97db0042dbb2688177)
    C:\Windows\system32\drivers\pxhelp20.sys (43840 bytes) (Sonic Solutions) (14/11/2007 09:00:00) (--A-) (03e0fe281823ba64b3782f5b38950e73)
    C:\Windows\system32\drivers\ql2300.sys (1122360 bytes) (QLogic Corporation) (02/11/2006 08:36:47) (--A-) (0a6db55afb7820c99aa1f3a1d270f4f6)
    C:\Windows\system32\drivers\ql40xx.sys (106088 bytes) (QLogic Corporation) (02/11/2006 08:36:48) (--A-) (81a7e5c076e59995d54bc1ed3a16e60b)
    C:\Windows\system32\drivers\RapportKELL.sys (59240 bytes) (Trusteer Ltd.) (03/10/2010 23:43:44) (--A-) (b64262f33c53d690ed662fde57102b10)
    C:\Windows\system32\drivers\rp_pkt32.sys (48384 bytes) (Radialpoint, Inc.) (13/12/2010 13:20:04) (--A-) (b7e136986bb3dac249a00e760281f0a9)
    C:\Windows\system32\drivers\rp_skt32.sys (53192 bytes) (Radialpoint Inc.) (13/12/2010 13:20:27) (--A-) (750d83c39d60964b6bc2b8a75ed7a165)
    C:\Windows\system32\drivers\RTSTOR.sys (69664 bytes) (Realtek Semiconductor Corp.) (04/04/2009 03:52:21) (--A-) (8f6b5cfcd472fd3e54a68d211ec4617b)
    C:\Windows\system32\drivers\secdrv.sys (20480 bytes) (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) (02/11/2006 07:37:21) (--A-) (90a3935d05b494a5a39d37e71f09a677)
    C:\Windows\system32\drivers\sisraid4.sys (74808 bytes) (Silicon Integrated Systems) (02/11/2006 08:36:48) (--A-) (a99c6c8b0baa970d8aa59ddc50b57f94)
    C:\Windows\system32\drivers\StarOpen_x86.sys (5504 bytes) (Unknown) (21/10/2009 14:20:08) (--A-) (e57b778208c783d8debab320c16a1b82)
    C:\Windows\system32\drivers\stwrt.sys (393216 bytes) (IDT, Inc.) (04/04/2009 03:52:02) (--A-) (14a9ad287fda70a06463e09c4328c1f2)
    C:\Windows\system32\drivers\symc8xx.sys (35944 bytes) (LSI Logic) (02/11/2006 08:36:47) (--A-) (192aa3ac01df071b541094f251deed10)
    C:\Windows\system32\drivers\sym_hi.sys (31848 bytes) (LSI Logic) (02/11/2006 08:36:47) (--A-) (8c8eb8c76736ebaf3b13b633b2e64125)
    C:\Windows\system32\drivers\sym_u3.sys (34920 bytes) (LSI Logic) (02/11/2006 08:36:47) (--A-) (8072af52b5fd103bbba387a1e49f62cb)
    C:\Windows\system32\drivers\uliahci.sys (238648 bytes) (ULi Electronics Inc.) (02/11/2006 08:36:48) (--A-) (9224bb254f591de4ca8d572a5f0d635c)
    C:\Windows\system32\drivers\ulsata.sys (98408 bytes) (Promise Technology, Inc.) (02/11/2006 08:36:46) (--A-) (8514d0e5cd0534467c5fc61be94a569f)
    C:\Windows\system32\drivers\ulsata2.sys (115816 bytes) (Promise Technology, Inc.) (02/11/2006 08:36:46) (--A-) (38c3c6e62b157a6bc46594fada45c62b)
    C:\Windows\system32\drivers\viaide.sys (20024 bytes) (VIA Technologies, Inc.) (02/11/2006 09:51:36) (--A-) (aadf5587a4063f52c2c3fed7887426fc)
    C:\Windows\system32\drivers\vsmraid.sys (130616 bytes) (VIA Technologies Inc.,Ltd) (02/11/2006 08:36:48) (--A-) (587253e09325e6bf226b299774b728a9)
    C:\Windows\system32\drivers\yk60x86.sys (304128 bytes) (Marvell) (04/04/2009 03:52:08) (--A-) (1a51df1a5c658d534ed980d18f7982de)
    [+] Non accessible files

    [+] Executables in Internet Explorer Folder

    [+] Files created/modified 15 days ago
    C:\Windows\system32\drivers\hitmanpro35.sys (16968 bytes) (Unknown) (05/04/2011 21:56:35) (--A-) (30b90793a568281bef70fa57dde305a2) (Created)
    C:\Windows\system32\drivers\mbam.sys (20952 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:13) (--A-) (836e0e09ca9869be7eb39ef2cf3602c7) (Created)
    C:\Windows\system32\drivers\mbamswissarmy.sys (38224 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (d68e165c3123aba3b1282eddb4213bd8) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll (202576 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (874438150b2c653840aa809377a8dd53) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (963976 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:14) (--A-) (4cec4b72c5b255ec2f7c54cd03554540) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll (518480 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (706c2e80cfcb37deeb0b1d01f8067843) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (77648 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:13) (--A-) (1365bb2a78db638870337422b54ddbac) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (443728 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:15) (--A-) (87ffc1ff3b269fd8e0bb010294b697f6) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll (331088 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (16a765146d8e38a8acae8dd7c5acfdba) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (363344 bytes) (Malwarebytes Corporation) (05/04/2011 21:27:16) (--A-) (246af5a08b0339231bdd7437ab6ff6b8) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll (46416 bytes) (vbAccelerator) (05/04/2011 21:27:16) (--A-) (66f6ccbeec3ba2781ec14e2a2b5960d8) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe (709456 bytes) (Unknown) (05/04/2011 21:27:13) (--A-) (c88c64609de58fa3d8637c4866c7c6bb) (Created)
    C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx (496976 bytes) (vbAccelerator) (05/04/2011 21:27:16) (--A-) (5adb7c7788a7113fe9b3180b7771d128) (Created)
    C:\Program Files\NoVirusThanks\Hijack Hunter\HijackHunter.exe (628736 bytes) (NoVirusThanks Company Srl) (05/04/2011 22:24:08) (--A-) (b6ffa83b91d78a0369fe0e15e4dba69c) (Created)
    C:\Program Files\NoVirusThanks\Hijack Hunter\nhdrv.sys (4608 bytes) (NoVirusThanks Company Srl) (05/04/2011 22:24:08) (--A-) (8f40312ac7b0f3d0246fe52105e4f1d7) (Created)
    C:\Program Files\NoVirusThanks\Hijack Hunter\unins000.exe (707354 bytes) (Unknown) (05/04/2011 22:24:07) (--A-) (eecf7fe501b410aa3733bb0b23ab678a) (Created)
    C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe (607600 bytes) (Reimage Reminder) (05/04/2011 08:40:50) (--A-) (7ae5af622568f62276f148459475b9a2) (Created)
    C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (261368 bytes) (Reimage®) (05/04/2011 21:00:21) (--A-) (64dbe4d504e1581a7bb750aaccedce86) (Created)
    C:\Program Files\Reimage\Reimage Repair\REI_AVIRA.exe (172032 bytes) (Unknown) (05/04/2011 08:40:48) (--A-) (4323d01195417d5d2204db63cd73cce2) (Created)
    C:\Program Files\Reimage\Reimage Repair\uninst.exe (151872 bytes) (Reimage®) (05/04/2011 15:59:48) (--A-) (0156dd1824165a0a292b8b7f30c4eb42) (Created)
    C:\Program Files\Virgin Media\Security\BitDefender\BDCoreEngines\BDCoreSet1\avxdisk.dll (58648 bytes) (BitDefender) (02/04/2011 22:57:09) (--A-) (b84f305a45da89a63f48c17b03cc6288) (Created)
    C:\Program Files\Virgin Media\Security\BitDefender\BDCoreEngines\BDCoreSet1\bdcore.dll (108448 bytes) (BitDefender) (02/04/2011 22:57:09) (--A-) (d46aaea32e27a2fb3950c4d5513ffdbf) (Created)
    C:\Program Files\Virgin Media\Security\BitDefender\BDCoreEngines\BDCoreSet2\avxdisk.dll (58648 bytes) (BitDefender) (02/04/2011 15:31:34) (--A-) (b84f305a45da89a63f48c17b03cc6288) (Created)
    C:\Program Files\Virgin Media\Security\BitDefender\BDCoreEngines\BDCoreSet2\bdcore.dll (108448 bytes) (BitDefender) (02/04/2011 15:31:34) (--A-) (d46aaea32e27a2fb3950c4d5513ffdbf) (Created)
    C:\Users\terry\AppData\Local\Temp\94DF.tmp (311248 bytes) (Adobe Systems, Inc.) (05/04/2011 20:50:08) (--A-) (ee91d9228d93a2d652f1caa83c830f3d) (Created)
    C:\Users\terry\AppData\Local\Temp\ABA.tmp (311248 bytes) (Adobe Systems, Inc.) (05/04/2011 20:34:24) (--A-) (ee91d9228d93a2d652f1caa83c830f3d) (Created)
    C:\Users\terry\AppData\Local\Temp\cpuz134\cpuz134_x32.sys (20328 bytes) (Windows (R) Win 7 DDK provider) (05/04/2011 21:01:09) (--A-) (75fa19142531cbf490770c2988a7db64) (Created)
    C:\Users\terry\AppData\Local\Temp\nsg97FB.tmp\xml.dll (121344 bytes) (Unknown) (05/04/2011 21:00:07) (--A-) (42df1fbaa87567adf2b4050805a1a545) (Created)
    C:\Users\terry\AppData\Local\Temp\nsrE724.tmp\xml.dll (121344 bytes) (Unknown) (05/04/2011 21:00:20) (--A-) (42df1fbaa87567adf2b4050805a1a545) (Created)
    The forest would be very silent if no birds sang except for the birds that sang the best






  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    +] Hidden files in suspicious folders

    [+] Suspicious Registry Keys

    [+] Suspicious folders

    [+] Drivers
    C:\Windows\system32\drivers\apfiltr.sys (ApfiltrService) (Alps Touch Pad Filter Driver for Windows 2000/XP/Vista) (Alps Electric Co., Ltd.) (b83f9da84f7079451c1c6a4a2f140920)
    C:\Windows\system32\drivers\bcm42rly.sys (BCM42RLY) (BCM42RLY) (Broadcom Corporation) (423c7b87e886ac93d22936ea82665f83)
    C:\Windows\system32\drivers\bcmwl6.sys (BCM43XX) (Dell Wireless WLAN Card Driver) (Broadcom Corporation) (b56999be8f22ba3071e4ceafa9e82e26)
    C:\Windows\system32\drivers\bdfsfltr.sys (bdfsfltr) (bdfsfltr) (BitDefender S.R.L. Bucharest, ROMANIA) (9b281f5f673cbc5b9ec886d59e0b4f26)
    C:\Windows\system32\drivers\crcdisk.sys (crcdisk) (Crcdisk Filter Driver) (Microsoft Corporation) (741e9dff4f42d2d8477d0fc1dc0df871)
    C:\Windows\system32\drivers\fssfltr.sys (fssfltr) (fssfltr) (Microsoft Corporation) (d909075fa72c090f27aa926c32cb4612)
    C:\Windows\system32\drivers\iastor.sys (iaStor) (Intel AHCI Controller) (Intel Corporation) (80c633722da72e97f3f5b3b11325696d)
    C:\Windows\system32\drivers\igdkmd32.sys (igfx) (igfx) (Intel Corporation) (8dad27dd28a4274866767c89c0bf154f)
    C:\Windows\system32\drivers\intelppm.sys (intelppm) (Intel Processor Driver) (Microsoft Corporation) (224191001e78c89dfa78924c3ea595ff)
    c:\program files\virgin media\security\bitdefender\profos.sys (Profos) (Profos) (BitDefender S.R.L.) (d90a33660d328a9f587580f0b38c85de)
    C:\Windows\system32\drivers\pxhelp20.sys (PxHelp20) (PxHelp20) (Sonic Solutions) (03e0fe281823ba64b3782f5b38950e73)
    c:\program files\virgin media\security\avg\identity protection\agent\drivers\avgidsdriver.sys (RadialpointIDSDriver) (RadialpointIDSDriver) (AVG Technologies) (bdbed9fc165faf04be644ec212ba4603)
    C:\Windows\system32\drivers\avgidseh.sys (RadialpointIDSEH) (RadialpointIDSEH) (AVG Technologies) (ab37408508b9754e657ec3a7d8af9e5c)
    c:\program files\virgin media\security\avg\identity protection\agent\drivers\avgidsfilter.sys (RadialpointIDSFilter) (RadialpointIDSFilter) (AVG Technologies) (a6c0c7d9da55e5c3dd9c62b11916586b)
    c:\program files\virgin media\security\avg\identity protection\agent\drivers\avgidsshim.sys (RadialpointIDSShim) (RadialpointIDSShim) (AVG Technologies) (a79eeb6feace017928581ef13d573745)
    c:\programdata\trusteer\rapport\store\exts\rapportcerberus\23945\rapportcerberus_23945.sys (RapportCerberus_23945) (RapportCerberus_23945) (Trusteer Ltd.) (d9569c76a4e3fbae2cfe7ebf444ece4d)
    C:\Windows\system32\drivers\rapportkell.sys (RapportKELL) (RapportKELL) (Trusteer Ltd.) (b64262f33c53d690ed662fde57102b10)
    c:\program files\trusteer\rapport\bin\rapportpg.sys (RapportPG) (RapportPG) (Trusteer Ltd.) (c9b8a131aaf77d969cbc3987537b319d)
    C:\Windows\system32\drivers\rp_pkt32.sys (RPPKT) (Radialpoint Filter (x86)) (Radialpoint, Inc.) (b7e136986bb3dac249a00e760281f0a9)
    C:\Windows\system32\drivers\rp_skt32.sys (RPSKT) (Security Services Driver (x86)) (Radialpoint Inc.) (750d83c39d60964b6bc2b8a75ed7a165)
    C:\Windows\system32\drivers\rtstor.sys (RTSTOR) (Realtek USB 2.0 Card Reader) (Realtek Semiconductor Corp.) (8f6b5cfcd472fd3e54a68d211ec4617b)
    C:\Windows\system32\drivers\stwrt.sys (STHDA) (IDT High Definition Audio CODEC) (IDT, Inc.) (14a9ad287fda70a06463e09c4328c1f2)
    C:\Windows\system32\drivers\swenum.sys (swenum) (Software Bus Driver) (Microsoft Corporation) (7ba58ecf0c0a9a69d44b3dca62becf56)
    c:\program files\virgin media\security\bitdefender\trufos.sys (Trufos) (Trufos) (BitDefender S.R.L.) (b16d66a71de03285e14e9f165b59eda4)
    C:\Windows\system32\drivers\yk60x86.sys (yukonwlh) (NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller) (Marvell) (1a51df1a5c658d534ed980d18f7982de)
    c:\programdata\trusteer\rapport\store\exts\rapportcerberus\25641\rapportcerberus_25641.sys (RapportCerberus_25641) (RapportCerberus_25641) (Trusteer Ltd.) (300a0cd54e383637e09c774a59a69606)
    c:\users\terry\appdata\local\temp\cpuz134\cpuz134_x32.sys (cpuz134) (cpuz134) (Windows (R) Win 7 DDK provider) (75fa19142531cbf490770c2988a7db64)
    [+] Drivers -> FSFilter Anti-Virus
    Driver Name: bdfsfltr
    Driver File: system32\drivers\bdfsfltr.sys
    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bdfsfltr

    [+] Services
    c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\aestsrv.exe (AESTFilters) (Andrea ST Filters Service) (Andrea Electronics Corporation) (087b04ca45e2f059a55709b0b8f95ea9)
    c:\program files\dell\delldock\docklogin.exe (DockLoginService) (Dock Login Service) (Stardock Corporation) (db29915209770d8b59654345ec2d943a)
    c:\program files\intel\intel matrix storage manager\iaantmon.exe (IAANTMON) (Intel(R) Matrix Storage Event Monitor) (Intel Corporation) (7b96206e4bdd2fe582f0dbc46f5f410e)
    c:\program files\virgin media\security\rpssecurityawarer.exe (Radialpoint Security Services) (Virgin Media Security) (Virgin Media) (ac4ab3057bb489b25ea2ee2d718f2072)
    c:\program files\virgin media\security\avg\identity protection\agent\bin\avgidsagent.exe (RadialpointIDSAgent) (RadialpointIDSAgent) (AVG Technologies CZ, s.r.o.) (c4890ace6384522e9b678f403ab5a145)
    c:\program files\trusteer\rapport\bin\rapportmgmtservice.exe (RapportMgmtService) (Rapport Management Service) (Trusteer Ltd.) (8115a86e328dd314e94636f4d66c2770)
    c:\program files\virgin media\security\fws.exe (RP_FWS) (Virgin Media Security Firewall) (Virgin Media) (72612cc96156957adfdfe35aaa456a36)
    c:\program files\microsoft\search enhancement pack\seaport\seaport.exe (SeaPort) (SeaPort) (Microsoft Corporation) (16a252022535b680046f6e34e136d378)
    c:\program files\virgin media\hub\servicepointservice.exe (ServicepointService) (ServicepointService) (Radialpoint Inc.) (b2a68ff28ce1c3f762397a6403798605)
    c:\windows\system32\driverstore\filerepository\stwrt.inf_ae0b52e0\stacsv.exe (STacSV) (Audio Service) (IDT, Inc.) (cb2449150a5ea17caa0b94363d9440cc)
    c:\program files\tomtom home 2\tomtomhomeservice.exe (TomTomHOMEService) (TomTomHOMEService) (TomTom) (747e60b773e95f6c93d5621b550d6865)
    c:\program files\common files\microsoft shared\windows live\wlidsvc.exe (wlidsvc) (Windows Live ID Sign-in Assistant) (Microsoft Corp.) (0a70f4022ec2e14c159efc4f69aa2477)
    c:\windows\system32\wltrysvc.exe (wltrysvc) (Dell Wireless WLAN Tray Service) (Unknown) (8f9ae85fb8fd7dac24ba540c53e8cfa9)
    [+] ServiceDll
    C:\Program Files\Virgin Media\Security\BitDefender\scan.dll (311296 bytes) (S.C. BitDefender S.R.L) (13/12/2010 13:20:32) (--A-) (5f67cd0e938b5669970c5872275dc753)
    [+] Unknown files in Winsock LSP

    [+] Unknown files in CLSID
    C:\Windows\system32\OGACheckControl.dll (403816 bytes) (Unknown) (03/08/2009 16:07:42) (--A-) (10c03f5479e6bd73c9cb3dfde9fa4c2e)
    C:\Windows\system32\stcplx.dll (404480 bytes) (IDT, Inc.) (04/04/2009 03:52:02) (--A-) (f653e0d580ed0fff1a14ab63b216a529)
    C:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll (147968 bytes) (SRS Labs, Inc.) (04/04/2009 03:52:02) (--A-) (7e86a3258c360980e5d019ba6140c00c)
    C:\Windows\system32\IGFXEXPS.DLL (24576 bytes) (Intel Corporation) (04/04/2009 03:52:25) (--A-) (26168e5f54c5c9ba95c08b3473aa8381)
    C:\Windows\Downloaded Program Files\isusweb.dll (484272 bytes) (Macrovision Corporation) (11/09/2006 10:40:36) (--A-) (0c135b4feff52ed92cf08bb3f0a75a90)
    C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (382720 bytes) (RealPlayer) (12/12/2010 21:18:39) (--A-) (b1689a8e86f0798450c2bb4f9bd9e49c)
    C:\Windows\system32\igfxpph.dll (217088 bytes) (Intel Corporation) (04/04/2009 03:52:25) (--A-) (64e9f1a9c545ff607da4f6fee5498af2)
    C:\Windows\system32\atitmmxx.dll (159744 bytes) (Unknown) (02/11/2006 11:25:44) (--A-) (000826a4ad90faa81f95fc208878208f)
    C:\Windows\system32\igfxdo.dll (135168 bytes) (Intel Corporation) (04/04/2009 03:52:25) (--A-) (9e281bc87e3c6e4d376fcb4fdf39cd0c)
    C:\Windows\system32\ctapo32.dll (497152 bytes) (Creative Technology Ltd.) (03/04/2009 19:57:39) (--A-) (29a9c181af6eab2aef8a2aeb88b349a3)
    C:\Windows\system32\aestecap.dll (376832 bytes) (Andrea Electronics Corporation) (03/04/2009 19:57:38) (--A-) (3f4d59f914a14eb88b90e58fcdfa16b5)
    C:\Windows\system32\aestaren.dll (60416 bytes) (Andrea Electronics Corporation) (03/04/2009 19:57:38) (--A-) (8ecb3bca5da3c2ad9db550d7397622e0)
    C:\Windows\DOWNLO~1\dwusplay.dll (29616 bytes) (InstallShield Software Corporation) (30/06/2006 18:00:06) (--A-) (8ce7705cb43b03bb7970b04087c7758f)
    C:\Windows\system32\aestacap.dll (138240 bytes) (Andrea Electronics Corporation) (03/04/2009 19:57:38) (--A-) (c481904bd15f51af0029d6355d45ac94)
    C:\Windows\system32\stapo.dll (677888 bytes) (IDT, Inc.) (04/04/2009 03:52:02) (--A-) (a7ca1264c44214e348a49d1d37ae1ba5)
    C:\Windows\system32\deploytk.dll (410984 bytes) (Sun Microsystems, Inc.) (04/04/2009 01:15:02) (--A-) (d14bfab125e34b0f1bc152b92fb02d94)
    C:\Windows\system32\rmoc3260.dll (199904 bytes) (RealNetworks, Inc.) (12/12/2010 21:18:33) (--A-) (4601b887e8bf37c5411b01f3a99e1d29)
    [+] TCP Connections
    svchost.exe -> 0.0.0.0:135 -> 0.0.0.0:0 -> LISTENING
    N/A -> 0.0.0.0:445 -> 0.0.0.0:0 -> LISTENING
    N/A -> 0.0.0.0:2869 -> 0.0.0.0:0 -> LISTENING
    N/A -> 0.0.0.0:5357 -> 0.0.0.0:0 -> LISTENING
    wininit.exe -> 0.0.0.0:49152 -> 0.0.0.0:0 -> LISTENING
    svchost.exe -> 0.0.0.0:49153 -> 0.0.0.0:0 -> LISTENING
    svchost.exe -> 0.0.0.0:49154 -> 0.0.0.0:0 -> LISTENING
    lsass.exe -> 0.0.0.0:49155 -> 0.0.0.0:0 -> LISTENING
    svchost.exe -> 0.0.0.0:49160 -> 0.0.0.0:0 -> LISTENING
    services.exe -> 0.0.0.0:49162 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:10472 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:10472 -> 127.0.0.1:51495 -> ESTABLISHED
    rps.exe -> 127.0.0.1:10473 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:10474 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:10475 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:10476 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 127.0.0.1:49244 -> 127.0.0.1:49245 -> ESTABLISHED
    rps.exe -> 127.0.0.1:49245 -> 127.0.0.1:49244 -> ESTABLISHED
    RapportMgmtService.exe -> 127.0.0.1:51495 -> 127.0.0.1:10472 -> ESTABLISHED
    N/A -> 192.168.1.3:139 -> 0.0.0.0:0 -> LISTENING
    rps.exe -> 192.168.1.3:51496 -> 50.16.243.43:80 -> ESTABLISHED
    rps.exe -> 192.168.1.3:51497 -> 85.115.52.140:80 -> ESTABLISHED
    [+] UDP Connections
    svchost.exe -> 0.0.0.0:123 -> *.*
    svchost.exe -> 0.0.0.0:500 -> *.*
    svchost.exe -> 0.0.0.0:3702 -> *.*
    svchost.exe -> 0.0.0.0:3702 -> *.*
    svchost.exe -> 0.0.0.0:4500 -> *.*
    svchost.exe -> 0.0.0.0:5355 -> *.*
    svchost.exe -> 0.0.0.0:63539 -> *.*
    svchost.exe -> 127.0.0.1:1900 -> *.*
    RapportMgmtService.exe -> 127.0.0.1:49152 -> *.*
    svchost.exe -> 127.0.0.1:54382 -> *.*
    iexplore.exe -> 127.0.0.1:55353 -> *.*
    RapportService.exe -> 127.0.0.1:57505 -> *.*
    iexplore.exe -> 127.0.0.1:59139 -> *.*
    svchost.exe -> 127.0.0.1:63543 -> *.*
    N/A -> 192.168.1.3:137 -> *.*
    N/A -> 192.168.1.3:138 -> *.*
    svchost.exe -> 192.168.1.3:1900 -> *.*
    svchost.exe -> 192.168.1.3:63542 -> *.*
    [+] Hosts file

    [+] Ring3 API Hooks

    [+] Kernel Mode Info
    [SSDT] NtAssignProcessToJobObject -> 0x8CB77FE4 -> 0x839D1B13 -> RapportPG.sys
    [SSDT] NtCreateFile -> 0x8CB78996 -> 0x83A562EB -> RapportPG.sys
    [SSDT] NtCreateThread -> 0xAD13DD1A -> 0x83AA5B98 -> RapportCerberus_25641.sys
    [SSDT] NtDeleteFile -> 0xAD13CD76 -> 0x83984C5E -> RapportCerberus_25641.sys
    [SSDT] NtDeleteKey -> 0x8CB7C36C -> 0x839C66F7 -> RapportPG.sys
    [SSDT] NtDeleteValueKey -> 0x8CB7C39E -> 0x839C1C98 -> RapportPG.sys
    [SSDT] NtLoadKey -> 0x8CB7C500 -> 0x83971156 -> RapportPG.sys
    [SSDT] NtOpenFile -> 0x8CB78A5A -> 0x83A1A37D -> RapportPG.sys
    [SSDT] NtOpenProcess -> 0x817B3620 -> 0x83A34F58 -> AVGIDSShim.sys
    [SSDT] NtOpenThread -> 0x8CB7831A -> 0x83A304AA -> RapportPG.sys
    [SSDT] NtProtectVirtualMemory -> 0x8CB7844C -> 0x83A2E28D -> RapportPG.sys
    [SSDT] NtQueryValueKey -> 0x8CB7C476 -> 0x83A318F8 -> RapportPG.sys
    [SSDT] NtRenameKey -> 0x8CB7C3E0 -> 0x83A6866C -> RapportPG.sys
    [SSDT] NtReplaceKey -> 0x8CB7C412 -> 0x83A67F76 -> RapportPG.sys
    [SSDT] NtRestoreKey -> 0x8CB7C444 -> 0x83A66D72 -> RapportPG.sys
    [SSDT] NtSetContextThread -> 0x8CB77F8A -> 0x83AA6867 -> RapportPG.sys
    [SSDT] NtSetInformationFile -> 0xAD13CDEA -> 0x83A0DE2D -> RapportCerberus_25641.sys
    [SSDT] NtSetValueKey -> 0xAD13DBF6 -> 0x839F235A -> RapportCerberus_25641.sys
    [SSDT] NtSuspendThread -> 0x8CB77F26 -> 0x839AE92D -> RapportPG.sys
    [SSDT] NtTerminateProcess -> 0xAD13CCFC -> 0x83A050D3 -> RapportCerberus_25641.sys
    [SSDT] NtTerminateThread -> 0x817B3770 -> 0x83A304DF -> AVGIDSShim.sys
    [SSDT] NtWriteVirtualMemory -> 0x817B3810 -> 0x83A218BD -> AVGIDSShim.sys
    [SSDT] NtCreateThreadEx -> 0xAD13DDB8 -> 0x83A2FF94 -> RapportCerberus_25641.sys
    ---
    Finish [ 0:11:49 ]
    The forest would be very silent if no birds sang except for the birds that sang the best






  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    Thats all of it
    The forest would be very silent if no birds sang except for the birds that sang the best






  • RussJK
    RussJK Posts: 2,359 Forumite
    tesuhoha wrote: »
    Thats all of it

    Thanks for that, I'll look at it in the morning :)
  • RussJK
    RussJK Posts: 2,359 Forumite
    Looks like you got it with system restore.

    I would download Revo Uninstaller and uninstall Rapport.

    Did you download and install Reimage to fix problems? That sounds like whatever you were saying was asking for money to fix weird "stablitiy" problems. I'd get rid of it personally, using Revo.
  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    Rapport is what I have on my internet banking to protect it. I like the bank account so do not want to change it but the log in seems very weak with no card reader and just a 5 figure password. Would you still uninstall it?

    I will uninstall reimage. I have Virgin Media security but it seems quite weak. What would you recommend? I was thinking of Avast as recommended on this site and the Windows firewall. My main concern is my internet banking and am also wondering if ebay and Amazon can be compromised. This has given me a fright!
    The forest would be very silent if no birds sang except for the birds that sang the best






  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    Uninstalled Reimage with Revo. Still not sure about Rapport due to internet banking.
    The forest would be very silent if no birds sang except for the birds that sang the best






  • RussJK
    RussJK Posts: 2,359 Forumite
    tesuhoha wrote: »
    Rapport is what I have on my internet banking to protect it. I like the bank account so do not want to change it but the log in seems very weak with no card reader and just a 5 figure password. Would you still uninstall it?

    I will uninstall reimage. I have Virgin Media security but it seems quite weak. What would you recommend? I was thinking of Avast as recommended on this site and the Windows firewall. My main concern is my internet banking and am also wondering if ebay and Amazon can be compromised. This has given me a fright!

    Yes I know what Rapport is for, there are a lot of threads on here if you search about how useful it is. Best if you make up your own mind about it, but I've not found it valuable especially given how resource hungry it is. When I first put it on years ago, it accused itself of trying to take screenshots of my online banking..! It was trivial to find ways around its protections at the time, so I got rid of it. It's hard to remove completely as they deliberately make it difficult for people who opt out, so Revo Uninstaller helps to remove most of it.

    Virgin Media Security is based on Bitdefender, which isn't a terrible AV - even though it let that through on yours. If I was going to buy an antivirus, it would be either Avira or F-Secure as they were top performers in 2010 (http://www.av-comparatives.org/images/stories/test/dyn/wholedynamic2010.pdf). Avast free is a very good antivirus, with nearly the full package in the free version including web guards, email scanning, etc; Avira Antivir free is a superior pure antivirus, but doesn't have the web guards and email scanning.

    (I've gone for Avast free after using Avira free for more than a decade as most of the likely threats these days will be internet worms, or trojans that force install through the browser. I've seen first hand Avast blocking internet worms.)

    I'll make a post about other steps you can take to prevent this kind of thing happening as I said I would.
  • tesuhoha
    tesuhoha Posts: 17,971 Forumite
    Part of the Furniture 10,000 Posts Combo Breaker Mortgage-free Glee!
    RussJK wrote: »
    Yes I know what Rapport is for, there are a lot of threads on here if you search about how useful it is. Best if you make up your own mind about it, but I've not found it valuable especially given how resource hungry it is. When I first put it on years ago, it accused itself of trying to take screenshots of my online banking..! It was trivial to find ways around its protections at the time, so I got rid of it. It's hard to remove completely as they deliberately make it difficult for people who opt out, so Revo Uninstaller helps to remove most of it.

    Virgin Media Security is based on Bitdefender, which isn't a terrible AV - even though it let that through on yours. If I was going to buy an antivirus, it would be either Avira or F-Secure as they were top performers in 2010 (http://www.av-comparatives.org/images/stories/test/dyn/wholedynamic2010.pdf). Avast free is a very good antivirus, with nearly the full package in the free version including web guards, email scanning, etc; Avira Antivir free is a superior pure antivirus, but doesn't have the web guards and email scanning.

    (I've gone for Avast free after using Avira free for more than a decade as most of the likely threats these days will be internet worms, or trojans that force install through the browser. I've seen first hand Avast blocking internet worms.)

    I'll make a post about other steps you can take to prevent this kind of thing happening as I said I would.

    Thanks. I'll show my husband this post and then we can make a decision about the antivirus. I think Avast sounds good.

    I will look forward to your post when you have the time.
    The forest would be very silent if no birds sang except for the birds that sang the best






  • RussJK
    RussJK Posts: 2,359 Forumite
    tesuhoha wrote: »
    I will look forward to your post when you have the time.

    I didn't meant to make it sound too mysterious :)

    Antivirus programs seem too slow to keep up with the rogue antivirus programs, but fortunately there are a few ways to further reduce the risk of these. I hope this is easy enough to read, please let me know if there is anything that isn't explained well.


    Browser Adblocking
    One of the likely sources of malware is often an infected ad (as you discovered), something we've seen this year with the Systems Tool rogue app. For that reason, it's a good idea to block ads.
    • For Firefox, the program to use is Adblock Plus with a main subscription to something like Easylist, but it is important to also use the Malware Domains subscription as this is regularly updated and got on top of the latest Lizamoon web infection almost straight away;
    • For Internet Explorer, there is a simple adblock but I'd still go with Firefox myself.
    The advantage of this method is that most lists are well maintained and updates obtained automatically if subscribed.


    Hosts/activex/trusted zones
    Known malware sites can also be blocked through hosts or the trustedzones. A good choice is either Spybot: Search and Destroy, OR Spywareblaster (but not both, as it has more potential for things to go wrong) and both also offer activex protection; or for hosts only blocking, Hostsman is a good choice.
    • If you choose Spybot, then don't install SDHelper or Teatimer - just update it, and do the Immunise function until it says everything is protected. It has weekly updates, and needs to be manually updated;
    • Spywareblaster updates less frequently but it has a larger block list than Spybot, it's also more straightforward to use and easier to undo;
    • Hostsman is a program that manages a list of hosts file protections and can automatically keep those lists updated. When used with a frequently updated list like malwaredomainslist (have to add it to hostsman) it can be very effective at blocking new rogue sites as they emerge. If you want to use hostsman at the same time as Spywareblaster, then I would only use the trustedzone/activex part of Spywareblaster but not the hosts.
    The advantage of this method is that if you do become infected, then the hosts blocks will still come into effect and may prevent the infection from "phoning home" or downloading other malware components.


    DNS
    Another way, which can be used in tandem with any of the methods methods above or by itself, is to use an DNS server like ClearCloud or Norton DNS to filter out malware infected sites automatically. It is easier to set up than it might sound. It can be set up with each computer or with the router itself. The main limitation of this approach is that some people find one DNS server faster than the other, e.g. some find ClearCloud faster than Norton, so it's worth trying a few just to see how you get on with each one. They can improve browsing speed or slow it down depending on your location and luck (especially youtube).
    http://clearclouddns.com/
    http://nortondns.com/
    There is also Opendns and ComodoDNS as well.


    Sandboxing
    Sandboxing is a way to run programs without risking or making permanent changes to the rest of the computer. Running a browser in something like Sandboxie would mean that any malware encountered would only infect the sandbox, and could be deleted at ease. It can be set to make bookmarks permanent (http://www.sandboxie.com/index.php?FirefoxTips). The limitation is that you need the registered version to have programs automatically start in Sandboxie.


    The last way I'll mention is using registering for the full version of Malwarebytes Anti-Malware, as it has a real-time web guard which blocks many dodgy sites as well as a real-time file guard. The webguard was quick to pick up on the new lizamoon infection. It's designed to work alongside antivirus programs. It's a one time fee which is good, so I bought a licence for my parents and my parents-in-law as well :)
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352K Banking & Borrowing
  • 253.5K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245K Work, Benefits & Business
  • 600.6K Mortgages, Homes & Bills
  • 177.4K Life & Family
  • 258.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.2K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture