We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

Too much protection on my computer?

13»

Comments

  • Sunny_Saver
    Sunny_Saver Posts: 3,073 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    Opera 11: Just tried this. Unfortunately I can't use Roboform with it.
    “It was only a sunny smile, and little it cost in the giving, but like morning light it scattered the night and made the day worth living.”

    F. Scott Fitzgerald
  • free4440273
    free4440273 Posts: 38,438 Forumite
    Sunny_Saver wrote: »
    Opera 11: Just tried this. Unfortunately I can't use Roboform with it.

    strange. I can //
    BLOODBATH IN THE EVENING THEN? :shocked: OR PERHAPS THE AFTERNOON? OR THE MORNING? OH, FORGET THIS MALARKEY!

    THE KILLERS :cool:

    THE PUNISHER :dance: MATURE CHEDDAR ADDICT:cool:
  • mr_bounce
    mr_bounce Posts: 23 Forumite
    I would stay clear from any registry editing tools. AVG is great (although it slows down your PC DRAMATICALLY when it scans). Keep it up to date and scan regularly (every week).

    The main thing people neglect to do is take care on the web, this includes reading email from your webmail. SPAM emails can cause downloads of mailicious software.

    Most new PCS come with a free trial of some sort of Anti Virus, if you choose to get something else as a replacement you will need to remove it first.
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Sunny_Saver wrote: »
    Here's the log from Malaware:


    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 4
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 2
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    HKEY_CLASSES_ROOT\CLSID\{E6BB8B70-8AD2-43B6-A952-83E462CE80DE} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{D724F038-DF89-4A1A-83D1-FD9164B78077} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{502F728B-67B8-409E-BCEB-7EE8632F321A} (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TaskScheduler.Schedule (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\SYSTEM32\BPSSC1.1.DLL (Rogue.BulletProofSpyware) -> Value: BPSSC1.1.DLL -> Quarantined and deleted successfully.
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    c:\RECYCLER\s-1-5-21-3776843371-552332407-903420410-1006\Dc104.exe (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\bpssc1.1.dll (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.


    Am just doing part 2 of the post now.

    Thanks.

    Thats not the entire log
    Whats the DATABASE VERSION? (near the top of the log)
    :idea:
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    At first glance I dont see anything nasty
    Main thing is this -
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
    Id recommend installing kerio
    reboot
    uninstall kerio and scan with hijack again to see if its gone
    (Make sure windows firewall is switched on when its uninstalled)
    :idea:
  • Sunny_Saver
    Sunny_Saver Posts: 3,073 Forumite
    Part of the Furniture 1,000 Posts Photogenic Name Dropper
    aliEnRIK wrote: »
    Thats not the entire log
    Whats the DATABASE VERSION? (near the top of the log)

    Sorry, here it is:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org
    Database version: 6292
    “It was only a sunny smile, and little it cost in the giving, but like morning light it scattered the night and made the day worth living.”

    F. Scott Fitzgerald
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Uninstall MSN and YAHOO toolbars (or disable them)

    TICK and FIX these in hijack -
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor...fo/webscan.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

    Download and run the NORTON REMOVAL TOOL as theres some still running on your computer
    :idea:
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    Please run COMBOFIX
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Shut down your anti virus
    Follow the simple instructions it gives
    Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
    If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
    (If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive)
    :idea:
  • johnnyboyrebel
    johnnyboyrebel Posts: 1,350 Forumite
    Sunny_Saver wrote: »
    Hello

    I haven't used my desktop for a while and noticed it's quite slow. I had a bad experience with a virus some time ago so as a result seemed to have installed every virus checker/spyware etc on it.

    I think it's slowing down my PC, so if someone can tell me what I should uninstall, I'd be grateful.

    I have:
    AVG ver8.5
    Avira AntiVir
    Sygate firewall
    Spybot
    Spyware Blaster
    Spyware Guard
    Spyware Doctor
    Super AntiSpyware
    LavaSoft.

    Thank you.

    Get rid of all of them and just install Microsoft Security Essentials Get it here

    I really don't like Microsoft hence me moving over to the 'macside' but this is a very good piece of kit for home users and all you need.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.7K Banking & Borrowing
  • 254.2K Reduce Debt & Boost Income
  • 455.1K Spending & Discounts
  • 246.8K Work, Benefits & Business
  • 603.2K Mortgages, Homes & Bills
  • 178.2K Life & Family
  • 260.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture