[Resolved] PC freezes during videos

[1972vet]

Please open a blank Notepad by clicking start-->run...Then, in the run box type Notepad.exe and click "OK".
Copy the below text in Bold and paste it into the blank Notepad. Save it as CFScript.txt...Change the "Save as type" to All Files and save it to your desktop. Now drag the text document over to your Combofix.exe

Combofix will run again automatically. Please post back the new log that will be generated. Thanks!
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


KILLALL::

dds::
BHO-X64:     AcroIEHelperStub -

rootkit::
c:\windows\system32\drivers\SBREdrv.sys
c:\windows\system32\DRIVERS\sbfwim.sys
c:\windows\system32\drivers\sbhips.sys
c:\windows\system32\drivers\SbFw.sys
c:\windows\system32\drivers\sbtis.sys
c:\windows\system32\DRIVERS\SBFWIM.sys

driver::
SBREdrv
sbfwim
sbhips
SbFw
sbtis
SBFWIM

[keitojay]

ComboFix 12-09-07.03 - User 09/07/2012  21:33:34.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16329.14629 [GMT -4:00]
Running from: c:\users\User\Desktop\ComboFix.exe
Command switches used :: c:\users\User\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SBFW
-------\Legacy_SBHIPS
-------\Legacy_SBTIS
-------\Service_SbFw
-------\Service_sbhips
-------\Service_SbTis
-------\Legacy_SBRE
-------\Service_SBFWIMCL
-------\Service_SBFWIMCLMP
-------\Service_SBRE
.
.
(((((((((((((((((((((((((   Files Created from 2012-08-08 to 2012-09-08  )))))))))))))))))))))))))))))))
.
.
2012-09-08 01:35 . 2012-09-08 01:35   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2012-09-08 01:35 . 2012-09-08 01:35   --------   d-----w-   c:\users\Mcx1-USER-PC\AppData\Local\temp
2012-09-08 01:35 . 2012-09-08 01:35   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-09-07 09:41 . 2012-08-28 05:49   9310152   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{11420F79-CCE1-4A19-95EB-9BA44C8CEC98}\mpengine.dll
2012-09-03 23:36 . 2012-09-04 22:45   --------   d-----w-   c:\users\User\AppData\Local\Microsoft Games
2012-09-03 22:52 . 2012-09-03 22:52   --------   d-----w-   c:\users\User\AppData\Local\Macromedia
2012-09-03 22:45 . 2012-05-05 08:36   503808   ----a-w-   c:\windows\system32\srcore.dll
2012-09-03 22:42 . 2012-06-02 22:19   57880   ----a-w-   c:\windows\system32\wuauclt.exe
2012-09-03 22:42 . 2012-06-02 22:19   44056   ----a-w-   c:\windows\system32\wups2.dll
2012-09-03 22:42 . 2012-06-02 22:15   2622464   ----a-w-   c:\windows\system32\wucltux.dll
2012-09-03 22:42 . 2012-06-02 22:19   2428952   ----a-w-   c:\windows\system32\wuaueng.dll
2012-09-03 22:42 . 2012-06-02 22:19   38424   ----a-w-   c:\windows\system32\wups.dll
2012-09-03 22:42 . 2012-06-02 22:19   701976   ----a-w-   c:\windows\system32\wuapi.dll
2012-09-03 22:42 . 2012-06-02 22:15   99840   ----a-w-   c:\windows\system32\wudriver.dll
2012-09-03 22:42 . 2012-06-02 19:19   186752   ----a-w-   c:\windows\system32\wuwebv.dll
2012-09-03 22:42 . 2012-06-02 19:15   36864   ----a-w-   c:\windows\system32\wuapp.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-04 01:05 . 2012-04-14 18:37   4278384   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-04 01:04 . 2012-04-14 18:37   42776   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-03 23:07 . 2012-04-14 16:47   426184   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-03 23:07 . 2012-04-14 16:47   70344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-03 08:27 . 2012-04-04 02:17   62134624   ----a-w-   c:\windows\system32\MRT.exe
2012-06-14 21:43 . 2012-05-16 14:14   737072   ----a-w-   c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2012-06-14 21:42 . 2012-05-16 14:13   4283672   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-06-14 21:42 . 2012-05-16 14:13   42776   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-09-05_01.31.37   )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-19 01:09 . 2012-09-05 20:14   30098              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-06 19:36   32150              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-02-19 00:48 . 2012-09-06 19:36   4978              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-704080966-719361318-3520515035-1000_UserData.bin
+ 2012-09-08 01:37 . 2012-09-08 01:37   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-09-05 01:31 . 2012-09-05 01:31   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-08 01:37 . 2012-09-08 01:37   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-09-05 01:31 . 2012-09-05 01:31   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-09-05 01:15   623940              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-09-06 19:39   623940              c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-09-06 19:39   106316              c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-09-05 01:15   106316              c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-09-08 01:36   234044              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-09-05 01:30   234044              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-10 22:38 . 2012-09-05 19:59   855660              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-704080966-719361318-3520515035-1000-12288.dat
+ 2012-04-10 22:38 . 2012-09-08 01:36   8138576              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-704080966-719361318-3520515035-1000-8192.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"InstantBurn"="c:\progra~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe" [2010-04-21 697640]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-05-14 75048]
"UpdatePPShortCut"="c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" [2010-05-29 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/18 17:29;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-05-14 246256]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 136176]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 250056]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-04 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-03-04 78976]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-03-04 38528]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2010-04-20 24560]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem;

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-09-29 695400]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-16 47232]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [2011-05-22 176640]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [2011-05-22 230400]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_9EC60124
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 23:07]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 22:03]
.
2012-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 22:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-03-28 331776]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"combofix"="c:\combofix\CF17054.3XE" [2010-11-20 345088]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yarpcn7v.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
.
**************************************************************************
.
Completion time: 2012-09-07  21:38:08 - machine was rebooted
ComboFix-quarantined-files.txt  2012-09-08 01:38
ComboFix2.txt  2012-09-05 20:09
.
Pre-Run: 70,134,980,608 bytes free
Post-Run: 69,656,416,256 bytes free
.
- - End Of File - - ADD86FBD0DE23D83EDE90FD131060EEE

[keitojay]

Whatever went on with what you had me do there...messed up my drivers for my wireless internet adapter and my LAN port. Had to uninstall and reinstall driver for LAN for it to work again just to get back on here.

[1972vet]

Now please install Microsoft Security Essentials. Allow the program to install using it's default settings. When it completes, please run a manual update, then perform a full system scan. If the scan finds and complains of anything, allow the software to quarantine it. When that completes, post back and let me know how the system behaves now and what issues you may still be experiencing.

...and by the way, it was nothing I had you do that jumbled up your Internet connection. The only thing in that script we ran were removal instructions for all those remaining and unnecessary Sunbelt drivers. The author of Combofix is well aware of an issue with it that is causing users some heartburn with regard to the Internet connection after scanning. Although he is working on it, and has been for a bit now, it seems it doesn't always affect all users the same way. Must be some quirky formula that hasn't yet been discovered so when he finds it, he'll fix it.

[keitojay]

Ok...I downloaded it, installed it and did a full scan. In the middle of the scan my pc froze. I'm assuming it was from the animation of the progress bar. I restarted the pc... did another full scan...and it detected nothing. However I noticed that the first scan after I downloaded it, was taking much longer; after it froze and I restarted and began scanning again, that second scan finished in the time the first one was only like a quarter of the way finished. Is that going to affect anything? I'm sure that longer first scan was probably pretty important to create like a baseline or something and now it didn't get a chance to do that. The other obvious concern, and the one I'll update you on in a few minutes is the one about the pc freezing. I'm going to go to youtube or something and see if it'll still freeze.

[keitojay]

Ok...I also found one major issue. I have one of those UEFI Bios, and you can overclock the pc by pressing like one button. For some reason the must have been pressed awhile ago and I forgot about it. The Processor is a 3.6 GHz and it was running at like 4.55 GHz and I know I don't have good enough equipment to be running that hot without instability issues. I'm sure that's probably the reason for all the crashing, but I appreciate all the help cleaning up the bad drivers and whatnot...that i'm sure was causing their own set of problems.

[1972vet]

...after it froze and I restarted and began scanning again...Is that going to affect anything?

It may, depending on what froze, and how it was restarted. Did the system freeze or just the program. If the program, did you close it using task manager? If the system, did you just do a hard restart?

By the way, it is never a good idea to overclock. Any manufacturer's recommendations having been ignored are also the most usual grounds for voiding the warranty. Additionally, the manufacturer's recommendations aren't just arbitrarily determined so one should be safe in assuming the manufacturer has already found the threshold at which the product will break. Having said that, it begs the question why anyone would push the limit for little or no recognizable gain, when the possible loss is obviously much greater.

Please post a fresh DDS scan log and advise how the system behaves for you now. Thanks!

[1972vet]

Are you still with us keitojay?

[keitojay]

PC has been working perfect, since I put the settings back to factory. I must have just been playing with the bios and forgot to change it back. I'm sure we pulled some bugs out of the system though. Curious, I wanted to know which programs I may have installed in the past that put those drivers in that we removed? Just so I don't put that on the computer again?




.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.7.2
Run by User at 15:48:44 on 2012-09-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16329.15040 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{36C86572-6B10-486D-8894-CA7C76B5EA63} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{870C2B47-E57E-4B24-ACD2-8F95F9B3A738} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{870C2B47-E57E-4B24-ACD2-8F95F9B3A738}\2656C6B696E6E2230383 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{870C2B47-E57E-4B24-ACD2-8F95F9B3A738}\2656C6B696E6E2230383E2765756374737 : DhcpNameServer = 192.168.169.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [InstantBurn] C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
mRun-x64: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yarpcn7v.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 CLBStor;InstantBurn Storage Helper Driver;C:\Windows\system32\DRIVERS\CLBStor.sys --> C:\Windows\system32\DRIVERS\CLBStor.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;C:\Windows\system32\drivers\CLBUDF.sys --> C:\Windows\system32\drivers\CLBUDF.sys [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-14 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;C:\Windows\system32\DRIVERS\ViaHub3.sys --> C:\Windows\system32\DRIVERS\ViaHub3.sys [?]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;C:\Windows\system32\DRIVERS\xhcdrv.sys --> C:\Windows\system32\DRIVERS\xhcdrv.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/02/18 17:29:50;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-5-14 246256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-14 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-14 250568]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-14 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-6 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-09-18 00:43:51   9310152   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{664D2400-1A7D-417A-AE25-4297A22DABDF}\mpengine.dll
2012-09-16 15:05:50   9310152   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-12 14:24:07   950128   ----a-w-   C:\Windows\System32\drivers\ndis.sys
2012-09-12 14:24:07   574464   ----a-w-   C:\Windows\System32\d3d10level9.dll
2012-09-12 14:24:07   490496   ----a-w-   C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 14:24:07   41472   ----a-w-   C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 14:24:07   376688   ----a-w-   C:\Windows\System32\drivers\netio.sys
2012-09-12 14:24:07   1913200   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2012-09-12 14:24:06   288624   ----a-w-   C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-10 03:12:23   95208   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-09 12:33:48   927800   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AFF907D-13D8-4568-8D8E-3F0DF4D71B57}\gapaengine.dll
2012-09-09 12:32:59   --------   d-----w-   C:\Program Files (x86)\Microsoft Security Client
2012-09-09 12:32:58   --------   d-----w-   C:\Program Files\Microsoft Security Client
2012-09-08 22:49:16   514560   ----a-w-   C:\Windows\SysWow64\qdvd.dll
2012-09-08 22:49:16   366592   ----a-w-   C:\Windows\System32\qdvd.dll
2012-09-08 22:09:38   --------   d-----w-   C:\Users\User\AppData\Roaming\SBG-SVG
2012-09-08 01:45:00   --------   d-----w-   C:\Users\User\AppData\Local\ElevatedDiagnostics
2012-09-08 01:37:04   --------   d-----w-   C:\$RECYCLE.BIN
2012-09-07 09:41:22   9310152   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{11420F79-CCE1-4A19-95EB-9BA44C8CEC98}\mpengine.dll
2012-09-05 01:27:38   98816   ----a-w-   C:\Windows\sed.exe
2012-09-05 01:27:38   518144   ----a-w-   C:\Windows\SWREG.exe
2012-09-05 01:27:38   256000   ----a-w-   C:\Windows\PEV.exe
2012-09-05 01:27:38   208896   ----a-w-   C:\Windows\MBR.exe
2012-09-03 23:36:30   --------   d-----w-   C:\Users\User\AppData\Local\Microsoft Games
2012-09-03 22:52:40   --------   d-----w-   C:\Users\User\AppData\Local\Macromedia
2012-09-03 22:45:49   503808   ----a-w-   C:\Windows\System32\srcore.dll
2012-09-03 22:42:37   2622464   ----a-w-   C:\Windows\System32\wucltux.dll
2012-09-03 22:42:35   99840   ----a-w-   C:\Windows\System32\wudriver.dll
2012-09-03 22:42:34   36864   ----a-w-   C:\Windows\System32\wuapp.exe
2012-09-03 22:42:34   186752   ----a-w-   C:\Windows\System32\wuwebv.dll
.
==================== Find3M  ====================
.
2012-09-16 13:24:45   73416   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-16 13:24:45   696520   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-10 03:12:19   821736   ----a-w-   C:\Windows\SysWow64\npDeployJava1.dll
2012-09-10 03:12:18   746984   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2012-07-18 18:15:06   3148800   ----a-w-   C:\Windows\System32\win32k.sys
2012-07-04 22:13:27   59392   ----a-w-   C:\Windows\System32\browcli.dll
2012-07-04 22:13:27   136704   ----a-w-   C:\Windows\System32\browser.dll
2012-07-04 21:14:34   41984   ----a-w-   C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34   2312704   ----a-w-   C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11   1392128   ----a-w-   C:\Windows\System32\wininet.dll
2012-06-29 03:48:07   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58   1800704   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 15:48:57.77 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/17/2012 10:04:55 PM
System Uptime: 9/18/2012 7:30:19 AM (8 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | SABERTOOTH 990FX
Processor: AMD FX(tm)-4100 Quad-Core Processor             | AM3r2 | 3612/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 119 GiB total, 64.929 GiB free.
D: is FIXED (NTFS) - 119 GiB total, 119 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: VIA USB 3 Root Hub
Device ID: USB\VIA_ROOT_HUB\5&234D87E1&0
Manufacturer: VIA
Name: VIA USB 3 Root Hub
PNP Device ID: USB\VIA_ROOT_HUB\5&234D87E1&0
Service: VUSB3HUB
.
==== System Restore Points ===================
.
RP49: 9/3/2012 6:42:30 PM - Windows Update
RP50: 9/3/2012 6:45:05 PM - Windows Update
RP51: 9/3/2012 6:46:15 PM - Windows Update
RP52: 9/5/2012 4:04:39 PM - ComboFix created restore point
RP53: 9/7/2012 5:41:17 AM - Windows Update
RP54: 9/8/2012 6:22:36 PM - Installed Realtek Ethernet Controller Driver
RP55: 9/8/2012 6:26:51 PM - Installed Realtek Ethernet Controller Driver
RP56: 9/8/2012 6:35:28 PM - Removed Realtek Ethernet Controller Driver
RP57: 9/8/2012 6:36:48 PM - Installed Realtek Ethernet Controller Driver
RP58: 9/8/2012 6:49:16 PM - Windows Update
RP59: 9/8/2012 6:52:41 PM - Windows Update
RP60: 9/8/2012 6:54:55 PM - Windows Update
RP61: 9/9/2012 8:29:23 AM - Windows Update
RP62: 9/9/2012 8:31:29 AM - Windows Update
RP63: 9/9/2012 11:12:06 PM - Installed Java 7 Update 7
RP64: 9/12/2012 11:09:16 PM - Windows Update
RP65: 9/13/2012 3:00:16 AM - Windows Update
RP66: 9/16/2012 11:05:43 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Asmedia ASM104x USB 3.0 Host Controller Driver
Belkin F7D1101 Basic Wireless USB Adapter
CyberLink Blu-ray Disc Suite
CyberLink InstantBurn
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerBackup
CyberLink PowerDirector
CyberLink PowerDVD 9
CyberLink PowerProducer
Epson Easy Photo Print 2
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
Epson Print CD
eReg
Google Update Helper
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.0
JMicron JMB36X Driver
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Platform
Realtek Ethernet Controller Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VLC media player 2.0.1
.
==== Event Viewer Messages From Past Week ========
.
9/16/2012 9:23:54 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.135.1326.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.8704.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================

[1972vet]

PC has been working perfect, since I put the settings back to factory. I must have just been playing with the bios and forgot to change it back. I'm sure we pulled some bugs out of the system though. Curious, I wanted to know which programs I may have installed in the past that put those drivers in that we removed? Just so I don't put that on the computer again?

What combofix removed I couldn't say, since I didn't get to see your original scan log, but the drivers we removed all related to your previous security programs. If you decide to install/uninstall multiple security programs, just be sure you've uninstalled the program entirely before installing some other security program. Many of them offer an automated uninstaller which completely removes all the components properly so you can look at their web site to find out if they offer one and use that to uninstall.

Any other issues we can help with?

[keitojay]

No... I think that should do it. As always, this sight is a life saver and the help is much appreciated and the knowledge of you folks is always impressive. Thanks again.

[1972vet]

Excellent! You can delete dds and associated logs. Next, please click start, then in the "Search programs and files" box, type Run. When the "Run" box opens, copy/paste the following, then press the Enter key:
ComboFix /Uninstall

Performing this function will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again for you automatically.


To assist in the prevention of malicious software intrusion and infections, you can begin by reading "How to boost your malware defense and protect your PC"...

Please remember to keep antivirus software on board and always use it's real time protection feature. Run a complete system scan at least once a week...preferably in Safe mode.

A word of caution
Security vendors, in recent years, have partnered with "Ask.com" in providing the "Ask Toolbar" bundled with their download(s).

Although the toolbar is considered to be a Legitimate program, it is nonetheless questionable as to it's behavior. It is alleged to be spyware/adware as the behavior of this application tracks a user's history and sends "search" information to it's servers in order to provide a user with targeted search results, many of these results may also be for questionable web sites. In fairness, one should keep in mind, google does the same thing regarding search results.

This tracking is considered by many of us in the security field, to be offensive.

Some of the "Download links" that I may provide, may also contain this program bundled with it. If you choose not to use it, the bundled software will always contain an "Opt Out" measure via some checkbox. The user can check (or uncheck) this box to prevent the download.

If a user isn't cautious and may have mistakenly installed this program, it can easily be removed via the "Uninstall" string provided with the software. Detailed instructions how to remove the program can be found Here.

If your antivirus program is a licensed version that is about to expire, you can consider using one of these available free on the public domain:

Microsoft Security Essentials
AntiVir Personal Edition Classic
Avast! 4 Home Edition

Those of us in the online safety/security community have tried and tested these programs to determine their abilities. Having in mind, nothing is ever a guarantee regarding computer security, these programs nevertheless, combined with the rest of these recommendations are certain to have an impact in helping to keep your system running free and clear. I personally have been completely satisfied from having tested and used each one of those at one time or another.

Immunize your browser by installing Spywareblaster. What does it do?

• Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
• Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
• Restricts the actions of potentially unwanted sites in Internet Explorer.

Keep your anti-virus and spyware definitions up to date. Be sure to scan often.

Web of Trust, (WOT,) warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

• Green to go
• Yellow for caution
• Red to stop

WOT has an add-on available for both Firefox and IE.

Install the Winpatrol security monitor utility. WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. What I hear most from users is how much they like the startup control feature and it's ease of use. Need help understanding something about Winpatol? Here it is.

Windows Vista and Windows 7 have a software firewall built in and activated by default. This native firewall is a big improvement and is fine by itself. However, there are third party software Firewalls that offer a bit more configuration options.

Below you can choose from several of the freeware Firewalls available on the public domain. Even though you may have a Firewall already installed, keep this list handy should you choose not to renew your subscription for whatever reason. I should also mention, if you choose to use a third party firewall, make certain the Windows firewall is turned off to prevent conflict issues.

...and please remember, you should have only one of these types of third party firewalls running on board:

Zone Alarm...Windows 2k/XP/Vista

Outpost Free

Comodo...I highly recommend this firewall, but it may just be best suited for advanced users.

Stay updated with the most recent Windows patches using Microsoft's Windows Update. Make it easy on yourself, and set this feature to Automatic.

Keep your installed software up to date by downloading the free FileHippo Update Checker. Double-click the FHSetup.exe file to install it. When the install completes, you'll find the Update Checker shortcut on the desk top.

Double-click on it and a scan begins with the results showing in your browser. Any software it finds to be out of date, will be presented in your browser. Just click on the download link provided there to download your software updates. Ignore the beta software unless you want that...during the scanner initialization, you can click the settings link, then click the results tab and check the box "Hide beta versions". After clicking the OK button, click the "Retry" link to continue the scan with those settings.

Using an alternate browser can reduce your chance of certain infections installing themselves. I recommend installing Mozilla Firefox. If you don't already have "Firefox", please consider installing and using this browser for surfing.

If you still wish to use Internet Explorer, please make sure you install SpywareBlaster (from above) to protect you from most ActiveX infections.

Run CCleaner often. Please avoid using the "registry" cleaning feature of this utility unless you consider yourself an expert. Contrary to popular thought, the Windows Registry has no need of any "cleaning". I personally challenge anyone to show a substantial benefit from having used any of these "registry cleaning" programs. There is none. Any difference at all is so miniscule that it's nearly impossible to calculate.

On the flip side, rather than any benefit, there is the possibility of slicing out enough pieces of the registry to render things useless...and that includes the operating system.

By default, CCleaner will ask you if you want to backup what is removed, and I suggest you do just that. If you have already used this option and found that something no longer works properly, please find the backup that was created and use it to restore that particular item. Remember, using this to clean the disk is absolutely useful and beneficial. A novice needs only to use the disk cleaning feature...and avoid the registry cleaning aspect. It's not difficult...just don't bother to click the Registry button on the menu.

CCleaner is an excellent...and fast disk cleaning utility that can easily be configured to suit your needs. Often, users find a simple reboot resolves a quirky performance issue which can come about as a result of the collection of temp files while browsing the web...and if you configure CCleaner to run on start up, then your system could be kept running fast and clean with each new user session.

The Yahoo Toolbar is included by default during the installation of the CCleaner utility...if you DO NOT WANT IT, be sure to remove the check from the "Add CCleaner Yahoo! Toolbar and use CCleaner from your browser" option during installation setup or else just download the Slim version (no toolbar...last download link at the bottom of that page).

Or if you just want to run your on board Disk Cleanup ("Start--> Programs-->Accessories-->System Tools-->Disk Cleanup" ), just open the utility and check off the following:
Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files.

Don't forget to check your system's "defragmenter" settings. With Windows Vista, you have the option to set this as a scheduled event. It is best to have your system's "defrag" function scheduled for at least once a week.

So how did I get infected in the first place?
Regards, and Happy Surfing!