| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 104129 | 2009-10-17 13:25:00 | Some best Antivirus for required protection of Data | sazd1 (15338) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 821423 | 2009-10-17 13:25:00 | I have suffered a lot for loss of data due to Virus in my computer. Please indicate some of the best Antivirus to be installed or downloaded for the required protection of data and the Computer. Thanks |
sazd1 (15338) | ||
| 821424 | 2009-10-17 15:06:00 | If you haven't cleaned the infection already, then download the free trial of NOD32 from here: www.eset.com If your computer is fine and you want proper long-term protection, you choose to pay for NOD32 or get Avast Anti-virus for free and pair that with Comodo Firewall Pro which is also free: www.avast.com http://personalfirewall.comodo.com/ |
beeswax34 (63) | ||
| 821425 | 2009-10-17 17:33:00 | Not Avast ! :eek: pressf1.pcworld.co.nz Misty :) |
Misty (368) | ||
| 821426 | 2009-10-17 18:47:00 | What makes you believe you have a virus?? There are several ways to lose data and a virus would not be the most common one. |
kjaada (253) | ||
| 821427 | 2009-10-18 01:06:00 | What makes you believe you have a virus?? There are several ways to lose data and a virus would not be the most common one. +1 To that. Can you be mroe specific on the details? Post a HijackThis log if you can. |
Blam (54) | ||
| 821428 | 2009-10-19 11:02:00 | Hi Blam Thanks for your reply Blam. My MsWord and MsExcel files are showing no data just garbage. I ran HijackThis and the logfile results are as under: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:52:09, on 19/10/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\servises.exe C:\WINDOWS\system32\runouce.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\servises.exe C:\WINDOWS\System32\reader_s.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\servises.exe C:\ARQUIV~1\iGv6\sysbrand.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Ana\reader_s.exe C:\WINDOWS\system32\servises.exe C:\ARQUIV~1\ Yahoo! \MESSEN~1\ymsgr_tray.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\ Yahoo! \Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\ Yahoo! \Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\ Yahoo! \Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [7928] C:\WINDOWS\system32\51.tmp.exe O4 - HKLM\..\Run: [Runonce] C:\WINDOWS\system32\runouce.exe O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe O4 - HKLM\..\Run: [ter8m] RUNDLL32.EXE C:\WINDOWS\system32\msxm192z.dll,w O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe" O4 - HKCU\..\Run: [ Yahoo! Pager] "C:\ARQUIV~1\ Yahoo! \MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe O4 - HKCU\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe -autorun O4 - HKCU\..\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKLM\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKCU\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe" (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [ Yahoo! Pager] "C:\ARQUIV~1\ Yahoo! \MESSEN~1\YAHOOM~1.EXE" -quiet (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [DAEMON Tools Lite] C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe -autorun (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - C:\ARQUIV~1\iGv6\igshop.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\ Yahoo! \Common\yinsthelper.dll O16 - DPF: {9EC30204-384D-11D3-9CA3-00A024F0AF03} (ValidaUsuario Class) - cpne.bradesco.com.br O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader (usnjsvc) - Unknown owner - C:\Arquivos de programas\MSN Messenger\usnsvc.exe (file missing) -- End of file - 7841 byte Please advise. |
sazd1 (15338) | ||
| 821429 | 2009-10-19 19:08:00 | Boot into safe mode / networking (reboot, hold f8 down, select it). Disable system restore. Tick these then tick fix checked Close browsers. Once you tick these then tick fix checked, delete these files Or get trojan remover below. Install it, update it, click on scan. Then select all options under the utilities menu. Or get teamviewer (www.teamviewer.com) install it run it, then send me a PM with the ID and password in it. Make sure you boot into safe mode / networking C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe C:\WINDOWS\system32\Net.exe C:\WINDOWS\system32\net1.exe O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [7928] C:\WINDOWS\system32\51.tmp.exe O4 - HKLM\..\Run: [Runonce] C:\WINDOWS\system32\runouce.exe O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe O4 - HKLM\..\Run: [ter8m] RUNDLL32.EXE C:\WINDOWS\system32\msxm192z.dll,w O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe" O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe O4 - HKCU\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe O4 - HKCU\..\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKLM\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKCU\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [SysBrand] "C:\ARQUIV~1\iGv6\sysbrand.exe" (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER \S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [12CFG914-K641-26SF-N32P] C:\RECYCLER \S-1-5-21-0243336031-4052116379-881863308-0851\vse432.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [reader_s] C:\Documents and Settings\Ana\reader_s.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-21-1060284298-507921405-2147122835-1003\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User '?') O4 - HKUS\.DEFAULT\..\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe |
Speedy Gonzales (78) | ||
| 821430 | 2009-10-20 11:24:00 | Thanks Speedy Gonzales I tried to download TrujanRemover it downloaded but after complete download it gave a message that it cannot download on system. I not know why. I ran the system in safe mode and then i deleted many files you mentioned, by going to C:/Windows32 and then deleting files from there one by one. Many files i found there and many i could not found there. And i fear that i could not perform this task completely due to my own incapabilities. The system is not working properly and it is not being connected to internet too. What i am doing is that working on another computer and the softwares i download on a flash drive through this computer and then install on that faulty computer. so please advise if i will have to format that faulty computer losing all my data or there is some rescue for that. Thanks for your cooperation. |
sazd1 (15338) | ||
| 821431 | 2009-10-20 11:44:00 | Did you tick the entries before you deleted the entries?? Did you boot into safe mode / networking?? Thats the only way you'll get on the net. if you want get teamviewer. And send the ID and password thats in it to me in a PM. I'll check it out |
Speedy Gonzales (78) | ||
| 821432 | 2009-10-20 20:13:00 | if you want get teamviewer. And send the ID and password thats in it to me in a PM. I'll check it out Hope your Portuguese is passable! :D |
nofam (9009) | ||
| 1 2 | |||||