Results 1 to 4 of 4
  1. #1
    Member
    Join Date
    Feb 2012
    Posts
    2
    Points
    0

    Default Have I been Hacked?

    My wife was on an internet forum. She was invited to download some images from a member who sent her a link. She downloaded 4 images. After this the computer froze up and the screen went black. When she rebooted the computer there was nothing more than some white BIOS type script on a blue screen. I am sorry but I didn't note down he script because I didn't suspect a virus. Once we rebooted a few more times the laptop seemed to have reverted to a very basic setup. None of the desktop or programme links (from the start menu) worked. We could not even start the anti-virus programme.

    I restored the computer to a previous date. I ran a disk error check, an AVG Anti-virus scan and Malwarebytes check. I also checked it with Windows Defender and CCleaner. All came back negative.

    However after this the laptop was exceptionally sluggish. It regularly froze up and any internet activity was painfully slow, almost impossible. The laptop seemed to have a mind of its own. Formatting in documents and emails would change unexpectedly, the mouse would jump around etc etc. There were far more pop-ups than before. My wife is convinced that she saw personal details released on the forum that would not have been known to anyone unless they had access to our personal details (email, hard drive etc). She investigated the member who had sent her the link. She found out that the member was actually nothing more than a fake persona created by a really malicious forum member who seems to be rather a computer expert and whom regularly threatens to send other members viruses or to hack their computers. The fake member has since disappeared along with the download links.

    I eventually reformatted the computer using the HP support Assistant ‘Advanced Recovery Method’ programme. I selected the option that said 'Return your computer to factory condition'. I once again ran AVG, Windows Defender, CCleaner, and Malwarebytes. I also tried AVAST and ATIVIR scans aswell. Whilst researching the internet I came across your excellent website and ran your tests which all came up negative.

    We are still so worried that they may have hidden something really nasty. I just don't know enough about viruses and computers and hackers.

    Can you tell me if I have anything suspicious or whether all appears to be fine once again.

    I look forward to hearing from someone and in the meantime offer you my sincere thanks for your excellent website.

    Laptop details:
    HP –Pavilion G6 Notebook
    Intel Core i5 CPU
    2.67Ghz Processor
    3Gb RAM
    Local Disk (C) 282Gb (241Gb Free)
    Recovery disk (D) 14.8Gb (1.83Gb Free)
    Microsoft Office Click-to-Run 2010 (Protected) (Q)
    64-Bit
    Windows 7 Home Basic Service Pack 1
    Internet Explorer v9

    Here are my log files:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:27:21, on 19/03/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ONSPEED\onspeedgui.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    C:\Program Files (x86)\ONSPEED\onspeedcore.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = BBC News - Home
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5405
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files (x86)\ONSPEED\components\NOWImaging.dll
    O2 - BHO: Prefetch - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files (x86)\ONSPEED\Prefetch.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SlipStream] "C:\Program Files (x86)\ONSPEED\onspeedcore.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: ONSPEED.lnk = C:\Program Files (x86)\ONSPEED\onspeedgui.exe
    O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Show All Original Images - res://C:\Program Files (x86)\ONSPEED\gui_resource.dll/327
    O8 - Extra context menu item: Show Original Image - res://C:\Program Files (x86)\ONSPEED\gui_resource.dll/328
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files (x86)\SASCORE64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10699 bytes


    Malwarebytes Anti-Malware 1.60.1.1000
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.03.19.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    laptop :: LAPTOP-HP [administrator]

    19/03/2012 19:45:51
    mbam-log-2012-03-19 (19-45-51).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 304619
    Time elapsed: 35 minute(s), 49 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 03/19/2012 at 05:32 PM

    Application Version : 5.0.1146

    Core Rules Database Version : 8347
    Trace Rules Database Version: 6159

    Scan type : Complete Scan
    Total Scan Time : 00:51:52

    Operating System Information
    Windows 7 Home Basic 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 571
    Memory threats detected : 0
    Registry items scanned : 64882
    Registry threats detected : 0
    File items scanned : 47414
    File threats detected : 0

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi mungoe,

    Welcome to Help2Go!

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    I eventually reformatted the computer using the HP support Assistant ‘Advanced Recovery Method’ programme. I selected the option that said 'Return your computer to factory condition'.
    How does the computer appear to work now? Is it now back to factory condition? Running smoothly without incident?

    My wife is convinced that she saw personal details released on the forum that would not have been known to anyone unless they had access to our personal details (email, hard drive etc).
    Because your PC was likely compromised there is no way to be sure since you did reformat. You took the best course of action by reformatting. Good choice on your part!

    Though, if the computer was used for online banking, has credit card information or other sensitive data on it, you should always immediately disconnect it from the Internet until your system is cleaned. ALL passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. You should change each password by using a known clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you will need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified as soon as possible due to the possibility of the security breach.

    Because your computer may have been compromised, please read the following link:

    How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

    Warn your wife to never share files with strangers. File sharing is of the highest nature that infections are invited into your Computer. Even sharing files with friends can be detrimental because you have no idea who they received their files from.

    Some of my own tips for safe computing:

    • Make sure Realtime scanning is enabled. A Firewall is a definite plus.
    • If you can't afford a cost effective virus protection then use some free online tools.
    • Don't trust pop-ups that tell you that you may have spyware on your machine. Most of these are money making schemes designed to get you to buy their removal product, which in some cases also contain malware. For a list of those to avoid see here: Rogue Programs to avoid
    • Make back-ups of your most personal files frequently by whatever means you have available, i.e. Tape, CD, DVD, USB Drives, Ghost programs, etc. You never know when you'll have to reformat and start from scratch and without current backups of your personal files, you're basically at a lose. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.
    • Be careful where you "surf". If you know you are going to click a site that is questionable, then at least be intelligent enough to disable javascript, java, ActiveX installations, etc... You "surf" these sites at your own risk.
    • Uninstall and quit using P2P networking programs like Kazaa, BearShare, eMule and Limewire. These are your most likely weakest links if you're using them. Primarily most stuff transferred is illegally obtained and if you won't give it up you eventually pay the consequences.
    • Don't give access to your computer to friends/family who appear to be clueless about what they are doing. Otherwise you'll come home from school/work one day and your computer will be trashed. In my opinion, a PC is just that, a PC (Personal Computer).
    • When in doubt -- don't download it and don't install it until you've researched it.


    Here are a few links you might find interesting that will educate and enhance your online surfing abilities:

    How did I get infected in the first place? by Tony Klein
    How Malware Spreads - How did I get infected by quietman7
    How to prevent Malware: by miekemoes

    If you have any questions or concerns, please don't hesitate to ask. Any one of our dedicated members are more then willing to answer your questions.

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Feb 2012
    Posts
    2
    Points
    0

    Default

    Dear Donna,

    I am so sorry not to have replied sooner to your post but I could not for the life of me log in to the forum. I still don't quite understand how I have just managed to do it! Anyway thank you for your reply and all the very useful and informative information.

    In answer to your question the laptop 'seems' to be running OK now. May be I am just over paranoid but I have read that these viruses can bury themselves so deeply in your system, so I just wanted to be sure, particularly following your advice to change passwords only on a clean computer.

    I just wanted to ask two things please;

    1. Did you identify anything suspicious in the Hijackthis logfile or does it look clear? There seem to be a lot of 'file missing' entries. What are they and should they be removed somehow?

    2. I have read the links that you posted. I note that one article (How did I get infected in the first place? « Geeks to Go! – Free help from tech experts) recommends differant antivirus and firewall software. I am running AVG Free and Comodo Firewall. Do you think that is OK? I note that you recommend ensuring that Realtime Scanning is enabled but I can't work out if AVG has this facility. I tried AVAST but to be honest in drove me bonkers! Grateful for any advice!

    Many many thanks once again for your help. I hope your Navy CB keeps safe and well.

    kind regards
    Mungoe

  4. #4
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi mungoe,

    You're welcome!

    No need to apologize at all. If you'd like to explain what exact issues you were having trying to log in I can determine if it was the forum or forgotten login information etc.

    May be I am just over paranoid but I have read that these viruses can bury themselves so deeply in your system,
    You have every right to be over paranoid. Prevention is the key nowadays because of the damage that malware can do. Not only to your system but to your personal data as well. Always keep your irreplaceable personal data (etal pictures, music, etc.) backed up to an offline soure such as CD, external hard drive, etc.

    As for your questions:

    1.) No. I did not identify anything of the suspicious nature. Not to worry. To comfort you some, because I am presently in training for the removal of malware, our experts here would have jumped in and taken over your thread if they deemed it necessary.

    The indication of "file missing" is how HiJackThis displays some files on a 64-bit system so not to worry about that either.

    2.) I am not a big fan of AVG but if you are comfortable with it keep it. Avast is what I use and is a bit hi-tech for the average user. The nag screen for when it updates can be turned off. If you are not happy with AVG you can completely uninstall it with Revo Uninstaller and try Microsoft Security Essentials which is an excellent choice. If you do decide to do that, download the executable file for Microsoft Security Essentials to your desktop first but do not install till you have used Revo uninstaller to uninstall AVG completely. Only then should you install Microsoft Security Essentials. Having 2 AV's running in realtime can cause the following:
    • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
    • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
    • Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
    • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.



    As for the Comodo Firewall; it is a good firewall. Vista and Win7 do have excellent firewalls. Some 3rd party firewalls can slow down system performance which is why I prefer the Windows Firewall. The least amount of unnecessary programs installed, the happier I am.

    I'm sure you've noticed all the pre-installed programs that were included with your PC at purchase. These are installed by the manufacturer for the purpose of advertising for the Publisher of those software programs. If there are any that you do not use you can install PC Decrappifier and choose which ones you deem unnecessary and uninstall them. It will free up space on your HD. And if you ever have to restore back to Factory Condition they will be reinstalled yet again.


    Did you have the option to create restore disks with this laptop? If you did, create them. You never know when they will be needed even though you have the recovery partition to rely on.

    I hope your Navy CB keeps safe and well.
    Awwww...Thank you! How kind of you.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"