NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
February 13, 2012, 04:59:04 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: SMF - Just Installed!
 
   Home   Help Search Login Register  

reacuring problems!!!


AddThis Social Bookmark Button AddThis Feed Button
Pages: [1]
« previous next »
  Print  
Author Topic: reacuring problems!!!  (Read 1803 times)
jangarznya
Newbie
*
Posts: 3

jangarznya@msn.com jangarznya jangarznya@yahoo.com
View Profile
« on: March 20, 2006, 09:24:25 PM »
help i got the spyfalcon thing and ive remuved it completly just like it says on theis website, and it keeps coming back.  i also have some kind of a "Dialer.DialPlatform" that keeps on making new one in temp they all have a random 8 charicter name followed by exe. then i got windows defender poping up every 3 seconds telling me i got somthing caled zolob??  i have been looking around the forum and i found theis hijack this log thing and i would wreally apreeciate help!!!
any way here is my hijack this log


------------------------------------------------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 7:14:49 PM, on 3/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvctrl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\a\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\system32\hp470E.tmp
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Registry Booster\RegistryBooster.exe /S
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F154C38-14FE-4541-85FA-C8765AA20F0E}: NameServer = 223.255.255.255,223.255.255.254
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

-------------------------------------------------------------------------------------------------------------------------------

thats it again plz help!!!!!!!!!!!!!!!!
Logged
1972vet
Newbie
*
Posts: 47



View Profile
« Reply #1 on: March 21, 2006, 11:08:30 AM »
Download smitRem.exe and save the file to your desktop.
If you cannot access that link, here are alternate links:
smitRem.exe
smitRem.exe
Double click on the file to extract it to its own folder on the desktop.

Place a shortcut to Panda ActiveScan on your desktop.

Please download Ewido Anti-Malware trial version.
  • Install Ewido Anti-Malware
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch Ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido.
Ewido manual updates. Do NOT run a scan yet.


Please download Ad-Aware SE Personal and install it. If you already have Ad-Aware SE, please configure it as indicated below.  If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06.
1)  Run Ad-Aware, and click Check for updates now.
2)  Select Configurations (click the Gear wheel at the top) as follows:
  • General Button > Safety & Settings:  Check (Green) all three.
  • Tweak Button > Cleaning Engine > UNcheck "Always try to unload modules before deletion".
Don't run it yet!
 Exit Ad-aware.

Next, please reboot your computer in SafeMode by doing the following:[list=1]
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.
    • [/list:o]
    ==================================================
    Run HijackThis, and press "Scan". When the scan is complete place a check mark next to the following entry if it still exists:

O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - C:\WINDOWS\system32\hp470E.tmp

After checking this item CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked."
===================================================
Close Hijackthis.

Then search for and DELETE the following file(s)/folder(s) in Red[/color] IF STILL PRESENT:
C:\WINDOWS\system32\mssearchnet.exe[/color]
C:\WINDOWS\system32\nvctrl.exe[/color]
C:\WINDOWS\system32\hp470E.tmp[/color]

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

Open Ad-aware and do a full scan. Remove all it finds.

Run Ewido:
  • Then select "Settings"
  • Under the bottom section "What to Scan?" make sure "Scan every file" is checked.
  • Select "OK" and you will return to scanning options.
  • Click on Complete System Scan and the scan will begin.

    This scan can take quite a while to run, so please be patient .
  • While the scan is in progress, you will be prompted to clean the first infected file it finds.
  • Choose Clean.
  • Then put a check next to 'Perform action on all infections' . Doing this, enables the scan to proceed automatically until its completion. Click OK
  • When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.  The best place to save it would probably be your Desktop.
Close Ewido

Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" or "Desktop Uninstall" if present.

Reboot back into your normal Windows user mode and click the Panda ActiveScan shortcut.
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location (again, your Desktop is probably best).
Post the contents of the Panda scan report, along with a new HijackThis Log, the contents of smitfiles.txt and the Ewido Log in your next reply.
Let us know if any problems persist.

** It could be possible, after reboot that the system is using the windows classic theme again.
To restore this and set it back to XP-theme, rightclick on your desktop > properties > tab Appearances and choose Windows XP style again under windows and buttons.
Click apply and OK
Logged
jangarznya
Newbie
*
Posts: 3

jangarznya@msn.com jangarznya jangarznya@yahoo.com
View Profile
« Reply #2 on: March 21, 2006, 09:08:27 PM »
i did what you said.
and i think it fixed it thank you very much!!!

but the panda scan still found sume stuff.

======================================================================================
PANDA SCAN
======================================================================================


Incident                                                                        Status                        Location                                                                                                                                                                                                                                                        

Spyware:Cookie/Maxserving                                                       Not disinfected               C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt[]                                                                                                                                                            
Spyware:Cookie/Atlas DMT                                                        Not disinfected               C:\Documents and Settings\a\Cookies\a@atdmt[1].txt                                                                                                                                                                                                              
Potentially unwanted tool:Application/Processor                                 Not disinfected               C:\Documents and Settings\a\Desktop\smit\smitRem\Process.exe                                                                                                                                                                                                    
Potentially unwanted tool:Application/Restart                                   Not disinfected               C:\WINDOWS\system32\Tools\Restart.exe                                                                                                                                                                                                                          
======================================================================================


======================================================================================
SMIT
======================================================================================


   smitRem © log file
     version 2.8

     by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: Tue 03/21/2006
The current time is: 17:01:10.59

Running from
C:\Documents and Settings\a\Desktop\smit\smitRem

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pre-run SharedTask Export

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}"="Prestige Software"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32]
@="C:\WINDOWS\system32\ginuerep.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 checking for ShudderLTD key

ShudderLTD key not present!

 checking for PSGuard.com key


PSGuard.com key not present!


 checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
SpywareStrike uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 Existing Pre-run Files


 ~~~ Program Files ~~~



 ~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


 ~~~ Favorites ~~~

Antivirus Test Online.url


 ~~~ system32 folder ~~~

1024 dir
msvol.tlb
ncompat.tlb
logfiles


 ~~~ Icons in System32 ~~~

ts.ico
ot.ico


 ~~~ Windows directory ~~~



 ~~~ Drive root ~~~


 ~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 920 'explorer.exe'

Starting registry repairs

Registry repairs complete

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

SharedTask Export after registry fix

(GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler)
Copyright(C) 2006 BleepingComputer.com

Registry Pseudo-Format Mode (Not a valid reg file):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}"="Prestige Software"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32]
@="%SystemRoot%\system32\browseui.dll"


[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{C9FA1DC9-1FB3-C2A8-2F1A-DC1A33E7AF9D}\InProcServer32]
@="C:\WINDOWS\system32\ginuerep.dll"


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deleting files

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Remaining Post-run Files


 ~~~ Program Files ~~~



 ~~~ Shortcuts ~~~



 ~~~ Favorites ~~~



 ~~~ system32 folder ~~~



 ~~~ Icons in System32 ~~~



 ~~~ Windows directory ~~~



 ~~~ Drive root ~~~


 ~~~ Miscellaneous Files/folders ~~~


 ~~~ Wininet.dll ~~~

 CLEAN! Smiley


======================================================================================



======================================================================================
EWIDO LOG
======================================================================================
---------------------------------------------------------
 ewido anti-malware - Scan report
---------------------------------------------------------

 + Created on:         6:10:43 PM, 3/21/2006
 + Report-Checksum:      A749C233

 + Scan result:

   HKU\S-1-5-21-343818398-1292428093-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup
   :mozilla.12:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.14:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.15:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.16:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
   :mozilla.18:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
   :mozilla.25:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.26:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.27:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   :mozilla.31:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
   :mozilla.34:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.35:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.36:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.37:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.38:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.39:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
   :mozilla.44:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.45:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.46:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.47:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.48:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.61:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.62:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.63:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.64:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
   :mozilla.65:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.66:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.69:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.70:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.71:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
   :mozilla.75:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.76:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.79:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.80:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
   :mozilla.81:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
   :mozilla.99:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.100:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
   :mozilla.101:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.102:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.103:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.104:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
   :mozilla.136:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.137:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
   :mozilla.150:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.153:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
   :mozilla.158:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
   :mozilla.159:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.160:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.161:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
   :mozilla.162:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.163:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.164:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.165:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
   :mozilla.170:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
   :mozilla.174:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.176:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.177:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
   :mozilla.180:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
   :mozilla.185:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Linkbuddies : Cleaned with backup
   :mozilla.193:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.194:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.195:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.196:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned with backup
   :mozilla.197:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.198:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
   :mozilla.204:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
   :mozilla.217:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.218:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.219:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.228:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
   :mozilla.229:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.230:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.231:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
   :mozilla.246:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.247:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.248:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
   :mozilla.250:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.251:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.252:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.253:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.254:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
   :mozilla.257:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.258:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.259:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
   :mozilla.260:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.265:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
   :mozilla.266:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
   :mozilla.270:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
   :mozilla.273:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
   :mozilla.277:C:\Documents and Settings\a\Application Data\Mozilla\Firefox\Profiles\dp78j3t0.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
   C:\Documents and Settings\a\Cookies\a@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
   C:\Documents and Settings\a\Cookies\a@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
   C:\Documents and Settings\a\Cookies\a@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup
   C:\Documents and Settings\a\Cookies\a@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
   C:\Documents and Settings\a\Local Settings\Temporary Internet Files\Content.IE5\89Y3W9EV\gdnUS2296[1].exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.1\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.2\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.3\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.4\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.5\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.6\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\CONFLICT.7\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup
   C:\WINDOWS\Downloaded Program Files\gdnUS2296.exe -> Downloader.Small.ayl : Cleaned with backup


::Report End


======================================================================================
HIJACKTHIS
======================================================================================

Logfile of HijackThis v1.99.1
Scan saved at 7:03:49 PM, on 3/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\a\Desktop\HijackThis.exe

O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Registry Booster\RegistryBooster.exe /S
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - http://transfers.one.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4F154C38-14FE-4541-85FA-C8765AA20F0E}: NameServer = 223.255.255.255,223.255.255.254
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

======================================================================================

THANKS AGAIN!!!
Logged
1972vet
Newbie
*
Posts: 47



View Profile
« Reply #3 on: March 21, 2006, 10:02:26 PM »
Congratulations! Your log looks clean.

Your Panda scan found only some spyware cookies. To remedy such temporary problems,  download and install CCleaner:
http://www.filehippo.com/download_ccleaner/

Before first use, check under Options, Settings, and ensure "Only delete files in Windows Temp folder older than 48 hours" is unchecked.
Then open it and select the items you wish to clean up.

In the Windows Tab:
I recommend cleaning all entries in the "Internet Explorer" section except Cookies.
Clean all the entries in the "Windows Explorer" section
Clean all entries in the "System" section
Clean all entries in the "Advanced" section.

In the Applications Tab:
Clean all except cookies in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section if you have it.
Clean any others that you choose.

Then click the "Run Cleaner" button. In seconds, all the clutter is gone.

In the future, there are some things you can do to prevent spyware infections:

Install the following freeware programs:
SpywareGuard -- http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster -- http://www.javacoolsoftware.com/spywareblaster.html

Keep your anti-virus and spyware definitions up to date. Be sure to scan often.
If you do not have a firewall, here are a couple freeware firewalls you can install:
Kerio Personal Firewall -- http://www.sunbelt-software.com/Kerio-download.cfm
Zone Alarm -- http://www.zonelabs.com/store/content/comp...ctry=US&lang=en

Stay updated with the most recent Windows patches using
http://update.microsoft.com/windowsupdate/...t.aspx?ln=en-us

Using an alternate browser can reduce your chance of certain infections installing themselves. Firefox is my choice too. Keep up the good work!

If you choose  to use Internet Explorer even on occasion, please make sure you install SpywareBlaster (from above) to protect you from most ActiveX infections.

Run Ccleaner often or Disk Cleanup ("Start > Programs > Accessories > System Tools > Disk Cleanup") and check off the following:
Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files

Finally, there is an article with some additional insight titled
"So how did I get infected in the first place?"
You can find that article at http://forums.spywareinfo.com/index.php?showtopic=60955
Happy Surfing!
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  




Recommended software:
STOPzilla
(90/100)
STOPzilla is a powerful anti-spyware program that detects, blocks, and removes malicious software allowing users to surf the Web not worrying about spyware, Trojan horses,...
Malwarebytes Anti Malware
(88/100)
There are loads of malware removers on the net today and most of them are lightweight applications, which usually means they’re fast and don’t...
Spyware Doctor
(87/100)
Spyware Doctor is a very powerful, but yet highly user-friendly spyware remover, made by PC Tools, reputable computer security experts. This product provides effective and...
SpyHunter
(86/100)
SpyHunter is a quite simple, but yet highly effective spyware remover with an easy-to-use interface. This program is an excellent choice for users, who are...
XoftSpySE Anti Spyware
(84/100)
XoftSpySE, an anti-spyware program made by ParetoLogic, Inc., is a simple, but effective on-demand scanner with the typical set of functions but very easy to...
Encyclopedia of parasites:

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Internet Security 2012 | Win 7 Total security 2012 | System Check | Win 7 Internet Security 2012 | Win 7 Home Security 2012 | Win 7 Antivirus 2012 | Win 7 Antispyware 2012 | Vista Security 2012 | Vista Antivirus 2012 | Vista Antispyware 2012 | XP Antispyware 2012 | XP Antivirus 2012 | XP Security 2012 | XP Home Security 2012 | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.