some one hacking into me

J

JamesBart

New Member
My computer has said that someone has hacked into me. what should i do about this, ive ran avg and all the scans. at the minute i am running an active scan and i have 33 spyware objects on my computer.

what should i do? i also have a zone alarm firewall. thanks:confused:

also i just discovered that spyfalcon is trying to get me to buy there software i ran the spy s&d and it said that this is a program that makes up spyware and that.

its on my taskbar, how can i get rid of this?
 
Last edited:
How do you know someone is hacking you?

Step 1


Please download SmitfraudFix (by S!Ri)
Extract the content (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm

Step 2

* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 
First in control panel go to the add/remove icon to remove any tool bars added to internet explorer. Those often open the door for adwares and spywares. Disable Zone Alarm if you currently do not have AdAware SE Personal http://www.lavasoft.com/ which can remove browser hijackers along with various adwares. A 90 day free trial of OneCare can prevent any new startups by providing the option to remove. For just the new Windows Defender beta version, http://www.microsoft.com/athome/security/spyware/software/default.mspx
 
6071842 said:
My computer has said that someone has hacked into me. what should i do about this, ive ran avg and all the scans. at the minute i am running an active scan and i have 33 spyware objects on my computer.

what should i do? i also have a zone alarm firewall. thanks:confused:

also i just discovered that spyfalcon is trying to get me to buy there software i ran the spy s&d and it said that this is a program that makes up spyware and that.

its on my taskbar, how can i get rid of this?
Click to expand...
No one is hacking into your computer. A lot of people try and trick you into thinking you have a virus(which you do) and make you pay money to get rid of it.
 
Thanks for replying

well i discovered that i wasnt been hacked and learned that it was just one of those programs that want you to buy the software.

also "Please download SmitfraudFix (by S!Ri)" ive installed that and it has made my copmputer run really slow and ive had to switch computers. any ideas why?

so im going to try again and i have lots of spyware also. so hoefully i can get this sorted tonight!!! thanks i'll keep ya posted. :D
 
* Click here to download HJTsetup.exe
  • Save HJTsetup.exe to your desktop.
  • Doubleclick on the HJTsetup.exe icon on your desktop.
  • By default it will install to C:\Program Files\Hijack This.
  • Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
  • Put a check by Create a desktop icon then click Next again.
  • Continue to follow the rest of the prompts from there.
  • At the final dialogue box click Finish and it will launch Hijack This.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
 
Here is my log

SmitFraudFix v2.43

Scan done at 0:45:39.23, 13/05/2006
Run from C:\Documents and Settings\Liam Carlin\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\appmagr.dll FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Liam Carlin\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LIAMCA~1\FAVORI~1

C:\DOCUME~1\LIAMCA~1\FAVORI~1\Antivirus Test Online.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{64ba30a2-811a-4597-b0af-d551128be340}"="AppManager"

[HKEY_CLASSES_ROOT\CLSID\{64ba30a2-811a-4597-b0af-d551128be340}\InProcServer32]
@="C:\WINDOWS\system32\appmagr.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{64ba30a2-811a-4597-b0af-d551128be340}\InProcServer32]
@="C:\WINDOWS\system32\appmagr.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
 
This is my hijacked logfile

Logfile of HijackThis v1.99.1
Scan saved at 00:51:23, on 13/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dcomcfg.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Error Nuker\bin\ErrorNuker.exe
C:\Program Files\Ad-Protect\ad-protect.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Ad-Protect\ad-protect.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KVM.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...b/*http://uk.docs.yahoo.com/info/bt_side.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hp889E.tmp
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Ad-Protect Toolbar - {EA038DDD-0FE0-41f5-BA60-FC3660529E71} - C:\Program Files\Ad-Protect\ToolBand.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [Ad-Protect] C:\Program Files\Ad-Protect\ad-protect.exe /s
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: KVM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37710.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Next, please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning : running option #2 on a non infected computer will remove your Desktop background.

Please repost the SmitFraud log and a new hijackthis.
 
is this the right one? its the smithfraudfix v2.43

SmitFraudFix v2.43

Scan done at 2:40:39.07, 13/05/2006
Run from C:\Documents and Settings\Liam Carlin\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\appmagr.dll Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp????.tmp Deleted
C:\WINDOWS\system32\ld????.tmp Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\1024\ Deleted
C:\DOCUME~1\LIAMCA~1\FAVORI~1\Antivirus Test Online.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» End
 
This is the hijack

SmitFraudFix v2.43

Scan done at 2:40:39.07, 13/05/2006
Run from C:\Documents and Settings\Liam Carlin\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\appmagr.dll Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp????.tmp Deleted
C:\WINDOWS\system32\ld????.tmp Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\1024\ Deleted
C:\DOCUME~1\LIAMCA~1\FAVORI~1\Antivirus Test Online.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» End
 
haha, i cant even use copy and paste is this the one?

Logfile of HijackThis v1.99.1
Scan saved at 02:47:07, on 13/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Ad-Protect\ad-protect.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Ad-Protect\ad-protect.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\KVM.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
O3 - Toolbar: Ad-Protect Toolbar - {EA038DDD-0FE0-41f5-BA60-FC3660529E71} - C:\Program Files\Ad-Protect\ToolBand.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\Run: [Ad-Protect] C:\Program Files\Ad-Protect\ad-protect.exe /s
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: KVM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37710.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
 
Welcome,
Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

Please download ewido anti-malware it is a free version of the program.
  1. Install ewido anti-malware
  2. When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  3. Launch ewido, there should be an icon on your desktop, double-click it.
  4. The program will now open to the main screen.
  5. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  6. You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  7. The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • You will be prompted to clean the first infection.
  • Select "Perform action on all infections", then proceed.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.
 
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 03:53:19, 13/05/2006
+ Report-Checksum: 437E48BB

+ Scan result:

HKU\S-1-5-21-2422060362-2718707561-3501031115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA038DDD-0FE0-41F5-BA60-FC3660529E71} -> Adware.Ad-Protect : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.157:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.187:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Liam Carlin\Application Data\Mozilla\Firefox\Profiles\zgdno7q5.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup


::Report End
 
Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
 
NO, NEVER USE PANDA SOFTWARE. Oh that was the worst time of my life. Panda slowed me pc down so much, used all my ram, wouldnt unistall, crashed to much, even caused me to have to reinstall windows. Please do not use their software.
 
You need to learn what your talking about. This is an online panda scan. This cannot slow your computer down. Their was something else wrong with your computer.
 
Jars said:
You need to learn what your talking about. This is an online panda scan. This cannot slow your computer down. Their was something else wrong with your computer.
Click to expand...

Ya, Thats what I thought. I ran the scan, saw tons of viruses, and desided to get it. Oh what a horrable mistake. I guess you could potentialy be fine if your only using the online one. But dont download it.
 
You must log in or register to reply here.
Back
Top