Tech Support banner
Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
11 Posts
Discussion Starter · #1 ·
can anyone help me I am experiencing endless popup adverts everytime I open a Internet Explorer 6.028 browser in windows 2000 os. Here is my Highjack this log:

Logfile of HijackThis v1.99.1
Scan saved at 12:31:03 PM, on 01/05/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\sfmsvc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Kitco\Kcast\Kcast.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\btdownloadgui.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = William Interenet

Explorer
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6354A70B-55CB-6F6A-1D7F-4D449B321247} -

C:\DOCUME~1\ADMINI~1.W20\APPLIC~1\EXITAX~1\idle mail.exe (file missing)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat

7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] "C:\Program Files\ABBYY FineReader 7.0

Professional Edition\AbbyyNewsReader.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AWMON] "D:\Program Files\Lavasoft\Ad-Aware SE

Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [mapi default]

C:\DOCUME~1\ADMINI~1.W20\APPLIC~1\USERDO~1\wipeintrabait.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and

Settings\Administrator.W2000\Start Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation

Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe

Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software

Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common

Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog

Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

.................. Many thanks for your help :smile:
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
Hello and Welcome. Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before begining the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Ad-Aware's AdWatch

Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:
  • Open AdAware SE.
  • Go to AdWatch User Interface.
  • Go to Tools and Preferences.
  • At the bottom of the screen you will see 2 options Active and Automatic.
  • Active: This will turn Ad-Watch On\Off without closing it
  • Automatic: Suspicious activity will be blocked automatically
  • Uncheck both options. You can enable these after resolving your problem.
  • Unless they are turned off they could interfere with the fix.

---------------------------------------------------------------------------------------------

Please Download NoLop to your desktop from one of the links below...
Link 1
Link 2
Link 3
  • First close any other programs you have running as this will require a reboot
  • Double click NoLop.exe to run it
    • Carefully type or copy and paste this series of characters into the lower text area labelled Insert CLSID Here. Include the {}:

      {6354A70B-55CB-6F6A-1D7F-4D449B321247}
  • Now click the button labelled "Search and Destroy"
    <<your computer will now be scanned for infected files>>
  • When scanning is finished you will be prompted to reboot only if infected, Click OK
  • Now click the "REBOOT" Button.
  • A Message should popup from NoLop. If not, double click the program again and it will finish Please Post the contents of C:\NoLop.log along with a fresh HijackThis log
--If you receive an error, "mscomctl.ocx or one of its dependencies are not correctly registered," please download mscomctl.ocx to your system32 folder then rerun the program. --

Please turn off (uncheck) the Wordwrap feature in Notepad, by going to Format in the menu bar. It creates the double space effect in the HJT log, and is difficult to read.
 

·
Registered
Joined
·
11 Posts
Discussion Starter · #3 ·
I have completed all the instructions and I have c&p the log files below. Thanks fo your help

Logfile of HijackThis v1.99.1
Scan saved at 5:44:01 PM, on 01/05/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\llssrv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\sfmsvc.exe
C:\WINNT\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = William Interenet Explorer
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] "C:\Program Files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [KITCO] C:\Program Files\Kitco\Kcast\Kcast
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AWMON] "D:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [mapi default] C:\DOCUME~1\ADMINI~1.W20\APPLIC~1\USERDO~1\wipeintrabait.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator.W2000\Start Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\Administrator.W2000\Desktop
[01/05/2007]
[5:35:10 PM]

---Infection Files Found/Removed---
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\ford obj pop.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\stswswud.exe
C:\Documents and Settings\Administrator.W2000\Local Settings\Temp\9b304184.exe
C:\Documents and Settings\Administrator.W2000\Local Settings\Temp\9b31206a.exe
C:\Documents and Settings\Administrator.W2000\Local Settings\Temp\9b3169b0.exe
C:\Documents and Settings\Administrator.W2000\Local Settings\Temp\9b36254d.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\ckozxxmo.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\flurhgxi.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\kvlyoibb.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\nndtwbam.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\snrtdqar.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\trytsboj.exe
C:\Documents and Settings\Administrator.W2000\Application Data\User download long\xcaksixh.exe
C:\Documents and Settings\All Users.WINNT\Application Data\Play Open Bind Gpl\RemoteBlue.exe
C:\WINNT\tasks\A59F31CF9184ADD3.job

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\Administrator\Application Data\Adobe
C:\Documents and Settings\Administrator\Application Data\Alien Skin
C:\Documents and Settings\Administrator\Application Data\Corel
C:\Documents and Settings\Administrator\Application Data\Cyberlink
C:\Documents and Settings\Administrator\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Administrator\Application Data\Identities
C:\Documents and Settings\Administrator\Application Data\Intertrust
C:\Documents and Settings\Administrator\Application Data\Macromedia
C:\Documents and Settings\Administrator\Application Data\Metaproducts
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\Administrator\Application Data\Microsoft Web Folders -- EMPTY Directory
C:\Documents and Settings\Administrator\Application Data\Ulead Systems
C:\Documents and Settings\Administrator\Application Data\Van **** Technologies
C:\Documents and Settings\Administrator.w2000\Application Data\.bittorrent
C:\Documents and Settings\Administrator.w2000\Application Data\Abbyy
C:\Documents and Settings\Administrator.w2000\Application Data\Adobe
C:\Documents and Settings\Administrator.w2000\Application Data\Adobeum
C:\Documents and Settings\Administrator.w2000\Application Data\Ahead
C:\Documents and Settings\Administrator.w2000\Application Data\Apple Computer
C:\Documents and Settings\Administrator.w2000\Application Data\Autodesk
C:\Documents and Settings\Administrator.w2000\Application Data\Blumentals
C:\Documents and Settings\Administrator.w2000\Application Data\Brother
C:\Documents and Settings\Administrator.w2000\Application Data\Corel
C:\Documents and Settings\Administrator.w2000\Application Data\Cyberlink
C:\Documents and Settings\Administrator.w2000\Application Data\Exit Axis 4 -- EMPTY Directory
C:\Documents and Settings\Administrator.w2000\Application Data\Foobar2000
C:\Documents and Settings\Administrator.w2000\Application Data\Google
C:\Documents and Settings\Administrator.w2000\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Administrator.w2000\Application Data\Ibp
C:\Documents and Settings\Administrator.w2000\Application Data\Identities
C:\Documents and Settings\Administrator.w2000\Application Data\Imvu
C:\Documents and Settings\Administrator.w2000\Application Data\Ishell
C:\Documents and Settings\Administrator.w2000\Application Data\Lavasoft
C:\Documents and Settings\Administrator.w2000\Application Data\Macromedia
C:\Documents and Settings\Administrator.w2000\Application Data\Metaproducts
C:\Documents and Settings\Administrator.w2000\Application Data\Microsoft
C:\Documents and Settings\Administrator.w2000\Application Data\Microsoft Web Folders -- EMPTY Directory
C:\Documents and Settings\Administrator.w2000\Application Data\Mozilla
C:\Documents and Settings\Administrator.w2000\Application Data\Netscape
C:\Documents and Settings\Administrator.w2000\Application Data\Opera
C:\Documents and Settings\Administrator.w2000\Application Data\Quark
C:\Documents and Settings\Administrator.w2000\Application Data\Real
C:\Documents and Settings\Administrator.w2000\Application Data\Shinycore
C:\Documents and Settings\Administrator.w2000\Application Data\Skype
C:\Documents and Settings\Administrator.w2000\Application Data\Sun
C:\Documents and Settings\Administrator.w2000\Application Data\Ulead Systems
C:\Documents and Settings\Administrator.w2000\Application Data\Van **** Technologies
C:\Documents and Settings\Admini~1~w20\Application Data\Macromedia
C:\Documents and Settings\All Users\Application Data\Bitstream Font Navigator
C:\Documents and Settings\All Users\Application Data\Cyberlink
C:\Documents and Settings\All Users\Application Data\Macromedia
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Ulead Systems
C:\Documents and Settings\All Users.winnt\Application Data\Abbyy
C:\Documents and Settings\All Users.winnt\Application Data\Adobe
C:\Documents and Settings\All Users.winnt\Application Data\Adobe Systems
C:\Documents and Settings\All Users.winnt\Application Data\Apple Computer
C:\Documents and Settings\All Users.winnt\Application Data\Autodesk
C:\Documents and Settings\All Users.winnt\Application Data\Bitstream Font Navigator
C:\Documents and Settings\All Users.winnt\Application Data\Cyberlink
C:\Documents and Settings\All Users.winnt\Application Data\Dvd Shrink
C:\Documents and Settings\All Users.winnt\Application Data\Macromedia
C:\Documents and Settings\All Users.winnt\Application Data\Macrovision
C:\Documents and Settings\All Users.winnt\Application Data\Microsoft
C:\Documents and Settings\All Users.winnt\Application Data\Quark
C:\Documents and Settings\All Users.winnt\Application Data\Quicktime
C:\Documents and Settings\All Users.winnt\Application Data\Skype -- EMPTY Directory
C:\Documents and Settings\All Users.winnt\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users.winnt\Application Data\Ulead Systems
C:\Documents and Settings\Default User\Application Data\Macromedia
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User.winnt\Application Data\Macromedia
C:\Documents and Settings\Default User.winnt\Application Data\Microsoft
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
That looks better, but we have some work to do.

Before begining the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Ad-Aware's AdWatch

Please disable AdWatch, as it may hinder the removal of some entries. You can re-enable it after you're clean.
To disable AdWatch:
  • Open AdAware SE.
  • Go to AdWatch User Interface.
  • Go to Tools and Preferences.
  • At the bottom of the screen you will see 2 options Active and Automatic.
  • Active: This will turn Ad-Watch On\Off without closing it
  • Automatic: Suspicious activity will be blocked automatically
  • Uncheck both options. You can enable these after resolving your problem.
  • Unless they are turned off they could interfere with the fix by HijackThis.


Open HijackThis and click on 'Do a System Scan Only'. Check the following entries if they exist (make sure you do not miss any) and click Fix Checked

O4 - HKCU\..\Run: [mapi default] C:\DOCUME~1\ADMINI~1.W20\APPLIC~1\USERDO~1\wipeintrabait.exe

Close HijackThis now.

---------------------------------------------------------------------------------------------

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Also make sure there is no checkmark beside Hide file extensions for known file types
* Click Yes to confirm and then click OK.


Delete the following if they exist:

C:\Documents and Settings\Administrator.w2000\Application Data\Exit Axis 4
C:\Documents and Settings\Administrator.W2000\Application Data\User download long


---------------------------------------------------------------------------------------------

Download and install CleanUp!
NOTE: CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, make a backup of these before running CleanUp!. Do NOT run this program if you have XP Professional 64 bit edition. If you're unsure please do not run it! If you don't already know, you're probably not using XP64, but you can download & run this tool to find out for sure.....http://www.kellys-korner-xp.com/regs_edits/xp_whichcpu.exe

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
Set the program up as follows:
Click "Options..."
Move the arrow down to "Custom CleanUp!"
Put a check next to the following (Make sure nothing else is checked!):
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files (if present)
  • Cleanup! All Users
  • Click on the Temporary Files tab and uncheck the box for Scan drives for files matching if it’s checked.
Click OK
Press the CleanUp! button to start the program.

It may ask you to log-off/reboot at the end, if it does please do so.

---------------------------------------------------------------------------------------------

I see no evidence of an AntiVirus program on your system. This must be resolved. Connecting to the Internet without antivirus protection is a "Welcome" doormat for malware. It can take as little as eight seconds to infect an unprotected computer.

Here are a few very good free Antivirus products which are available:Select one of these, or another of your choice. Do not install more than one antivirus program because they will conflict with each other. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out.

---------------------------------------------------------------------------------------------

You don't seem to have a firewall program installed. Using a firewall will allow you to give/deny access for applications that want to go online. Select one of these, or another of your choice:

.

---------------------------------------------------------------------------------------------

Perform an online scan with Internet Explorer with Panda ActiveScan
  1. Click on
    located at the bottom of the page.
  2. A "pop up" window will appear. * Please ensure that your pop up blocker doesn't block it *
  3. Enter your e-mail address, country, and state & click "Free Online Scan" *The download of the 8 MB Panda's ActiveX control will take place*
Begin the scan by selecting
  • If it finds any malware, it will offer you a report.
  • Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
  • Click on
    then click
* You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
* Turn off the real time scanner of any existing antivirus program while performing the online scan


Paste the Panda Scan report here together with a new HiJack This log.

How is your system behaving now, please?
 
1 - 4 of 4 Posts
Status
Not open for further replies.
Top