Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PTAHYDRA removal


  • Please log in to reply

#1
thinkdangit

thinkdangit

    New Member

  • Member
  • Pip
  • 2 posts
Logfile of HijackThis v1.99.1
Scan saved at 1:42:45 PM, on 2/19/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ltmsg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Tyrone C. Daniels\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {23314D99-1240-4d4f-A25C-17E44823D048} - C:\WINNT\system32\ipv6monl.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1171907598020
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab55579.cab
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...ploader_v10.cab
O20 - Winlogon Notify: 1_32bean32_1reg - C:\Documents and Settings\All Users\Documents\Settings\1_32bean32_1.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)



[b]This is what I got with the uninstall:



Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0
AIM 6.0
ATI - Software Uninstall Utility
ATI Display Driver
AVG Anti-Spyware 7.5
Bejeweled 2 Deluxe
CCScore
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
HijackThis 1.99.1
HLPPDOCK
Intel® PRO Ethernet Adapter and Software
kgcbase
Kodak EasyShare software
KSU
Lucent Win Modem
Macromedia Flash Player 8
Microsoft Office 2000 Premium
MSN Messenger 7.0
Netscape Browser (remove only)
Notifier
OfotoXMI
OTtBP
OTtBPSDK
Panda ActiveScan
Quicken 2001 Deluxe
Rhapsody Player Engine
SFR
SHASTA
SKIN0001
SKINXSDK
Sony USB Driver
staticcr
Viewpoint Media Player
VPRINTOL
Windows 2000 Hotfix - KB842773
Windows 2000 Service Pack 4
Windows Installer 3.1 (KB893803)
Windows Media Player 7.1
WIRELESS
Wireless-B Notebook Adapter Configuration Utility
Yahoo! Messenger



[b]Thanks in advance for your help! I have performed all four steps with no luck. :whistling:
I use Netscape--at the risk of sounding thick, would reinstalling Netscape have any effect?

Liz
  • 0

Advertisements


#2
didom

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order in which they are mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.

Step #1

Download Killbox to your desktop.
Click killbox.exe.
Select the option "Delete on reboot".
In the field labeled "Full Path of File to Delete" copy and paste next:

C:\Documents and Settings\All Users\Documents\Settings\1_32bean32_1.dll

Click the button: Single File (!important!)

Then press the button that looks like a red circle with a white X in it.
Killbox will tell you that the listed file will be removed on next reboot and asks if you would like to Reboot now, click YES

Your computer must reboot now.

Step #2

Scan again with HijackThis and check the following items:
O2 - BHO: (no name) - {23314D99-1240-4d4f-A25C-17E44823D048} - C:\WINNT\system32\ipv6monl.dll (file missing)

O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -

O20 - Winlogon Notify: 1_32bean32_1reg - C:\Documents and Settings\All Users\Documents\Settings\1_32bean32_1.dll (file missing)

After checking these items, close all browser windows except HijackThis and click "Fix checked".

Reboot your computer.

Step #5

Please go HERE to run Panda's ActiveScan
  • Once you are on the Panda site click the Scan your PC button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Click the big Scan Now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report
Start HijackThis, perform a new scan and save the log file.

Use the Add Reply button to post your new logs back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.
  • 0

#3
thinkdangit

thinkdangit

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hi didom--this is what I got from running ActiveScan: (wasn't sure where to post this...)


Incident Status Location

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c[3].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][2].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Local Settings\Temp\Cookies\tyrone c. [email protected][1].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Desktop\smitRem.exe[smitRem/Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Desktop\SmitfraudFix.zip[SmitfraudFix/Process.exe]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Cookies\tyrone c. [email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Tyrone C. Daniels\Cookies\tyrone c. [email protected][2].txt








HijackThis brought up this:

Logfile of HijackThis v1.99.1
Scan saved at 11:51:23 PM, on 2/21/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\Ati2evxx.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ltmsg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
C:\QUICKENW\QWDLLS.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Tyrone C. Daniels\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1171907598020
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...ploader_v10.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINNT\system32\drivers\KodakCCS.exe (file missing)



Uninstall from HijackThis:

Adobe Download Manager 1.2 (Remove Only)
Adobe Flash Player 9 ActiveX
Adobe Reader 7.0
AIM 6.0
ATI - Software Uninstall Utility
ATI Display Driver
AVG Anti-Spyware 7.5
Bejeweled 2 Deluxe
CCScore
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
HijackThis 1.99.1
HLPPDOCK
Hotfix for MDAC 2.53 (KB927779)
Intel® PRO Ethernet Adapter and Software
kgcbase
Kodak EasyShare software
Lucent Win Modem
Macromedia Flash Player 8
Microsoft Data Access Components KB870669
Microsoft Office 2000 Premium
MSN Messenger 7.0
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
Netscape Browser (remove only)
Notifier
OfotoXMI
OTtBP
OTtBPSDK
Panda ActiveScan
Quicken 2001 Deluxe
Rhapsody Player Engine
Security Update for Windows 2000 (KB923689)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 7.1 (KB917734)
SFR
SHASTA
SKIN0001
SKINXSDK
Sony USB Driver
staticcr
Viewpoint Media Player
VPRINTOL
Windows 2000 Hotfix - KB842773
Windows 2000 Hotfix - KB893756
Windows 2000 Hotfix - KB896358
Windows 2000 Hotfix - KB896422
Windows 2000 Hotfix - KB896423
Windows 2000 Hotfix - KB896424
Windows 2000 Hotfix - KB899587
Windows 2000 Hotfix - KB899589
Windows 2000 Hotfix - KB900725
Windows 2000 Hotfix - KB901017
Windows 2000 Hotfix - KB901214
Windows 2000 Hotfix - KB904706
Windows 2000 Hotfix - KB905414
Windows 2000 Hotfix - KB905495
Windows 2000 Hotfix - KB905749
Windows 2000 Hotfix - KB908519
Windows 2000 Hotfix - KB908531
Windows 2000 Hotfix - KB911280
Windows 2000 Hotfix - KB912919
Windows 2000 Hotfix - KB913580
Windows 2000 Hotfix - KB914388
Windows 2000 Hotfix - KB914389
Windows 2000 Hotfix - KB917008
Windows 2000 Hotfix - KB917422
Windows 2000 Hotfix - KB917736
Windows 2000 Hotfix - KB917953
Windows 2000 Hotfix - KB918118
Windows 2000 Hotfix - KB920213
Windows 2000 Hotfix - KB920670
Windows 2000 Hotfix - KB920683
Windows 2000 Hotfix - KB920685
Windows 2000 Hotfix - KB920958
Windows 2000 Hotfix - KB921398
Windows 2000 Hotfix - KB923191
Windows 2000 Hotfix - KB923414
Windows 2000 Hotfix - KB923694
Windows 2000 Hotfix - KB923980
Windows 2000 Hotfix - KB924191
Windows 2000 Hotfix - KB924270
Windows 2000 Hotfix - KB924667
Windows 2000 Hotfix - KB926436
Windows 2000 Hotfix - KB928090
Windows 2000 Hotfix - KB928843
Windows 2000 Hotfix - KB929969
Windows 2000 Service Pack 4
Windows Installer 3.1 (KB893803)
Windows Media Player 7.1
Windows Media Player Hotfix [See Q828026 for more information]
WIRELESS
Wireless-B Notebook Adapter Configuration Utility
Yahoo! Messenger



One more question and I'll leave you alone (at least for a little while!). Step One of "You must read this before..." recommends two different spyware downloads; I didn't do this because I was under the impression more than one program can have the opposite effect...but then I saw "multi-prong approach". Should I install SUPERAntiSpyware?

As always, thanks for your help!

Liz
  • 0

#4
didom

didom

    Member 1K

  • Member
  • PipPipPipPip
  • 1,919 posts
Cookies are nothing to be worried about. They get installed on your computer everytime you visit any webpage. Now some of those are good cookies that get installed for ease of use for next time you visit the same page, but some cookies are spyware used for tracking users surfing habits.

Most of those cookies are third party cookies that can be blocked:

In Firefox go to Tools > Options > Privacy > Cookies

Click the small triangle next to cookies to expand that tab and put a check next to "for the originating website only". This will prevent third party cookies from being installed on your computer.

In IE go to Tools > Internet Options > Privacy and click on Advanced in the Privacy tab

Now put a check next to "Override automatic cookie handling"

Set first party cookies to Accept and third party cookies to Block

Also put a check to "Always allow session cookies" OK your way out.

This won't prevent all bad cookies from being installed, but will reduce the amount.

Also there is another program you can use.

Spywareblaster Prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restricts the actions of potentially unwanted sites in Internet Explorer.

-----------------------------------

This log looks clean!
  • Don't forget to re-hide all files and folders. To re-hide all files and folders:
    • Open My Computer.
    • Select the Tools menu and click Folder Options.
    • Select the View Tab.
    • Under the Hidden files and folders heading deselect "Show hidden files and folders".
    • Check the Hide protected operating system files (recommended) option.
    • Click Yes to confirm.
    • Click OK.
  • This is a good time to set up protection against further attacks. Read the article behind this link "How did I get infected". If you don't already have them, you need an antivirus that is updated, a good firewall for example Kerio Personal Firewall or ZoneLabs Zone Alarm, a spyware blocker like SpywareBlaster and also IE-Spyads and spyware detection (Ad-aware SE and SpyBot S+D). All of these have good free versions available... be very cautious about any security software that advertises in popups or other intrusive ways, they are not only usually useless, but also often have malware in them....

    Instead of Internet Explorer, use a different browser like Opera, Mozilla or Firefox.

    Last, but not least, you need to keep Windows and Internet Explorer up to date by getting all the latest security patches that protects your computer.

    This can be accessed by going to http://windowsupdate.microsoft.com and following the prompts. If you are running Windows XP make sure you get updated to SP-2!!

    Please post back if you are still having any problems....

    Posted Image
-----------------------------------

One more question and I'll leave you alone (at least for a little while!). Step One of "You must read this before..." recommends two different spyware downloads; I didn't do this because I was under the impression more than one program can have the opposite effect...but then I saw "multi-prong approach". Should I install SUPERAntiSpyware?

Well, you're clean now so personally I would stick by one. If you were more infected I would advise another download.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP