Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ActiveScan Results


  • Please log in to reply

#1
Studski

Studski

    New Member

  • Member
  • Pip
  • 5 posts
this is what Panda's activescan displayed:
Incident:
1.Potentially unwanted tool:application/funweb location: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Ext\Stats\{1D4DB7D7D2-6EC9-47A3-BD87-1E41684E07BB}
2.Potentially unwanted tool: application/Restart location: C:\WINDOWS\system32\Tools\restart.exe

(displayed under "Hacking kits/tools")

I also run CCleaner, Secretmaker, and AVG ( all free versions) and my Secretmaker's security watchdog kept coming up-so i got suspicious and found this site and got on Panda's site and did the free "active scan" and searched and couldn't find anything.
Anybody that can help me or point me in the right direction it is greatly appreciated.
I bought this custom computer from a friend who installed all my programs on it ( inc. the secretmaker, CCleaner, AVG, and XP SP 2) I've had it for about 2 months with no problems however i think the online windows update is to blame,but honestly I have no idea. Help with this matter ( posted above) is greatly needed and appreciated!
please respond as soon as conveniently possible. thank you!

Edited by Studski, 23 May 2007 - 05:08 PM.

  • 0

Advertisements


#2
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum
  • 0

#3
Studski

Studski

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report if you start a topic for assistance

this is what I did.
  • 0

#4
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Posted the report to Panda?
  • 0

#5
Studski

Studski

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
no I followed the steps on this forum-( the last one I completed is #11 on it.) ( the how to guide sticky)

I actually located one file with my CCleaner that was in Temp files under antiphishing and tried to delete it and it said 'access denied'. so i renamed it. opened it with Notepad and deleted all these weird symbols and letters. and then clicked save. I don't know if this correlates to the Activescan results...or had any positive effect but figured while i was waiting for a response from you guys why not.
again, if this makes sense to anyone clarity on clearing this up would be greatly appreciated or at least pointed in the right direction.. thank you!
  • 0

#6
Studski

Studski

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
also anytime I open IE, my security watchdog pops up and displays that" entapps.yahoo.com/customize/ycomp/defaults/"http//www" is trying to attempt search engine change. and anytime I login to my yahoo mail account http://fpdownload.ma...ash/swflash.cab is displayed also as a warning by my security watchdog. I have to keep rejecting it everytime either of these opens...

Edited by Studski, 23 May 2007 - 06:02 PM.

  • 0

#7
Retired Tech

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
You still need to get a Hijack This log and post it in the Malware Forum because that is the part of the site that deals with them

http://www.geekstogo...o-Here-f37.html
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP