[Studski]

this is what Panda's activescan displayed:
Incident:
1.Potentially unwanted tool:application/funweb location: HKEY_CURRENT_USER\Software\Microsoft\Windows\Currentversion\Ext\Stats\{1D4DB7D7D2-6EC9-47A3-BD87-1E41684E07BB}
2.Potentially unwanted tool: application/Restart location: C:\WINDOWS\system32\Tools\restart.exe

(displayed under "Hacking kits/tools")

I also run CCleaner, Secretmaker, and AVG ( all free versions) and my Secretmaker's security watchdog kept coming up-so i got suspicious and found this site and got on Panda's site and did the free "active scan" and searched and couldn't find anything.
Anybody that can help me or point me in the right direction it is greatly appreciated.
I bought this custom computer from a friend who installed all my programs on it ( inc. the secretmaker, CCleaner, AVG, and XP SP 2) I've had it for about 2 months with no problems however i think the online windows update is to blame,but honestly I have no idea. Help with this matter ( posted above) is greatly needed and appreciated!
please respond as soon as conveniently possible. thank you!

Edited by Studski, 23 May 2007 - 05:08 PM.

[Advertisements]

Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum

[Retired Tech]

Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum

[Studski]

When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report if you start a topic for assistance

this is what I did.

[Retired Tech]

Posted the report to Panda?

[Studski]

no I followed the steps on this forum-( the last one I completed is #11 on it.) ( the how to guide sticky)

I actually located one file with my CCleaner that was in Temp files under antiphishing and tried to delete it and it said 'access denied'. so i renamed it. opened it with Notepad and deleted all these weird symbols and letters. and then clicked save. I don't know if this correlates to the Activescan results...or had any positive effect but figured while i was waiting for a response from you guys why not.
again, if this makes sense to anyone clarity on clearing this up would be greatly appreciated or at least pointed in the right direction.. thank you!

[Studski]

also anytime I open IE, my security watchdog pops up and displays that" entapps.yahoo.com/customize/ycomp/defaults/"http//www" is trying to attempt search engine change. and anytime I login to my yahoo mail account http://fpdownload.ma...ash/swflash.cab is displayed also as a warning by my security watchdog. I have to keep rejecting it everytime either of these opens...

Edited by Studski, 23 May 2007 - 06:02 PM.

[Retired Tech]

You still need to get a Hijack This log and post it in the Malware Forum because that is the part of the site that deals with them

http://www.geekstogo...o-Here-f37.html