Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SpySheriff problem and a few others [RESOLVED]


  • This topic is locked This topic is locked

#1
inu_yasha

inu_yasha

    New Member

  • Member
  • Pip
  • 8 posts
Hello Sir,
recently this SpySheriff software appeared from nowhere and got installed on my computer...its been causing problem everytime i boot the computer...apart from this there are also a number of trojan affected files IN SYSTEM FOLDER....evrytime i browse an error:"vx3.game is still infected with the downloader trojan" ...it cant be quarantined...i deleted it..yet it shows up the next time i am online...similar case with error:"game3[1].exe ..blah..blah"....


i tried to remove spysheriff with KILLBOX but in vain...its still there....when scanning with NAV2003PRO....it shows::"unable to repair\quarantine\delete downloader.trojan,desktop.exe,desktop.dll"...

Can u please solve this problem...it would be a great help....

....thanx

PS:my SYSTEMS folder has lot of infected files..which even on deleting show up again
  • 0

Advertisements


#2
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
here is my hijack log file...
Logfile of HijackThis v1.99.1
Scan saved at 12:30:07 PM, on 6/24/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2919.6304)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NOVAPORTAL.COM\NOVAPORTAL SINGLE USER\NPSU.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HFFSRV.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\THE CLEANER\TCA.EXE
C:\PROGRAM FILES\THE CLEANER\TCM.EXE
C:\WINDOWS\ptsnoop.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
E:\COLLECTIONS\IDMAN\IDMAN.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\E_SICN03.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
D:\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
E:\NEWLY DOWNLOADED\HIJACK\HIJACKTHIS.EXE

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\COLLECTIONS\IDMAN\IDMIECC.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [HFFSRV.EXE] C:\WINDOWS\SYSTEM\HFFSRV.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NovaPortal Single User Service] C:\PROGRAM FILES\NOVAPORTAL.COM\NOVAPORTAL SINGLE USER\NPSU.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKCU\..\Run: [BPK] D:\PRO\BPK.EXE
O4 - HKCU\..\Run: [IDMan] E:\COLLECTIONS\IDMAN\IDMAN.EXE /onboot
O4 - HKCU\..\Run: [BirthdayReminder] D:\BIRTHDAYREMINDER\BIRTHDAYREMINDER.EXE /remind
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Download with IDM - E:\COLLECTIONS\IDMAN\IEExt.htm
O8 - Extra context menu item: Download All Links with IDM - E:\COLLECTIONS\IDMAN\IEGetAll.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\SOFTWARE SETUP\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\SOFTWARE SETUP\MESSENGER\YPAGER.EXE
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downlo...sysnet32_EN.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.75tz.com/codac/inst2_ax.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-downlo....cab?refid=3548
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O21 - SSODL: OLE Module - {0656A137-B161-CADD-9777-E37A75727E78} - C:\WINDOWS\SYSTEM\thn32.dll (file missing)
  • 0

#3
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
I'm working on your log, as soon as another staff member reviews it I'll post a reply. :tazz: Thank you for your patience.
  • 0

#4
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
Heya and welcome to Geeks to Go, my name is Guse and I’ll be helping you today.

Please print these instructions out or copy and paste them to notepad as the internet may not be accessible through all of these fixes.

You do have quite an infection there, so let’s go through this step by step. This may take a few attempts to clean, so bear with me.

First, I’ll need you to download some programs for me:

Hoster
The CWShredder
DelDomains
Ewido Security Suite
Smitfraud.reg
Cleanup! (Install, but don’t run)
*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

Install and updateEwido
  • Install ewido security suite
  • Launch ewido, there should be a big E icon on your desktop, double-click it.
  • The program will prompt you to update click the OK button
  • The program will now go to the main screen
You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido

Now, update the CWShredder
  • Open CWShredder and click I AGREE
  • Click Check For Update
  • Close CWShredder
Run DelDomains.inf. Just right-click and select: Install (no need to restart)

Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Once in Safe Mode, Open Cleanup! by double-clicking the icon on your desktop. Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Scan local drives for temporary files
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.

After Cleanup! is finished:
  • Run Ewido.
  • Click on scanner
  • Make sure the following boxes are checked before scanning:
    • Binder
    • Crypter
    • Archives
  • Click on Start Scan
  • Let the program scan the machine
While the scan is in progress you will be prompted to clean the first infected file it finds. Choose "clean", then put a check next to "Perform action on all infections" in the left corner of the box so you don't have to sit and watch Ewido the whole time. Click OK.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report
  • Save the report to your desktop
  • Exit Ewido
Now run the CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about.Reboot into normal mode.

Go to Start > Settings > Control Panel > Add or Remove Programs and remove the following:

SpySheriff

Exit Add or Remove Programs.

Delete the following, in bold, if found:

C:\SpySheriff <-whole folder
C:\Install.dat
C:\Program Files\SpySheriff <-whole folder
C:\Windows\Desktop.html
C:\winstall.exe
C:\WINDOWS\SYSTEM\thn32.dll

Make sure you are disconnected from the Internet and that all programs and windows are closed. Run HiJackThis. Place a check next to the following items, if found, and click FIX CHECKED:

C:\WINDOWS\SYSTEM\thn32.dll
C:\winstall.exe


Close HiJackThis.

Double-click the smitfraud.reg you downloaded earlier. When asked if you want to merge with the registry click YES.

After the merged successfully prompt, using Windows Explorer, navigate to the following folder:

C:\Windows\Prefetch

If there are any files inside the Prefetch folder, delete ALL of them. (Do NOT delete the folder. Just delete the files inside.)

Reboot your computer.

You should be able to change your desktop back to normal now.

Post the report from Ewido and a new HiJackThis log into this topic.
  • 0

#5
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Sir,
i am not able to install EWIDO SECURITY SUITE...because my OS is windows 98....i also have winxp on my computer but i cant connect to the internet in that....all the trojans seem to have been installed in win98 system files.. and "ewido"...i cant run...is there any other ALTERNATIVE???....plz let me know.

THANX for the trouble u have taken so far..

Edited by inu_yasha, 02 July 2005 - 02:32 AM.

  • 0

#6
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
You're absolutely right. I knew Ewido didn't run on Windows 98 and I never put 1 + 1 together. Try this one (it's just like the last fix, but with Ewido removed). Make sure you read the part about AdAware SE. It would be confusing to me to just post a sentence, so follow these directions and disregard the last set. Again, I apologize.

Please print these instructions out or copy and paste them to notepad as the internet may not be accessible through all of these fixes.

You do have quite an infection there, so let’s go through this step by step. This may take a few attempts to clean, so bear with me.

First, I’ll need you to download some programs for me:

Hoster
The CWShredder
DelDomains
Smitfraud.reg
Cleanup! (Install, but don’t run)
*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!

Now, update the CWShredder
  • Open CWShredder and click I AGREE
  • Click Check For Update
  • Close CWShredder
Run DelDomains.inf. Just right-click and select: Install (no need to restart)

Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Once in Safe Mode, Open Cleanup! by double-clicking the icon on your desktop. Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Scan local drives for temporary files
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program.

Open Ad-aware and do a full scan. Remove all it finds.

Now run the CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about.Reboot into normal mode.

Go to Start | Settings | Control Panel | Add or Remove Programs and remove the following:

SpySheriff

Exit Add or Remove Programs.

Delete the following, in bold, if found:

C:\SpySheriff <-whole folder
C:\Install.dat
C:\Program Files\SpySheriff <-whole folder
C:\Windows\Desktop.html
C:\winstall.exe
C:\WINDOWS\SYSTEM\thn32.dll

Make sure you are disconnected from the Internet and that all programs and windows are closed. Run HiJackThis. Place a check next to the following items, if found, and click FIX CHECKED:

C:\WINDOWS\SYSTEM\thn32.dll
C:\winstall.exe


Close HiJackThis.

Double-click the smitfraud.reg you downloaded earlier. When asked if you want to merge with the registry click YES.

After the merged successfully prompt, using Windows Explorer, navigate to the following folder:

C:\Windows\Prefetch

If there are any files inside the Prefetch folder, delete ALL of them. (Do NOT delete the folder. Just delete the files inside.)

Reboot your computer.

You should be able to change your desktop back to normal now.

Post a new HiJackThis log into this topic.
  • 0

#7
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
err..there's one more problem....

i am not able to log into safe mode in WIN 98(whichever mode i choose in win98...only normal mode appears)
but i am able to log into safe mode in win XP.....
...what should i do?...its pretty confusing???

thanx again...

ps:i have 2 OS on my system..win98 in C drive and winxp in in D drive....(just thought u should know this)
  • 0

#8
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
Okay... let me make sure I have this right. During boot you hit F8. The menu shows. Using your arrows, you choose Safe Mode from the menu and it boots into normal mode regardless?

Failing to start up in safe mode can sometimes be attributed to certain types of viruses. I'm not sure that's the case here, but we should at least rule it out.

Trend HouseCall
Panda Active Scan

You've already done Panda, so do Housecall first and run Panda again if you'd like. Otherwise, I fear we're going to have to try these fixes in normal mode if the problem continues. It's by no means ideal, but we'll have to work with it.

Do those scans, try safe mode again and report back on how that goes.
  • 0

#9
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
ok...well....i did housecall(it deleted 2 trojans)

panda active scan--showed 46 infected files outa wich it disinfected 2 and got stuck

... but safe mode still did not come ...still normal mode only shows up for win98

but safe mode shows up for winxp ..Will safe mode for winxp do?
shall i do the cleaning thru winxp safe mode?
..or win98 normal mode itself?

no viruses were detetected...maybe my OS(Win98) IS CORRUPTED..

WHAT SHALL I DO,SIR?

THANKING U

Edited by inu_yasha, 04 July 2005 - 09:58 AM.

  • 0

#10
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
Still won't boot into safe mode in 98, eh? Oh well. We really should do this in Safe Mode, so the Windows XP safe mode with everything installed should do the trick.

Everything that tells you to work in normal mode do in 98, everything in safe mode do in XP. It's convoluted, but what fun is a "by the book" life?

Make sure you post the new HijackThis log when you're done.
  • 0

#11
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
New hijackthis log in normal mode of win98
...well..sir..i did the cleaning in both winxp and win98...these are the results..Spysheriff seems to have gone for the time being...but is my os still affected??


Logfile of HijackThis v1.99.1
Scan saved at 5:05:30 PM, on 7/7/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2919.6304)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NOVAPORTAL.COM\NOVAPORTAL SINGLE USER\NPSU.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HFFSRV.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\THE CLEANER\TCA.EXE
C:\PROGRAM FILES\THE CLEANER\TCM.EXE
C:\WINDOWS\ptsnoop.exe
E:\COLLECTIONS\IDMAN\IDMAN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\E_SICN03.EXE
E:\NEWLY DOWNLOADED\HIJACK\HIJACKTHIS.EXE

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\COLLECTIONS\IDMAN\IDMIECC.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [HFFSRV.EXE] C:\WINDOWS\SYSTEM\HFFSRV.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [NovaPortal Single User Service] C:\PROGRAM FILES\NOVAPORTAL.COM\NOVAPORTAL SINGLE USER\NPSU.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
O4 - HKCU\..\Run: [IDMan] E:\COLLECTIONS\IDMAN\IDMAN.EXE /onboot
O4 - HKCU\..\Run: [BirthdayReminder] D:\BIRTHDAYREMINDER\BIRTHDAYREMINDER.EXE /remind
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Download with IDM - E:\COLLECTIONS\IDMAN\IEExt.htm
O8 - Extra context menu item: Download All Links with IDM - E:\COLLECTIONS\IDMAN\IEGetAll.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\SOFTWARE SETUP\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\SOFTWARE SETUP\MESSENGER\YPAGER.EXE
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downlo...sysnet32_EN.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O21 - SSODL: OLE Module - {0656A137-B161-CADD-9777-E37A75727E78} - (no file)
  • 0

#12
Guse

Guse

    Visiting Staff

  • Member
  • PipPipPip
  • 624 posts
Congrats, your Log is clean! :tazz:

How is your computer running? Let me know.

In the future, here are some suggestions to keep your computer more secure:

Use a firewall - If you’re on a broadband connection, this shouldn’t even be an option. You can get a good, FREE firewall from ZoneLabs called ZoneAlarm here.

Make sure that you keep Windows up to date - Microsoft is constantly releasing updates to plug holes in their OS. It’s a good idea to take advantage of these as frequently as possible. As a matter of fact, if you’re lazy like me you can set Automatic Updates by right clicking on My Computer and selecting Properties . Then click the Automatic Updates tab, then click the Automatic radio button then click OK.

Make sure you have an up-to-date virus scanner – This is super important. Heck, it typically doesn’t even matter which one that you use… just pick one and keep it updated. A free virus scanner can be had from Grisoft, called AVG. Get it here.

You can also get a more secure browser – Not a necessity at all, but most exploits are manufactured to attack Internet Explorer. For the time being, browsers such as Opera and Firefox aren’t nearly as exploitable… yet.

Practice safe browsing – Just some run of the mill things to keep you safer. Don’t open email attachments even from people you know unless you know the attachment is coming. Try to stay to larger websites… it’s the smaller… less public ones that typically give you trouble (*this isn’t to say NEVER go there, just minimize it*). Also, try to stay legal: warez (stolen software) and file sharing apps (Kazaa, Torrents) tend to have grotesque amounts of spyware associated.

Just some helpful tips. Enjoy malware-free computing!
  • 0

#13
inu_yasha

inu_yasha

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
wow ;) ...sir....my computer is Clean again..
thanks to u....u r superb...and so is ur forum....yes sir,i will take all the precautions recommended...someday i will also contribute to this forum...i know i will....thanx a lot sir...U R A COOL GEEK :tazz:
  • 0

#14
therock247uk

therock247uk

    Expert

  • Expert
  • 14,671 posts
  • MVP
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP