Have recently inherited this PC, just wanted to double check everthing is ok with it. Historically, it has had some spyware problems and it seems to be running slow.
Have ran all the required programs in your Spyware section.
Here is the Active Scan log:
Incident Status Location
Adware:adware/pesttrap Not disinfected c:\windows\soft.exe
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bs.serving-sys[1].tx t
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\HP_Owner\Cookies\hp_owner@serving-sys[2].txt
Possible Virus.
The other online virus program just found a couple of cookies which I deleted and then re-ran the program and it came up clear.
Found and removed a couple of bits of Spyware and Adware with the other programs. Deleted a couple of entries on the recomendation of your Spyware Detective.
Here is the Hijack This Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:29:37, on 21/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Please print out or save the following instructions in Notepad.
-----------------
Please download Cleanup! and install it. You will use this later.
*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups.
WARNING:Do not run cleanup under Windows XP x64 Edition. If you're not sure if you have the 64-bit version of Windows then you probably do not; however, you can check by using IE to download the whichcpu tool and then running it.
-----------------
Go to My Computer >Tools >Folder Options >View tab and select Show hidden files and folders. Uncheck the Hide protected operating system files (recommended) option. Also make sure there is no checkmark beside Hide file extensions for known file types. Click OK.
-----------------
While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.
Open Spybot Search & Destroy.
In the Mode menu click "Advanced mode" if not already selected.
Choose "Yes" at the Warning prompt.
Expand the "Tools" menu.
Click "Resident".
Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
In the File menu click "Exit" to exit Spybot Search & Destroy.
----------------
Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. Login on your usual account. Make sure to close any open browsers.
---------------
Open HijackThis and click on 'Do a System Scan Only'. Check the following entries (If they still exist, make sure you do not miss any)
Have followed your instructions and used Hijack This to fix the entries you have higlighted. The c:\windows\soft.exe file did exist still, so I deleted it (without any problems).
Have carried out the Cleanup! program. Here is the lastest Hijack This log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:42, on 26/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Deselect the Show hidden files and folders option.
Select the Hide file extensions for known types option.
Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.
------------
Please re-enable TeaTimer now that you are clean.
Open Spybot Search & Destroy.
In the Mode menu click "Advanced mode" if not already selected.
Choose "Yes" at the Warning prompt.
Expand the "Tools" menu.
Click "Resident".
Check the "Resident "TeaTimer" (Protection of overall system settings) active." box.
In the File menu click "Exit" to exit Spybot Search & Destroy.
--------------
Now we will flush your system restore points.
To turn off System Restore click Start > Right Click My Computer > Properties. Click the System Restore tab and Check"Turn off System Restore" or "Turn off System Restore on all drives" Click Apply. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this then Click OK.
Turn on System Restore by Clicking Start. Right-click My Computer, and then click Properties. Click the System Restore tab. Uncheck"Turn off System Restore" or "Turn off System Restore on all drives." Click Apply, and then OK.
This will create a new Restore Point.
--------------------
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.
=================================================
This is a good time to set up protection against further attacks. Read TonyKlein's How Did I Get Infected In The First Place?. You need an antivirus that is continually updated, a good firewall, a spyware blocker such as Spyware Blaster, and a real time spyware program such as Spyware Guard, to prevent spyware intrusions. IE-Spyad is another excellent program that places over 4000 websites and domains in the IE Restricted list, which will help prevent attempts to infect your system. All of the above have good free versions available. However, be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.
Please respond to this thread one more time so we can mark this thread as Resolved.
If you want to fight back the Malware Writers that have made your life a misery, please take a look here and read what you can do against it. _________________ Proud Member of ASAP
Proud Member of UNITE
From the Help2Go team - Your are Welcome and Happy Surfing
Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened, please request this by sending a moderator a PM with the address of the thread. This applies only to the original topic starter.
Everyone else please begin a New Topic. _________________ Proud Member of ASAP
Proud Member of UNITE
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
