Over 1 million tech questions and answers.

Panda Active Scan Report

Q: Panda Active Scan Report

Incident Status LocationAdware:adware/swimsuitnetwork Not disinfected c:\windows\system32\MYDLL.dllSpyware:spyware/cws.olehelp Not disinfected Windows RegistryMy Comp is running Good but What Should i nead to do now?

RELEVANCY SCORE 200
Preferred Solution: Panda Active Scan Report

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Panda Active Scan Report

MYDLL.dll is related to Spyware.ActualNames and often includes other malware files which ActiveScan may not have found. If you click on the Removal Tab in the Symantec link there are instructions for removing/unregistering the .dll.What OS (Win XP/2000, etc) are you using? What is your primary anti-virus and when was the last time you ran a scan? Have you performed any anti-spyware scans other than ActiveScan? If not, start here:If your running Win XP/2000, download and scan with Ewido Anti-Spyware v4.0 in "SAFE MODE".Print out the Ewido Install and Scan Instructions. Download and scan with Ad-Aware SE Personal 1.06. Setup & Configure as shown here.Download and scan with Spybot S&D 1.4. Setup & Configure as shown here.[DO NOT choose the option to install TeaTimer]Note: If you encounter any error messages while downloading the updates, manually download them from here.

Read other 6 answers
RELEVANCY SCORE 103.6

Doing as told...This dont look to pretty good...(lol)
Panda online scan results..Help



Incident Status Location

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][1].txt
Spyware:Cookie/BestOffersNetworks Not disinfected C:\Documents and Settings\Adam White\Cookies\adam [email protected][2].txt ... Read more

A:[SOLVED] Panda active scan report..Highjacked..Help

bump bump

Read other 5 answers
RELEVANCY SCORE 81.6

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-06-23 22:43:10
PROTECTIONS: 1
MALWARE: 25
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Trend Micro AntiVirus - Virus Protection 15.10.2002 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner.Family\Application Data\Mozilla\Firefox\Prof... Read more

A:My scan for malware with Panda Active Scan

Hello -

It appears as though you've stopped at Step 2.

Step 5 would have you do this:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
Please attach extra.txt to your post.
To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

What DSS will do: create a new System Restore point in Windows XP and Vista.
clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------

Read other 1 answers
RELEVANCY SCORE 80.4

Hey guys, someone once recommended panda active scan on here.. so ive done a scan and it shows 24 spyware and 4 hacks... however it wont let me remove them without purchasing... but my other programs wont find these problems. so im hoping by posting the scan log someone can help me out...

******************************
Incident Status Location

Potentially unwanted tool:application/seekmo Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5929CD6E-2062-44A4-B2C5-2C7E78FBAB38}
Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\
Potentially unwanted tool:application/zango Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{99410cde-6f16-42ce-9d49-3807f78f0287}
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Erin's Mom\Application Data\Mozilla\Firefox\Profiles\o47jdgha.default\COOKIES.TXT[.perf.overture.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Erin's Mom\Application Data\Mozilla\Firefox\Profiles\o47jdgha.default\COOKIES.TXT[.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Erin's Mom\Application Data\Mozilla\Firefox\Profiles\o47jdgha.default\COOKIES.TXT[.atdmt.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Erin's Mom\Application Data\Mozilla\Firefox\Profiles\o47jdgha.default\CO... Read more

A:Panda Active scan

most are cookies so are harmless

Please download ATF Cleaner by Atribune
This program is for XP and Windows 2000 only

Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

and I wouldn't worry about the others but see what this finds & fixes

Please download WebRoot SpySweeper from HERE (It's a 2 week trial):
Click the Free Trial link under "Downloads/SpySweeper" to download the program.
Install it. Once the program is installed, it will open.
It will prompt you to update to the latest definitions, click Yes.
Once the definitions are installed, click Options on the left side.
Click the Sweep Options tab.
Under What to Sweep please put a check next to the following:
Sweep Memory Objects
Sweep Windows Registry
Sweep Cookies
Sweep All User Accounts
Enable Direct Disk Sweeping
Sweep Compressed Files
Sweep for Rootkits
Please UNCHECK Sweep System Restore Folder.

Click Sweep Now on the left side.
Click the Start button.
When it's done scanning, click the Next bu... Read more

Read other 3 answers
RELEVANCY SCORE 80.4

I ran a panda active scan. Now what do I do to delete what it found.

Incident Status Location

Potentially unwanted tool:Application/Service9x Not disinfected C:\windows\System32\spool\DRIVERS\W32X86\3\DLCGtime.dll
Adware:adware/sahagent Not disinfected c:\windows\downloaded program files\sporder_.dll
Adware:adware/gator Not disinfected c:\windows\GatorHDPlugin.log-old.log ... Read more

A:Ran a panda active scan. Need help to fix.

Panda will clean viruses and worms but NOT spyware so you need to perform some anti-malware scans.Download and scan with Ad-Aware SE Personal 1.06. Setup & Configure as shown here.If you encounter any problems while downloading the updates, manually download them from here.Download and scan with Spybot S&D 1.4. Setup & Configure as shown here - (do not choose the option to install TeaTimer)If you encounter any error messages while downloading the updates, manually download them from here.Download and scan with SUPERAntiSypware Free for Home UsersIf you encounter any problems while downloading the updates, manually download and unzip them from here.Download ATF Cleaner by Atribune. (This program is for XP and Windows 2000 only)Double-click ATF-Cleaner.exe to run the program.Under Main "Select Files to Delete" choose: Select All.Click the Empty Selected button.If you use Firefox browser click Firefox at the top and choose: Select AllClick the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browser click Opera at the top and choose: Select AllClick the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Then download and scan with AVG Anti-Spyware 7.5 in "SAFE MODE".(This is Ewdio 4.0 renamed. If you already have Ewido installed, please update to this version which has a... Read more

Read other 1 answers
RELEVANCY SCORE 80.4

Has anyone had trouble downloading this from I E?I have been trying for ages now but to no avail .I have tweaked my internet options settings turned off pop up blocker but unless it a browser thing I do not know what next.Any help would be appreciated.
 

A:Panda Active Scan

Read other 9 answers
RELEVANCY SCORE 80.4

Does anyone know why I cannot get panda active scan to work?
I try to go to the site and all I get is " this page cannot be displayed"
 

A:panda active scan

The website is just congested or your connection is compromised.
 

Read other 1 answers
RELEVANCY SCORE 80.4

I was following the steps to find and remove malware/spyware,i followed a link from this site to panda activescan.After i installed the program and went to run it i recieved a notification from Avast that it contained spyware so i aborted the connection.Im just wondering if this is a trusted program or avast has got it wrong because it has failed me before.thanks for your help.

EDIT: My apologies,i didnt see the "Avast users notice" at the bottom of the thread

A:panda active scan

I haven't used panda before for my spyware removal. I would recommend that you try downloading Spybot Search and Destroy. This is a great free program that is great.

I did a little searching with my friend google, and haven't found anything yet that says that Panda active scan has malware. So, go ahead and use it but I would recommend Spybot too.

Cheers!

Read other 1 answers
RELEVANCY SCORE 80.4

Since I installed IE7, I can't do a Panda Active Scan.

- Is there an issue with ActiveX Controls in IE7? The option to allow them to run appears once, and after allowing, the scan fails to initialize. How do you allow periodic ActiveX Controls to run in IE7?

-Also, is it safer or worse (security-wise) to use the guest account for internet use on a standalone pc? As it's so restricted, I imagined it would be safer, but when I recently did a Belarc Adviser Audit, it highlighted the fact I had the guest account enabled.

-And a really stupid question here - how do you put the title of a post in bold lettering - stupid cos so many other people seem tyo have figured it out!!

P.S. Not sure if this is in the correct Forum, if not, maybe a kind mod might move it to security.

Thanks in advance
 

A:Ie7 + Panda Active Scan

Read other 6 answers
RELEVANCY SCORE 79.6

I was trying to download the active-x for the Panda scan and my Avast antivirus said it encountered a virus and to abort the connection. Should I disable Avast when trying to do the Panda scan? Thanks
 

A:Solved: Panda active scan

tburges said:

I was trying to download the active-x for the Panda scan and my Avast antivirus said it encountered a virus and to abort the connection. Should I disable Avast when trying to do the Panda scan? ThanksClick to expand...

Sometimes you will have too. If you can't get panda to work try these

Kaspersky Online Virus Scan

Housecall

After one of the scan's completes

Post a fresh Hijackthis and/or Panda, Kaspersky, Housecall log.
 

Read other 3 answers
RELEVANCY SCORE 79.6

I have noticed quite abit of slow down in the past few days such as high cpu usage when running routine tasks and sluggish performance. Today I actually had a program crash while I was in it (a game).
I looked in my HJT log and there are a few suspicious entries could someone by chance tell me if the Trojan that has been detected and the suspicious entries I have found are related?
thank you in advance.

here are the two suspicious entries which I suspect could be causing problems

O2 - BHO: (no name) - {8E022E70-8918-4A4B-839F-D847C7DB2B4C} - (no file)
O2 - BHO: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: (no name) - {8E022E70-8918-4A4B-839F-D847C7DB2B4C} - (no file)

make that three on closer inspection

here is the rest of the log if it helps.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04, on 2008-09-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjo... Read more

Read other answers
RELEVANCY SCORE 79.6

i tried to follow the first steps listed, however, my computer will not download panda security to run the program. I also have no access to my computer, control panel search,run. the icons are gone. Please help!

A:panda active scan results Please Help!

I followed all the sterps. here are the results. palease direct me what to do now.

Read other 1 answers
RELEVANCY SCORE 78.8

I just went to purchase Panda Active Scan on demand scanner and there is a block for a Discount Coupon?

Is anyone familiar with where I might find this?
Thank you.

Read other answers
RELEVANCY SCORE 78.8

Hi. I was here trying to remove one of my PCs from IE Defender pop-ups and found this to be a great site I followed all the steps as mentioned in the forum on IE defender removal and seem to have removed it. After I found that the pop-ups and fake yahoo site message of my PC being infected did not appear. Still to be doubly sure I went up to Panda Active Scan online (Free scanning of my PC). One of my PCs are not near me and someone else has scanned it for me based on my telephonic step by step instructions. I followed the same steps on my own PC at my end, so I am not sure what he has done but he tells me that when Active Scan ran it showed his PC detecting spyware and also disinfecting it at the same time. There are, as you know, two columns:One headed "Detected" the other headed "Disinfected". Now both of us had chosen "My Comouter" from the choices given. The other PC showed that 11 Spyware were detected and disinfected (all this while the active scan was running and was not even complete) whereas mine showed detected 18 but disinfected none even after the end of the scan. At the end of my scan it still showed disinfected as "0"Question:-1. Why is it that in my PC the disinfection was not carried out and on the other PC it was? [I am not able to see the other PC and the person there is not computer friendly so am not able to see what it detected at that end. But thought maybe someone can tell me as the site of Panda does not see... Read more

A:Using Panda Active Scan 5.54.01 Online Check

Panda ActiveScan does not remove adware/spyware but will autoclean for viruses & worms...and scan for rootkits. It also uses non-encrypted virus definitions so you may have to disable your resident anti-virus program before scanning or it may detect ActiveScan as a virus.To remove items is does not clean, download and scan with SUPERAntiSpyware Free in "SAFE MODE". In your case, most of what is showing are cookies.Cookies are text string messages given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose of cookies is to identify users and prepare customized Web pages for them.Cookies can be categorized as:? Trusted cookies are from sites you trust, use often, and want to be able to identify and personalize content for you. ? Nuisance cookies are from those sites you do not recognize or often use but somehow it's put a cookie on your machine. ? Bad cookies are those that can be linked to an ad company or something that tracks your movements across the web. They are called "profiling cookies," "persistent cookies," "long term tracking cookies," "third par... Read more

Read other 3 answers
RELEVANCY SCORE 78.8

I was instructed by ThorXP to follow a five step procedure and post the results under the hijackthis section of the forum.

Active Scan has been running for five hours. It has been stuck on 42% for about three of those hours.

Is this normal?

It is scanning C:\Windows\Installer

I can't even see this folder on my computer.

Thanks,
Matt

A:Possible problem running Panda Active Scan

I am running:

Dell 3000
Windows XP Home Edition
SP2
Pentium4 CPU 4GHz
1GB Ram
145GB Hard Drive
42GB Free
eTrust anti-virus (provided by Mediacom Cable Modem provider)
Adware 2007
Spybot Search and Destroy
5 Users - All are Administrators. All over 17 yrs.

About 6 weeks ago the computer started acting funny.

While on the internet pages started taking longer to load. This is about the time my son got on-line with Halo for XBox 360. Not networked thru the computer just using a Linksys wireless router.

Sometimes when Users click on Internet Explorer Microsoft Word Installer begins to run. (I already have Word Installed)

It had been a while since running Spybot. When I checked for updates it would not let me download the update. So I uninstalled Spybot and tried to install it again and it would not let me install. (Can't remember the warning) I logged on under my wife's user name and it let me install and run spybot. We have 5 users and her user is the only one that can actually run the spybot program. Adware 2007 will run under any user.

My wife's user is the only one that can now access the Program Files directory. Everyone used to be able to access this directory. When logged on under my user I right click on Program Files directory and click on sharing tab and it says, at the bottom, "All options on this tab are disabled because this folder is used by the operating system"

I there are 13 files that I have tried to delete and it tells ... Read more

Read other 19 answers
RELEVANCY SCORE 78.8

I downloaded a codec from cnet and now it looks like it it infected me. I really dont see anythnig in my Hijackthis log but maybe someone can help

Logfile of HijackThis v1.99.1
Scan saved at 10:32:37 AM, on 6/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Netscape Internet Service\ncupdatesvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\wuauclt.... Read more

A:Panda Active Scan found Downloader.MDW

Hello and welcome to TSF.

Sorry for the delayed response. The forum has been very busy.

You posted logs from several tools, which were not requested; but not included the Panda active scan report, which you mentioned in the title of your post as having found a downloader.

If you still need help please follow the instructions in IMPORTANT - Read This Before Posting A Log and post the two text files, main.txt and extra.txt produced by the Deckard's System Scanner.

Read other 1 answers
RELEVANCY SCORE 78.8

Dear L.S.,

My friend had/have some strange problems. He gets errors popping up which are usually followed by BSOD's. I've done the five steps here are the results...

Thanks for the help!

Panda:


Quote:




Incident Status Location

Potentially unwanted tool:Application/Service9x Not disinfected C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCFtime.dll
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Cookies\... Read more

A:Please review the DDS and Panda Active scan file

Bump!

Read other 6 answers
RELEVANCY SCORE 78.8

I downloaded a codec from cnet, and it looks like it infected me. Panda is the only thing that is finding it. I really dont see anything in my hijackthis log. Thanks for your helpLogfile of Trend Micro HijackThis v2.0.2Scan saved at 11:38:56 AM, on 6/1/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\Program Files\Netscape Internet Service\ncupdatesvc.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:&... Read more

A:Panda Active Scan Found Downloader.mdw

Hello JB20,Welcome back to Bleeping Computer First you should know that you're actually doing more harm than good by running 2 Anti Virus programs. (AVG and Norton) When you do this both programs compete for resources, and the end result is neither does it's best and can cause system instability. I recommend that you choose the one you want to keep, update it, disable or uninstall the other one, and use it as an on demand only scan occasionally.Now I'm assuming you're talking about an online Panda scan? We can look if you like, but Panda is notorious for false positives. It detected Avast! as a virus even. Or it could be something in System Restore it's picking up........let's see :Please download Malwarebytes' Anti-Malware from one of these places:http://www.majorgeeks.com/Malwarebytes_Ant...ware_d5756.htmlhttp://www.besttechie.net/tools/mbam-setup.exeDouble Click mbam-setup.exe to install the application. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Quick Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will ope... Read more

Read other 10 answers
RELEVANCY SCORE 78

Could someone please help.

I carried out a panda online active scan and it came up with the following results:


Incident Status Location

Adware:adware/cashdeluxe Not disinfected c:\windows\system32\MSWINF32.DLL
Adware:adware/commad Not disinfected Windows Registry
Adware:Adware/ActiveSearch Not disinfected C:\WINDOWS\SYSTEM32\MI1.EXE[2r_samba.exe][toolbar-w-google-r.dll] ... Read more

A:Infections found following panda online active scan

bump!

Read other 8 answers
RELEVANCY SCORE 78

Hello, I am not very happy with Panda's free scan, 2 days ago I ran a scan it came up with: adware/Navipromo not disinfected C\WINDOWS\system32\apqzkxgfmd.exe adware/Navipromo not disinfected C\WINDOWS\system32\aylhngezj.exe adware/Navipromo not disinfected C\WINDOWS\system32\nwdjtsfpv.exe adware/Navipromo not disinfected C\WINDOWS\system32\nxwhsfqp.exe I Googled all the .exe files and found nothing about them. Since I did not want Navipromo on my computer I deleted the .exe files, with no ill effects to my computer, I did notice that these files were created about the same time I ran the scan, and none of my other scanners that I had run before had found them at all. Being suspicious I ran another scan with Panda at 6:00 this morning after running Ad-Aware SE and SpyBot just before, with no results, Panda found: adware/Navipomo not disinfected C\WINDOWS\system32\lvupohksfe.exe I went to the file and guess what! it was created on 31-12-05 at 6:02AM size 233KB. I Googled this .exe file, no results. I do not think I will put much faith in Panda's Active Scan anymore, they seem to be putting Bleep into my computer and I do not like it at all. For a check up I ran Trend Micro's House Call, it found, I presume it is a trojan," Troj_SE.60717 ", House Call cleans it, but when I go back and run another scan House Call finds it again. I have searched the internet to find more information... Read more

A:A Beef About Panda Active Scan & T. M. House Call

thanks for the warning Wink!

Read other 8 answers
RELEVANCY SCORE 78

Hi everyone,

Panda Active-Scan found the following on my system...

Potentially unwanted tool:Application/KillApp.B
C:\hp\bin\KillIt.exe

Searching on the net, I found that this program is put on new HP computers by HP. I read online that HP told one person to scan for spyware & that HP told another person that removing this program could cause system instability.

Should I remove it or keep it ?

Thanks
John
 

A:Killit.exe found by Panda Active-Scan, HP put it there, should I remove or keep ?

john2004 said:

Potentially unwanted tool:Application/KillApp.B
C:\hp\bin\KillIt.exeClick to expand...

That is idicative that it is a Procedure Kill utility. Such a utility is NOT malware in
itself but it is flagged because it may be used in a malicious way.
You can leave it, it is not doing any harm.
 

Read other 1 answers
RELEVANCY SCORE 78

I subscribe to Panda Active Scan Pro I use it as a back up to my anti-virus software I already have (Norton Internet Security). I recently downloaded McAfee 's site advisor which I found to be very helpful in avoiding bad sites. But when I came to use Panda Active Scan I couldn't use it, when I entered my Username and password instead of the usual pop-up window opening nothing happened. I eventually discovered through trial and Error that it was the McAfee site advisor that was somehow interfering with the Panda Scan. I disabled the helper in Internet Options>Programs>Manage Add-ons. Now I am having Problems Re-enabling McAfee site Advisor, I have re-anbled the add-on but it is not showing on the tool bar in IE. Can somebody please Help

A:Panda Active Scan Pro & Mcafee Site Advisor

I am sorry Ignore the last post I figured it out! Duh! I just right clicked the toolbar then a list dropped down with ticks by them and Site Advisor didn't have a tick by it so I Highlighted it and Hey Presto! Site Advisor Re-appeared in the tool bar. I am Sorry If I wasted anybody's time.

Read other 2 answers
RELEVANCY SCORE 78

Hello everyone, I'm having problems with my internet connection it disconnects and connects to the internet (this is not a Router problem) it may be a ISP problem... but I'm nit sure about it, I ran Panda Active Scan tool and here is the log:


Code:
Incident Status Location

Adware:Adware/SaveNow Not disinfected C:\Archivos de programa\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\chrome\whenu_ff.jar[content/overlay.js]
Adware:Adware/SaveNow Not disinfected C:\Archivos de programa\Mozilla Firefox\extensions\{BEE3E87E-E1C6-4bfe-BE9D-48E84271AB34}\components\whenu_ff.dll
Adware:Adware/ActiveSearch Not disinfected C:\Archivos de programa\Sof... Read more

Read other answers
RELEVANCY SCORE 78

Panda Scan freezes in the same directory (c:\ntldr), after finding a number of entries. I have booted into safe mode and ran ad-aware and spybot, and they both now run clean. Here are the results for comboscan.txt:

ComboScan v20070210.13 run by user1 on 2007-02-13 at 18:07:49
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Restore was disabled; re-enabling.
Failed to create restore point: System Restore is disabled (service is not running).
Performed disk cleanup.


-- HijackThis log (run as user1.com) --------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 18:08, on 07-02-13
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect g 2.4Ghz 802.11g Wireless USB 2.0 Adapter\PRISMSVR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\SMC\SMC2862W-G EZ Connect ... Read more

A:Panda Active Scan freezes, machine still underperforms

Opps, here is Supplementary.txt:

ComboScan v20070210.13 run by user1 on 2007-02-13 at 18:07:49
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information -----------------------------------------------------------

Microsoft Windows XP Professional (build 2600)
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) 4 CPU 2.80GHz
Percentage of Memory in Use: 33%
Physical Memory (total/avail): 1022.8 MiB / 682.72 MiB
Pagefile Memory (total/avail): 2462.08 MiB / 2274.16 MiB
Virtual Memory (total/avail): 2047.88 MiB / 2005.3 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.52 GiB total, 46.53 GiB free.
D: is CDROM (No Media)
F: is Removable (FAT)


-- Security Center --------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is unknown.

-- Environment Variables --------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\user1\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=SLEEPYJOE
ComSpec=C:\WINDOWS\system32\cmd.exe
HOMEDRIVE=C:
HOMEPATH=\
LOGONSERVER=\\SLEEPYJOE
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\PROGRA~1\SecureFX;C:\Program Files\VSh... Read more

Read other 2 answers
RELEVANCY SCORE 78

I was unable to run the panda active scan due to the following error:

Code:
Microsoft Visual C++ Runtime Library

Runtime Error!

Program C:\Program Files\Internet Explorer\iexporer.exe
(and C:\Program Files\Mozilla Firefox\firefox.exe when on FF)


abnormal program termination
Additionally, my dad (who's the user of this computer) has complained about having the system automatically reboot after turning it off. I haven't been able to replicate this, though. Other than that, I just wanted to make sure the computer is relatively clean. Thanks.

Here's main.txt:
Deckard's System Scanner v20071014.68
Run by Jim Musselman on 2008-07-08 00:58:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Jim Musselman.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:39 AM, on 7/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe... Read more

A:unable to panda active scan & rebooting problem

nvm, this can be deleted. thanks.

Read other 1 answers
RELEVANCY SCORE 77.2

Logfile of HijackThis v1.99.1
Scan saved at 9:00:00 PM, on 7/25/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\iVasion\WinPoET\WrOS.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.exe
C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Belkin\F1U201.401\usbshare.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Internet Ex... Read more

A:Please Help! Have Aurora, ABetterInternet, & Panda Active Scan shows infections

Incident Status Location

Adware:Adware/BookedSpace No disinfected C:\WINNT\cfgmgr52.dll
Spyware:Spyware/BetterInet No disinfected C:\WINNT\AuroraHandler.dll
Adware:adware/look2me No disinfected C:\WINNT\DOWNLOADED PROGRAM FILES\ActiveX.ocx
Adware:adware/toprebates No disinfected C:\WINNT\DOWNLOADED PROGRAM FILES\WinadX.inf ... Read more

Read other 16 answers
RELEVANCY SCORE 77.2

I have Internet Explorer 7, and was recently trying the 5-Step Process that is required under the HiJack-This forum. I got to Step 2, and have been stuck there for a while, because whenever I try to click the "Scan" button on the Panda Activescan page, it does absolutely nothing; no windows come up, and no indication that it was even supposed to do anything. I tried this website out in Firefox, and Yep, it brings up a window like it should, but then tells me that the scan itself will only work in IE.

So then I try another scan recommended to me, Kaspersky Online Scanner, and I encounter the same problem. I click the button, but it does nothing; no window and no indication that it was supposed to to anything. Again, I try it in Firefox, and it does work, but informs me that the scan itself will only work in IE. So then I try to go into Internet Options for IE, and disable Pop-Up Blocker. It does not change or help anything. I turn off the Phishing Filter for this website; still nothing. I go into the Security and Privacy tabs under Internet Options and raise the notches on some of the bars relating to Cookies and Allowed levels; these do not help either.

I also tried holding down Ctrl or Shift while clicking the Scan button, because this used to do something I believe, but it does not help in this case.

I am wondering why no windows come up at all when I click this buttons; I'm trying to get through the 5-step process as fast as possible, but I'm g... Read more

A:Panda Active Scan and Kaspersky Online Scanner Not Working in IE

Hello

Just ignore that step and continue with the rest of the steps.

Read other 3 answers
RELEVANCY SCORE 77.2

I have been running Spybot Search and Destroy, I use Spywareblaster, and Ad-Aware. I update them and run them often. Why then does Panda activescan find at least a dozen or more instances of spyware on my machine? Is Spybot S and D and the other programs I mentioned just not all that great, or is Panda just trying to sell their product?? Anyone have any opinions or suggestions??
 

A:Solved: Why does Panda active scan find adware-spyware??

Read other 12 answers
RELEVANCY SCORE 76.8

Incident Status Location

Spyware:Spyware/SafeSurf Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\ExtractDLL.dll
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\mit49.tmp[NNBar_VCSetup_876088_log.exe]
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\Marie\Local Settings\Temp\mit49.tmp.cab[NNBar_VCSetup_876088_log.exe]
Adware:Adware/Mirar ... Read more

A:Active Scan Report + DSS Report

hi EddyMeuh

Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.

===============================================

Additional Downloads

Please download these additional files/programs. Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.

=================


Download this file to your desktop.- Here

IMPORTANT - You must place combofix on your desktop!!

Double click on combofix.exe & follow the prompts.
When finished, it shall produce a log for you.

Post the ComboFix.txt in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall


=================

Please Run a scan with HiJackThis and save the log

=================

In your next post, please include fresh logs from: ComboFix.txt
HiJackThis
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

Read other 19 answers
RELEVANCY SCORE 76.4

Well i have another thread, but i already fixed the Trojan and this is different from Trojan so im making a new thread =/. Heres the panda scan
Potentially unwanted tool:Application/Service9x Not disinfected C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MorpheusBar\bar\2.bin\M0POPSWT.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MorpheusBar\bar\2.bin\MORPHBAR.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MorpheusBar\bar\2.bin\m0Plugin.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPMorpBr.dll
Potentially unwanted tool:application/altnet Not disinfected c:\windows\smdat32a.sys
Potentially unwanted tool:application/bestoffer Not disinfected c:\windows\smdat32m.sys
Adware:adware/instafinder Not disinfected c:\program files\INSTAFINK
Potentially unwanted tool:application/need2find Not disinfected c:\program files\Need2Find
Potentially unwanted tool:application/mywebsearch Not disinfected hkey_classes_root\clsid\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Adware:adware/rxtoolbar Not disinfected Windows Registry
Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
Spyw... Read more

A:Spyware and hacker root kits found by panda active scan

Heres part 2

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][1].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][6].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/Mysearch Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Wang family\Cookies\[email protected][1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Se... Read more

Read other 3 answers
RELEVANCY SCORE 76.4

When trying to access a site looked up on yahoo or google it redirects somewhere else. I tryed to run the online scan Panda but wasnt able to. When loading a page that I'm trying to access it takes a very long time to load. I'm currently running Vista and I cant play any old games either ex.. would be Call Of Duty 2 or Company of Heroes Thank you in advance for your help.








Deckard's System Scanner v20071014.68
Run by lennykandy on 2008-03-17 12:35:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
22: 2008-03-17 03:36:25 UTC - RP60 - Installed DirectX
21: 2008-03-17 01:36:35 UTC - RP58 - Installed AVG 7.5
20: 2008-03-17 00:48:49 UTC - RP57 - Installed AVG 8.0
19: 2008-03-17 00:20:47 UTC - RP56 - Installed Call of Duty(R) 2 Patch 1.3
18: 2008-03-17 00:01:00 UTC - RP54 - Installed Call of Duty(R) 2


-- First Restore Point --
1: 2008-03-06 18:48:07 UTC - RP33 - Windows Update


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1015 MiB (1024 MiB recommended).


-- HijackThis (run as lennykandy.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:46:51 PM, on 3/17/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\syst... Read more

A:Vista running slow/ keeps redirecting / coundlnt do panda active scan

Ok.We need to download ComboFix.exe. This will give a better view to the files running and also hidden on your computer.

Please visit this webpage for download links, and instructions for running the tool


When the tool is finished, it will produce a report for you. Please post the "C:\ComboFix.txt" along with a new HijackThis log so that we can continue to do any further cleaning that your system may require.

Caution: Never run and remove files with Combofix unless supervised by a security analyst.

Read other 1 answers
RELEVANCY SCORE 75.6

Good day experts,

Did a scan online with panda,it found:
Potentially unwanted tool:Application/Restart Not disinfected C:\WINDOWS\system32\Tools\Restart.exe

needed advice on what to do.
 

A:Solved: panda active online scan found potentially unwanted tool

Read other 8 answers
RELEVANCY SCORE 70

Aloha,
I tried to do a free Panda Active Scan on the Panda's website and it wants to install a file called "asinst.cab" on my computer. What is this, and is it necessary? I said no so I cannot run the active scan. This computer is using Microsoft XP and when I tried it on my other computer running Win98SE, it will run the active scan without installing the asinst.cab file. Oh, I looked at some of the hijack postings on this site, and it shows the asinst.cab related to hotmail. What has it to do with hotmail?? TIA

Mahalo,
doogdoog
 

A:Panda Active Scan "isinst.cab install"

bump
 

Read other 1 answers
RELEVANCY SCORE 65.2

hello,

my computer is affected by Generic.Brontok, and because of that it became very slow. i have posted panda active scan log.

my DSS main.txt log size is bigger than allowed size of post, so i have attached main.txt and extra.txt with this post.

waiting for your help.

Thanks.

Incident Status Location

Virus:W32/Brontok.P.worm Disinfected C:\Program Files\Softwin\BitDefender10\Quarantine\SERVICES.EXE
Virus:W32/Brontok.P.worm Disinfected C:\Program Files\Softwin\BitDefender10\Quarantine\LSASS.EXE
Virus:W32/Brontok.P.worm Disinfected ... Read more

Read other answers
RELEVANCY SCORE 62

i tried to do the on-line Panda scan a few times, once my dial-up connection disconnected it, and i couldnt get it back, and I tried it 2 more times and it stalled about 3/4 of the way thru, even tho i was still connected. When i do Spybot S&D scan it stalls midway too, several times, i have to keep moving my mouse around for a while to get it to start again. Why do u think this keeps happening on my computer?( Virus scan was negative, and i deleted some adware with a scan i did a day before.) I know the Panda scan used Actixe X which i had to download to do the scan. Should i delete it now? What would it look like and where would it be on the computer.?
I have an old Dell OptiPlex GX1 Pentium 2 with 350 MHZ, with 256 RAM and WIN ME O.S. with 10 G. storage with a slow dial-up connection. Thank in advance. ZUZU2
 

A:Panda scan and Spybot-S&D scan stalls mid-scan

This is my HJT log after running (sluggishly) Sbybot-S&D and finding no problem:
Logfile of HijackThis v1.99.1
Scan saved at 9:56:31 PM, on 2/2/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCTSKSHD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\DOWNLOAD\CONKEEPM.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\DIALER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\NETSCAPE WEB ACCELERATOR\NSACCEL.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\NETSCAPE INTERNET SERVICE\CSS.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: I... Read more

Read other 1 answers
RELEVANCY SCORE 59.6

Hi,

I'm sorry I'm not very good with computers and last year you guys helped me so much. I think I have the same problem again: viruses, malware, etc..

My system info:

Microsoft Windows XP
Version 2002
Service pack 2
Intel Celeron 2.13GHz
768 MB RAM

Hijackthis scan results:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:58 PM, on 9/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files... Read more

A:Scan results for Hijackthis/panda scan please help thank you

Hello,

I am concerned about the trojan viruses that I got from Limewire. I have since removed this unsafe program from my computer but would like help in getting my computer to be clean again.

Below is the updated hijackthis and panda scans of my computer.

Thank you for your time,

Danna


My system info:

Microsoft Windows XP
Version 2002
Service pack 2
Intel Celeron 2.13GHz
768 MB RAM


Panda Scan Results:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-20 16:45:43
PROTECTIONS: 1
MALWARE: 5
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Zone Alarm Security Suite 7.0.483.000 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type ... Read more

Read other 10 answers
RELEVANCY SCORE 58.4

Incident Status Location

Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\hggfcyy.dll
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\jack weisensee\Application Data\Mozilla\Firefox\Profiles\oemsy49j.default\cookies.txt[.com.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\jack weisensee\Application Data\Mozilla\Firefox\Profiles\oemsy49j.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Zedo ... Read more

A:Panda report

We dont really want to see your Panda scan report yet. :)

If you still require assistance, please follow MicroBell's 5 Step process - http://www.techsupportforum.com/secu...sting-log.html


I'm subscribed to this thread & would be notified of your reply.

Read other 7 answers
RELEVANCY SCORE 57.2

I posted earlier and found out to (I think!) do the Hijackthis and now would appreciate you checking this out and then telling me what to do. Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 12:31:43 PM, on 9/17/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE
C:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
C:\Program Files\Common Files\MotiveBrowser\MotiveBrowser.exe
C:\WINDOWS\System32\wuauclt.exe
c:\avr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Owner\My Documents\Hijackthis\HijackThis.exe

R1 - HKCU\Softwa... Read more

A:Hijackthis report for Panda problems

Read other 7 answers
RELEVANCY SCORE 57.2

My computer was infected by SpywareQuake awhile ago, i followed the instruction step by step and the SpyQuake was removed, it was gone. And now it appears again in my active scan again (but i dont see any windows pop up in the bottom right of the screen saying that "my computer is seriously infected" like before). So im just wondering that there are something that i missed or my computer is infecting again. I greatly appreciate you guys can help me out, thank you so very much
Here is my Activescan log:

Incident Status Location

Potentially unwanted tool:Application/SpywareQuake Not disinfected C:\Documents and Settings\DJ Empty\Local Settings\Application Data\Mozilla\Firefox\Profiles\m60uft4t.default\Cache\551FE075d01
Adware:Adware/DollarRevenue Not disinfected C:\Documents and Settings\DJ Empty\Local Settings\Temporary Internet Files\Content.IE5\L1IC6IGI\drsmartload[1].exe
Adware:Adware/BrowserAid Not disinfected E:\RECYCLER\S-1-5-21-1644491937-1972579041-839522115-1003\De27\Temp\_ps_inst_exe.vir[rundll16.exe]
Adware:Adware/BrowserAid Not disinfected E:\RECYCLER\S-1-5-21-1644491937-1972579041-839522115-1003\De27\Temp\_ps_inst_exe.vir[rundll16.dll]


And Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 6:44:24 AM, on 4/1/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\s... Read more

A:Scan found Spyware Quake in my system! (HJT and Active scan included)

Read other 16 answers
RELEVANCY SCORE 55.6

I think I have some hidden nasties in my pc. Unless its all my anti spy programs trying to report each other!

I was getting alerts about ComboFix when I ran that, I think it was PrevX or counterSpy giving me the warnings to block or ignore, apparently it has malware inside it? SWSC.CFEXE in c:\combofix\swsc.cfexe malware
and warnings of hidden extension.bat in c:\comobofix.txt.bat

Was getting messages about NirCmd 8389.cfexe too.

Prevx1 found SWSC.exe (malware) in c:\windows\system32\SWSC.exe

Spy doctor found

registrykey - trojan.PWS Tanspy in HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\currentversion\controlpanel\load

Spy doctor also finds
Trojan.Downloader.Small.CML in the system restore files where I had to do a system restore to get rid of it.

Panda online active scan found and disinfected 2 virus and found 5 hacking tools. Couldn't seem to update the AVGantispyware after i downloaded it, it couldn't connect to the server and i checked my zonealarm theres nothing stopping it.

Panda active scan.

Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Jay\Desktop\ComboFix.exe[ComboFixT\nircmd.exe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Jay\My Documents\Unzipped\SmitfraudFix\Process.exe
Virus:Trj/Shutdown.Z Disinfected C:\Documents and Settings\Jay\My Documents\Unzipped\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WIN... Read more

A:HJT and panda active log files. (5 hacking tools found)

*bump* in the hope that someone notices
 

Read other 1 answers
RELEVANCY SCORE 55.6

My PC would appear to be infected with a mailing bug. When i switch the PC on it starts sending out emails, that some get blocked and returned via Norton with the code 1003,11. This can go on for hours until symantec encountera a problem and shuts down. This then leads to the mailings stopping but also the send and receive function in outlook then fails. When i look in my sent items box i dont appear to have anything there.

I have tried both Norton Antivirus and Norton online scanner, trend online scanner, panda, and Kaspersky. I have ran adaware, cc cleaner, spyware blaster, s&d etc.

I have followed the 5 steps, and panda came back clean as did everthing else.

Iam using windows XP profesional Version 2002 SP2 and my ISP is BT with BT Yahoo! software (Norton inclusive)

MY Hijack this log is as follows:

Deckard's System Scanner v20071014.68
Run by Sean Osborne on 2008-02-06 18:24:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-02-06 18:24:17 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Sean Osborne.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:36, on 06/02/2008
Platfor... Read more

A:Panda Active results no infection - but still mass e-mails are being sent

please BUMP

Read other 19 answers
RELEVANCY SCORE 55.2

could not fit all reports in one post so all the ewido report is in my reply.

i am still having my original problem where my mouse moves at a hyper speed and starts right and left clicking everything it touches. but the person who helped me originally told me to post these three things so i assume the problem shoudlnt be fixed yet.
Logfile of HijackThis v1.99.1
Scan saved at 12:51:30 AM, on 8/19/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\BelkinMonitor.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://s-redirect.com/?a=2&b=n-ex
R1 - HKCU\Softw... Read more

A:hjt log, ewido scan and active scan reports

ewido report still too long... continued into next post

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 12:09:43 AM, 8/19/2005
+ Report-Checksum: 384EC406

+ Scan result:

HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Spyware.InternetOptimizer : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2E246FAE-8420-11D9-870D-000C2917DE7F} -> Dialer.Generic : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Spyware.MoneyTree : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{1C01D150-91A4-4DE0-9BF8-A35D1BDF1001} -> Spyware.SafeSurfing : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Spyware.WinAd : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib... Read more

Read other 2 answers
RELEVANCY SCORE 55.2

hi all, i have run the scan on panda and got this:

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-09 10:52:11
PROTECTIONS: 1
MALWARE: 30
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
McAfee VirusScan Enterprise 8.5.0.781 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Sett... Read more

A:panda scan log - what now?

can anyone help with this?

everytime i try to use IE i get another screen which freezes and will not open the homepage?

Read other 1 answers
RELEVANCY SCORE 55.2

Hi People,

It has been a while and was pleased about that, it meant no problems , but I have a new laptop and I have updated Panda Virusscan but it just won't scan. It'll say connecting to the server, it will start scanning for a couple of files and then jams every single time. I'm a little worried about it. Is it a setting that might be wrong?

Where are safe internet online scans I can do to see if I have something or another? Or do I need to make a seperate thread for that question in the malware forum? I am not really sure it is malware hence I posted here.

Hope somebody can help me out!

Have a nice evening
 

A:Panda won't scan

Read other 16 answers
RELEVANCY SCORE 55.2

here is a copy of my panda scan:

A:panda scan...need help..

Please download, update and run (one at a time of course!) Spybot Search & Destroy v1.4 and Ad-aware SE v1.06 . Fix whatever they suggest.

If you would like to learn more about how to use these two programs with the proper settings you can read the tutorials below:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer:

Using Spybot - Search & Destroy to remove Spyware, Malware, & Hijackers from Your Computer.

Anti-trojan
Please download, update and run the A2 (A squared) anti-trojan. Let it fix whatever it wants to.

Anti-virus
Also, run this pc through the...
Panda Online virus scanner
or
Trend Micro Housecall Online virus scanner

Let it delete whatever it finds. If it cannot delete it, then post the log and we will delete it manually.


=============================================

Please download the trial version of Ewido/AVG Anti-Spyware 7.5
here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
http://www.pchell.com/support/safemode.shtml


... Read more

Read other 19 answers
RELEVANCY SCORE 55.2

Hi

I just did a Panda online scan and was wondering how I can get rid of these 2 virus's that it found.

Incident Status Location

Adware:Adware/VirtualBouncer No disinfected Windows Registry
Adware:Adware/WUpd No disinfected C:\WINDOWS\Downloaded Program Files\ActiveX.inf
I run windows xp home addition with pretty much all the security that I thought I would need

AVG antivirus
Alpha Shield external firewall

AdAware SE
SpyBot

Also when you click on tools, internet options, settings and then view options can you safely remove those programs in there that say damaged or unknown?

RAndy
 

A:Panda Scan

didn't it put the viruses in the vault ? just right click on the vault to delete them. new AVG update today also.
 

Read other 2 answers