-
Latest scan results...
Spybot pros: The scan results from Ewido is an empty file. Not sure what happened with that. However, I can say that it appears most of my problems are gone. Thank you all so very, very, much! One thing to note is... the "free" Kaspersky scan wasn't available. I had to download a 30-day free trial in order to run it. My free trial expires at the end of Jan. 2006. In the mean time I will use Kaspersky until I figure out how to get "Active X" controls working. I need them (Active-X) to get the Norton Anti-Virus "Automated Assistant" to function; then I can hopefully debug the problem I am having with their software. I noticed someone posted a problem regarding Norton software that sounds similar to mine; so I will stay abreast of that situation; I may find some answers there. I've also been following the posts regarding Active-X controls.
You "Spybot guys" are awsome! As soon as I recover from the recent holiday "pocket-book" depletion (maybe in a couple weeks) I want you all to know I'll be making a donation ($$) to your work. You're "worth every penny" as the old saying goes. Thank you all again very much!
Respectfully, Jim
-
Yahoos is a seperate browser that uses Internet explorer, perhaps adjusting it and ie's security will help
Re-Adjust your security settings & ActiveX:
Go to Internet Options/Security/Internet(green&blue globe), press 'default level', then OK.
If its not available click the custom level button and change something ok then apply now
use the default button.
Then press Custom Level.
In the ActiveX section,
1rst: prompt or enable
2nd: disable
3rd: disable
4th: Prompt or enable
5th: prompt or enable
Installation of Desktop items" = Prompt
Launching programs and files in a IFRAME = Prompt
click apply > OK
Highlight the restricted zone,click custom level
and disable everything that can be, click OK
then click the advanced tab and
Uncheck: Install on demand (other), click Apply then Ok
http://www.mvps.org/winhelp2002/restricted.htm#Why
Start Hijackthis and place a check next to these items If there.
Close all browser windows and shut down all other programs that show in the taskbar.(even Folders)
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.iquicksearch.net/search.htm
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SpyBlocs] C:\Program Files\SpyBlocs\SpyBlocs.exe
4 - HKCU\..\Run: [Sguj] C:\WINDOWS\system32\l?gonui.exe
O4 - HKCU\..\Run: [WinFixer] C:\Program Files\WinFixer\WFX5.exe /min
O4 - HKCU\..\Run: [Lndt] "C:\Program Files\bcas\teas.exe" -vt mt
===================================
Hit fix checked and close Hijackthis.
Restart the PC
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In control panel addremove programs uninstall SpyBlocs (if there)
Set windows to show hidden extensions file's and folder's.
click for> instructions<.
delete these folders if present
C:\Program Files\SpyBlocs
C:\Program Files\WinFixer
C:\Program Files\bcas
Post a new log and let us know of any problems
-
Latest Scan / Log files...
:D Good morning all! I followed your latest instructions (Lonny) last night. I will see if I can get my Norton Anti Virus software working properly this evening. Hopefully the "Active-X" problems are resolved now & I can run Norton's "Automated Assistant". Man! That Kaspersky software is really good. It scrutinizes everything! While performing one of the scans (either Ad-Aware or Ewido); Kaspersky kept popping-up with msgs. several times informing me of Trojan attacks; recommending that I delete them; of course I did. I'm beginning to wonder if I should consider purchasing their product after my 30-day free trial ends; and dump my Norton software. If you have any comment or recomendations I will update my profile so that you can send me an e-mail to my home PC.
Oh yeah, I almost forgot. The Kaspersky scan result simply says no viruses found. No log file to save.
Thanks again to all for your time & expertise!
-
Hi
I dont see anything in that ewido log, was there with any error 's ?
The hijackthis log looks great
To prevent conflict's do not have more that one antivirus installed at a time
Yes i recommend Kaspersky over norton any day 
Put in place a good hosts file
http://www.mvps.org/winhelp2002/hosts.htm
How To Download and Extract the HOSTS file:
http://www.mvps.org/winhelp2002/hosts2.htm
Replace it about once monthly
How did that go ?
To help avoid reinfection see "So how did I get infected in the first place?"
http://forums.spybot.info/showthread.php?t=279
-
-
Hi
You could have copy then pasted them here rather that attach.
Maybe Re-Adjusting your security settings & ActiveX will help, did you do that ?
-
Copy & paste test...
Lonny: Yeah, I did reset my active-x IE control settings per instructions.
As for the copy & paste, it doesn't work. I just (right-mouse button) copied the file from my folder on C: drive & came here to this "post reply" window & went to (right-mouse button) paste... but the "paste" function is "greyed out". In fact all (cut, copy & paste) functions are greyed-out (unselectable).
If I could only get my "Manage Attachments" button to work at home as it does here at work... that would just about wrap-up all my problems.
Later man... Jim 
-
If i understand correctly, We cant copy a whole file into a post
Open the text then go file select all >file copy > then in a reply rightclick paste.
Perhaps these browser check will help
http://www.jasons-toolbox.com/BrowserSecurity/
http://www.browsertune.com/bt2kfast/
-
Lonny: Duh... why didn't I think of that :o (don't answer that)... it worked!
Here is my Ewido scan result from the other day... :D
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 9:34:07 PM, 12/27/2005
+ Report-Checksum: BCAB4F70
+ Scan result:
C:\Documents and Settings\Gnat.DIX-HOME-PC\Local Settings\Temporary Internet Files\Content.IE5\85ABCDAF\WinTS[1].cab/WToolsS.exe -> Downloader.Wintool.b : Cleaned with backup
C:\Documents and Settings\Gnat.DIX-HOME-PC\Local Settings\Temporary Internet Files\Content.IE5\ET0F2981\hotfix[1].cab/hotfix.exe -> Spyware.WebSearch : Cleaned with backup
C:\Documents and Settings\Gnat.DIX-HOME-PC\Local Settings\Temporary Internet Files\Content.IE5\ET0F2981\newmajorse2[1].cab/newmajorse2.txt -> Spyware.WebSearch : Cleaned with backup
C:\WINDOWS\Temp\~323065.tmp -> Spyware.Wintools : Error during cleaning
C:\WINDOWS\Temp\~770932.tmp -> Spyware.Wintools : Error during cleaning
C:\WINDOWS\Temp\~891705.tmp -> Spyware.Wintools : Error during cleaning
::Report End
-
Hi
Those are probaly inactive files, but lets get them
Use a program such as System Security Suite to clear temps, do so about once or twice a month
http://www.igorshpak.net/
If that site is unavailable use this link please
http://forums.subratam.org/index.php...=post&id=25013
Extract it from the zip file and run setup.exe
after the install you can delete setup.exe and the downloaded zip file
Start the program Check all the boxes under the 'Items to Clear' (except perhaps cookies) tab and click
'Clear Selected Items'. You will be prompted to reboot, do so.
Run ewido again and post a current log if there are any "Error during cleaning"
messages
Happy new years
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
