Dcad ads spy/malware
- Thread starter kenaki
- Start date
- Status
AlbertLionheart
Posts: 1,997 +3
Have you tried pestpatrol - can be good at clearing difficult nasties.
Also go to majorgeeks.com, download and run hijackthis and post a log,
Also go to majorgeeks.com, download and run hijackthis and post a log,
Just adding TechSpot links to your post
Trend Micro HijackThis 2.0.2 Download
PestPatrol 8.0 Download
All TechSpot Security Downloads
TechSpot is full of these links
Trend Micro HijackThis 2.0.2 Download
PestPatrol 8.0 Download
All TechSpot Security Downloads
TechSpot is full of these links
Hijack this report and Pest patrol 8
Dear Albert & Kimsland,
Thank you for your quick responds. I did scan my compy with Pest Patrol 8 and found 3 malware but unfortunately the pest patrol just did scanning but doesn't want to remove them as it is only a trial version.
I am attaching the Hijack this result below. Let me know what to do next .
Thanks.
Ken
Dear Albert & Kimsland,
Thank you for your quick responds. I did scan my compy with Pest Patrol 8 and found 3 malware but unfortunately the pest patrol just did scanning but doesn't want to remove them as it is only a trial version.
I am attaching the Hijack this result below. Let me know what to do next .
Thanks.
Ken
Hi kenaki,
I'm so sorry about that, I've used it myself before, but I thought AlbertLionheart, knew something I didn't, as when I used it, it was the same deal.
At least you're positive now that you have issues (already Known)
Anyway, you must follow these proceedures to the T, and then post back, to get support.
More scans!! But these ones won't ask for payment
Viruses/Spyware/Malware, preliminary removal instructions
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
I'm so sorry about that, I've used it myself before, but I thought AlbertLionheart, knew something I didn't, as when I used it, it was the same deal.
At least you're positive now that you have issues (already Known)
Anyway, you must follow these proceedures to the T, and then post back, to get support.
More scans!! But these ones won't ask for payment
Viruses/Spyware/Malware, preliminary removal instructions
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
AlbertLionheart
Posts: 1,997 +3
I have a copy of PestPatrol which I downloaded for free. It was a long time ago but I think it came from http://www.pestpatrol.com/home.htm - if this is same one as you have tried I am sorry!
Your hijack this log has nothing sinister in it but please rename the program from hijackthis.exe to analyse.exe and run it again. There nasties that recognise hijack this and hide!
Your hijack this log has nothing sinister in it but please rename the program from hijackthis.exe to analyse.exe and run it again. There nasties that recognise hijack this and hide!
New logs..
I have downloaded and reinstalled the pest patrol link that you gave me, unfortunately, it's also a trial version now. Anyway, I already changed the hijack.exe to crusty.exe and did the preliminary scanning and now am attaching the new logs from Hi jack this, combo fix and AVGantispyware.
The result of the panda anti rootkit and avg anti virus is clean and no threat found. I'm waiting for your next instruction...
I don't know if this is related, but my laptop also shuts down frequently by itself when I do the scanning in safe mode. This also happens whenever I reinstall the windows xp but never happen when it is on normal mode after the installation is complete.
After each shut down, the power management settting on the hard drive has always turned back to 30 minutes (my original setting) even though I did change it to never shut off previously ( I did click apply and ok).
I did disable the Real time monitoring programs , should I turn it back on now ?
Btw, I live in the U.S. .
Thanks
I have downloaded and reinstalled the pest patrol link that you gave me, unfortunately, it's also a trial version now. Anyway, I already changed the hijack.exe to crusty.exe and did the preliminary scanning and now am attaching the new logs from Hi jack this, combo fix and AVGantispyware.
The result of the panda anti rootkit and avg anti virus is clean and no threat found. I'm waiting for your next instruction...
I don't know if this is related, but my laptop also shuts down frequently by itself when I do the scanning in safe mode. This also happens whenever I reinstall the windows xp but never happen when it is on normal mode after the installation is complete.
After each shut down, the power management settting on the hard drive has always turned back to 30 minutes (my original setting) even though I did change it to never shut off previously ( I did click apply and ok).
I did disable the Real time monitoring programs , should I turn it back on now ?
Btw, I live in the U.S. .
Thanks
I'm no expert on HijackThis logs, but I could not find any issues, except:
As for wondering about other firewalls to stop these nasties.
Actually a firewall alone does not stop these nasties, generally they are from going on the web to places not normally visited. Including p0rn and gaming sites. Plus also receiving email attachments. And a large variety of other areas.
Firewalls were made to stop either your programs and data from being sent online.
Or other computer or malicious web based programs accessing you computer.
They cannot stop harmful stuff that you allow to be downloaded to your computer, nor will they inform you of their existace on your drive.
As your concern is about stopping "pests" on your computer.
You could change your Internet behaviour, or you could use number of free Spyware/Malware tools available. But be aware that you would usually need to install at least 5 different Spyware programs, to actually be safe.
Why?
Because each Spyware/Adware/Trojan/Malware/Rootkit/ (and others) program only specialize in one area, and also provide some (minimal) scanning of other areas. No one has made one, be all and end all, pests removal program (I'm positive) The only program that comes close is www.hitmanpro.com because this program runs a whole range of programs automatically (and scanning lasts hours)
In saying this, it is still wise to have a firewall, Windows firewall (Accessed in Control Panel) being the worlds most used firewall, is counted as one of the weakest firewalls, allowing all your programs to access the Net, without question.
Therefore most users use a personnal firewall some are Free (offering firewall protection Only) and some are Not Free (offering Firewall/Antivirus/Basic Spyware protection and more)
The choice is yours, and this all depends on your Internet surfing behaviour.
Did you want anymore information ?
I would remove this file "BrowsingProgram-2.dll"
As for wondering about other firewalls to stop these nasties.
Actually a firewall alone does not stop these nasties, generally they are from going on the web to places not normally visited. Including p0rn and gaming sites. Plus also receiving email attachments. And a large variety of other areas.
Firewalls were made to stop either your programs and data from being sent online.
Or other computer or malicious web based programs accessing you computer.
They cannot stop harmful stuff that you allow to be downloaded to your computer, nor will they inform you of their existace on your drive.
As your concern is about stopping "pests" on your computer.
You could change your Internet behaviour, or you could use number of free Spyware/Malware tools available. But be aware that you would usually need to install at least 5 different Spyware programs, to actually be safe.
Why?
Because each Spyware/Adware/Trojan/Malware/Rootkit/ (and others) program only specialize in one area, and also provide some (minimal) scanning of other areas. No one has made one, be all and end all, pests removal program (I'm positive) The only program that comes close is www.hitmanpro.com because this program runs a whole range of programs automatically (and scanning lasts hours)
In saying this, it is still wise to have a firewall, Windows firewall (Accessed in Control Panel) being the worlds most used firewall, is counted as one of the weakest firewalls, allowing all your programs to access the Net, without question.
Therefore most users use a personnal firewall some are Free (offering firewall protection Only) and some are Not Free (offering Firewall/Antivirus/Basic Spyware protection and more)
The choice is yours, and this all depends on your Internet surfing behaviour.
Did you want anymore information ?
Thanks for your info kim.. so.. are you saying that there is no malware in my compy now ? I removed that browsing program already. Yes, I do have some more questions :
1. I have downloaded the Zone alarm firewall, do I need to uninstall the windows xp firewall ? Is it necessary/better to have 2 or more firewall installed ?
2. Do you know any freeware that can convert all kinds of video format (divx, flv, avi, mpeg etc} and burn to DVD and VCD ? I guess I got all those pests when I downloaded some of these free converters. Do you know any that runs (convert) fast cause all the converters that i tried take hours just to convert and more hours to burn ?
3. Is there any other action that I should take concerning the malware or my compy is already clean ?
1. I have downloaded the Zone alarm firewall, do I need to uninstall the windows xp firewall ? Is it necessary/better to have 2 or more firewall installed ?
2. Do you know any freeware that can convert all kinds of video format (divx, flv, avi, mpeg etc} and burn to DVD and VCD ? I guess I got all those pests when I downloaded some of these free converters. Do you know any that runs (convert) fast cause all the converters that i tried take hours just to convert and more hours to burn ?
3. Is there any other action that I should take concerning the malware or my compy is already clean ?
captaincranky
Posts: 19,684 +8,825
Good Spy Ware......!
This won't help with your current problem. But, installing Mcafee Site Advisor might help a great deal in the future. http://www.siteadvisor.com/download/ffmedia.html?cid=21638&gclid=CL35hKCWuJECFQKWHgodlhfwyQ
Good spyware would spy out for you, not in at you, that's what this does!
This won't help with your current problem. But, installing Mcafee Site Advisor might help a great deal in the future. http://www.siteadvisor.com/download/ffmedia.html?cid=21638&gclid=CL35hKCWuJECFQKWHgodlhfwyQ
Good spyware would spy out for you, not in at you, that's what this does!
1.
Zone Alarm firewall (or any third party firewall) will automatically (or at least prompt you) to disable Windows Firewall.
No, you should not have more than one firewall installed. The reason being that one firewall may be set to allow communication, (on particular programs/ports) and the other firewall may be set to block this communication; thus causing errors.
2.
I agree that the best movie converters are the bought ones, the free ones have limitations (no ipod etc) the price of these converters are not all that high. You will need to shop around.
Depending on the size and format of the original file, the converters can take a long time.
3.
As I mentioned, you could actually do a full scan with www.hitmanpro.com, it's slow, but it's thorough and free! It's stated that 99% of all computers have some malware present, on the smallest level this may be cookies.
To safe gaurd against further malware on your computer, can be another exhaustive document. The general rule of thumb, is to do a full scan ONLY when you notice your computer has slowed or if you are aware of malware infection or every 3months (depending on web activity) I personnally do not believe that you need these scanners running all the time, slowing your system (but others do ie Spybots S&D teatimer, but I don't think so)
Please continue to ask any further questions, relating to any other concern that is still bothering you.
Note: General malware information can be a mile long, so if you would like to keep your questions more specific, the answers may given greater impact.
Zone Alarm firewall (or any third party firewall) will automatically (or at least prompt you) to disable Windows Firewall.
No, you should not have more than one firewall installed. The reason being that one firewall may be set to allow communication, (on particular programs/ports) and the other firewall may be set to block this communication; thus causing errors.
2.
I agree that the best movie converters are the bought ones, the free ones have limitations (no ipod etc) the price of these converters are not all that high. You will need to shop around.
Depending on the size and format of the original file, the converters can take a long time.
3.
As I mentioned, you could actually do a full scan with www.hitmanpro.com, it's slow, but it's thorough and free! It's stated that 99% of all computers have some malware present, on the smallest level this may be cookies.
To safe gaurd against further malware on your computer, can be another exhaustive document. The general rule of thumb, is to do a full scan ONLY when you notice your computer has slowed or if you are aware of malware infection or every 3months (depending on web activity) I personnally do not believe that you need these scanners running all the time, slowing your system (but others do ie Spybots S&D teatimer, but I don't think so)
Please continue to ask any further questions, relating to any other concern that is still bothering you.
Note: General malware information can be a mile long, so if you would like to keep your questions more specific, the answers may given greater impact.
Thank you
I guess... my compy is now ok then. except from harmless cookies.. and you have answered all my questions very well
So I'd like to thank all of you kimsland, albert lioneart for helping me. with this malware issue. Also to captaincranky, thanks for the site advisor.
Keep up the good works bro....
I guess... my compy is now ok then. except from harmless cookies.. and you have answered all my questions very well
So I'd like to thank all of you kimsland, albert lioneart for helping me. with this malware issue. Also to captaincranky, thanks for the site advisor.
Keep up the good works bro....
Trojans infection
Dear all,
Sorry to bug you again.
When I ran the Hitman Pro, it detects a lot of infections though relatively low risk but one thing that worry me is the trojan PWS.Tanspy, Trojan.generic that were detected by Spyware Doctor but not cleaned/fixed. They are medium threat and attempt to steal password. Could you guys help me get rid of these 2 trojan pests ?
Thanks.
Dear all,
Sorry to bug you again.
When I ran the Hitman Pro, it detects a lot of infections though relatively low risk but one thing that worry me is the trojan PWS.Tanspy, Trojan.generic that were detected by Spyware Doctor but not cleaned/fixed. They are medium threat and attempt to steal password. Could you guys help me get rid of these 2 trojan pests ?
Thanks.
Name: Trojan-PWS.Tanspy
Threat Level: High
Description: Trojan.PWS.Tanspy will install itself on to an infected computer as a Browser Helper Object (BHO). This Trojan will then be activated each time an instance of Internet Explorer is launced and will attempt to steal passwords.
Type: Keylogger, Trojan
Also known as: Adware-BHO.dr[McAfee] Infostealer.Bzup[Symantec] Proxy-Agent.o
Some filenames that PWS.Tanspy can be related to:
ipv6mons.dll
i93.exe
mskvtns.dll
And inside registry:
DABCE839-3831-3818-AF3A-3837BCD324D2
Please view the HitmanPro log, does it refer to any particular file or location ?
Usually it is just a matter of removing that file itself.
Most likely cause that Spyware Doctor could not remove, was due to the fact that you have exceeded your trial period (ie you have run Spyware Doctor before)
If it was the first time run of Spyware Doctor, the suspected files would have been removed automatically.
Anyway, how did you feel about the program - worth doing ?
Do you feel your system is better for it ?
Threat Level: High
Description: Trojan.PWS.Tanspy will install itself on to an infected computer as a Browser Helper Object (BHO). This Trojan will then be activated each time an instance of Internet Explorer is launced and will attempt to steal passwords.
Type: Keylogger, Trojan
Also known as: Adware-BHO.dr[McAfee] Infostealer.Bzup[Symantec] Proxy-Agent.o
Some filenames that PWS.Tanspy can be related to:
ipv6mons.dll
i93.exe
mskvtns.dll
And inside registry:
DABCE839-3831-3818-AF3A-3837BCD324D2
Please view the HitmanPro log, does it refer to any particular file or location ?
Usually it is just a matter of removing that file itself.
Most likely cause that Spyware Doctor could not remove, was due to the fact that you have exceeded your trial period (ie you have run Spyware Doctor before)
If it was the first time run of Spyware Doctor, the suspected files would have been removed automatically.
Anyway, how did you feel about the program - worth doing ?
Do you feel your system is better for it ?
Trojan-PWS.Tanspy
The hitman pro doesn't give me any info log, it just generated report . I can't attach the report as it is in html format and if I convert it to text, the words will be jumbled and confusing to read. but I learned about this virus from the spyware doctor scan result. It is located at the registry : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Current Version\Controlpanel\load
Should I delete this whole registry ? and how do I do it safely without messing up my system ?
I googled this trojan and some say they could be false positive. What do you think in my case ?
I never installed spyware doctor before and it's not removing it because it is another version downloaded by hitman pro and it asked me to buy in order to fix the threats.
I feel more secure after I installed all these spyware busters but am not really sure if hitman pro did get rid of the nasties because at the end it just showed that I had 6 files infected and many cookies but not specifically said they are fixed or removed/deleted. I wonder if it just scan and tell.
The hitman pro doesn't give me any info log, it just generated report . I can't attach the report as it is in html format and if I convert it to text, the words will be jumbled and confusing to read. but I learned about this virus from the spyware doctor scan result. It is located at the registry : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Current Version\Controlpanel\load
Should I delete this whole registry ? and how do I do it safely without messing up my system ?
I googled this trojan and some say they could be false positive. What do you think in my case ?
I never installed spyware doctor before and it's not removing it because it is another version downloaded by hitman pro and it asked me to buy in order to fix the threats.
I feel more secure after I installed all these spyware busters but am not really sure if hitman pro did get rid of the nasties because at the end it just showed that I had 6 files infected and many cookies but not specifically said they are fixed or removed/deleted. I wonder if it just scan and tell.
I don't have the "Controlpanel" key under my registry.
So what I'd suggest is to:
Run Regedit:
Locate (expand each plus sign)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Current Version\Controlpanel\load
Right click on "Controlpanel" and select Export
Type a name in like Backup.reg, and confirm where you are saving it to (My Documents?)
Then once that registry is backed up
Again right click on "Controlpanel" and select Delete
(you may be prompted to confirm deletion - OK)
Restart your computer and confirm all is OK
-----------------------------
Just another point in relation to HitmanPro (sorry after years of using it, and lots of information from the site and myself)
I have found it is the number one Spyware/Malware/Virus remover
The only issue is that when first starting the program, you must select automatically remove threats. If you did do this (the default setting mind you) then I have to say the spyware doctor believes it has been used before on your system, because HitmanPro have been given rights by spyware doctor to allow removal of found files (but once only rights) Unless this has changed recently.
So what I'd suggest is to:
Run Regedit:
Locate (expand each plus sign)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Current Version\Controlpanel\load
Right click on "Controlpanel" and select Export
Type a name in like Backup.reg, and confirm where you are saving it to (My Documents?)
Then once that registry is backed up
Again right click on "Controlpanel" and select Delete
(you may be prompted to confirm deletion - OK)
Restart your computer and confirm all is OK
-----------------------------
Just another point in relation to HitmanPro (sorry after years of using it, and lots of information from the site and myself)
I have found it is the number one Spyware/Malware/Virus remover
The only issue is that when first starting the program, you must select automatically remove threats. If you did do this (the default setting mind you) then I have to say the spyware doctor believes it has been used before on your system, because HitmanPro have been given rights by spyware doctor to allow removal of found files (but once only rights) Unless this has changed recently.
- Status
Similar threads
Latest posts
-
Worry your friends with this $9,420 flamethrower robot dog
- Tinderbox replied
-
Researchers have unlocked the "Holy Grail" of memory technology- DanteSmith replied
