Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Running Panda Activescan

  • This topic is locked This topic is locked
4 replies to this topic

#1 jackiemarie


  • Members
  • 417 posts
  • Gender:Female
  • Local time:07:38 AM

Posted 06 December 2007 - 10:11 PM

I've run the free online Panda Activescan several times; each time it says I have a spyware cookie in the searchportal, and it will cost $12.95 to disinfect it. Each time, while Panda is running a full My Computer scan, the Webroot SpySweeper produces an alert that says; IEXPLORE.EXE is trying to make changes to your Hosts File, SpySweeper recommends that be blocked, so I click to block the change. Immediately, another alert appears: IEXPLORE.EXE is attempting to make changes to the Hosts file (through a web IP address), and again I block it. If I don't choose block or unblock, SpySweeper says it will block it. Then while I'm saving the Panda scan results, a Microsoft Office Outlook box comes up: "No profiles have been created. Use the Mail Icon on the Control Panel."
I do not have Microsoft Office54.; I have Works and use Outlook Express.

Is it normal for this to keep happening? Should I unblock it? If it is a Microsoft process, then why would SpySweeper block it? These alerts only come up when running Panda Activescan 5.54.01.

EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.

BC AdBot (Login to Remove)


#2 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,404 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:07:38 AM

Posted 06 December 2007 - 11:39 PM

Please try this

Download and scan with SUPERAntiSypware Free
Double-click SUPERAntiSypware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from HERE and unzip into the program's folder.)
Under "General and Startup", make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining.

Click the "Close" button to leave the control center screen and exit the program.
Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with SUPERAntiSpyware as follows:
Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
On the left, make sure you check C:\Fixed Drive.
On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes" and reboot normally.
To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Click Close to exit the program.

Edited by boopme, 06 December 2007 - 11:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jackiemarie

  • Topic Starter

  • Members
  • 417 posts
  • Gender:Female
  • Local time:07:38 AM

Posted 07 December 2007 - 09:20 AM

Thank you, I will do your instructions when I get home tonight.

Your quote is 2 Tim. 4:3; I appreciate your spirit.

(I apologize again; I submitted this post before knowing about your correction to me).

EAM, Malware Bytes Premium

HP g7- Windows 7 Home Prem 64-bit - Intel i3 - 6 GB Ram

What you value is your reward.

#4 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,591 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:38 AM

Posted 07 December 2007 - 10:08 AM

I've run the free online Panda Activescan several times; each time it says I have a spyware cookie in the searchportal, and it will cost $12.95 to disinfect it.

ActiveScan does not remove adware/spyware but will autoclean for viruses/worms and uses low-level scanning to combat rootkits. There is no need to purchase anything if asked. You can use SuperAntispyware as boopme instructed to remove what Panda will not disinfect.

SpySweeper has a two step HOSTS file protection which includes notification and prompt to allow/disallow changes and a Host File Shield that adds entries to your HOSTS file. From the SpySweeper help file:

...Monitors the Hosts file for any changes. Some programs will add or change the IP address for a Web site in the Hosts file. When you try to go to the added or changed Web site, you will really go to a different Web site, such as an advertising site. This shield ensures that programs do not change an IP address without your knowledge...

Cookies are text string messages given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose of cookies is to identify users and prepare customized Web pages for them.

The type of cookie that is a cause for concern are "tracking cookies" because they can be considered a privacy risk. These types of cookies are used to track your Web browsing habits (your movement from site to site). Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. They are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners. Cookies are NOT a "threat". As text files they cannot be executed to cause any damage. Cookies do not cause any pop ups nor do they install malware.

As long as you surf the Internet, you are going to get cookies and some of your security programs will flag them for removal. However, you can minimize this by reading "Blocking & Managing Unwanted Cookies" and "Block Third-Party Cookies in IE7".
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 TMacK


  • Members
  • 4,672 posts
  • Gender:Male
  • Location:B.C. Canada
  • Local time:04:38 AM

Posted 07 December 2007 - 10:40 AM

Since you have a HJT log posted in the HijackThis Logs and Malware Removal forum, you shouldn't make any changes to your system.
Doing so, could change the results of the posted log, making it difficult to properly clean your system.

At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

This topic will now be closed, since you have an open log posted.
If you have any questions, feel free to send me a PM.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users