Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Keylog-sters?


  • This topic is locked This topic is locked
6 replies to this topic

#1 theman21

theman21

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 24 April 2006 - 01:23 PM

Hi, I think my computer is infected with the keylog-sters trojan. I have installed both Panda Platinum Internet Security 2006 and Spyware Doctor last version. This last detect the trojan and remove it, but malware return to the system and so on. Please somebody help me with this problem. :thumbsup:

This is the Hijackthis Log:

Logfile of HijackThis v1.99.1
Scan saved at 11:35:01 a.m., on 24/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\archivos de programa\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
C:\Archivos de programa\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Archivos de programa\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
C:\Archivos de programa\Microsoft IntelliPoint\point32.exe
C:\Archivos de programa\Java\jre1.5.0_06\bin\jusched.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Archivos de programa\Conceptworld\QNPlus\QNPlus.exe
C:\Archivos de programa\Sony Corporation\Image Transfer\SonyTray.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe
C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE
C:\Documents and Settings\iipsacun\Mis documentos\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.paguito.com/portal/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\ARCHIV~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARCHIV~1\FlashGet\jccatch.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\ARCHIV~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IntelliPoint] "C:\Archivos de programa\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Archivos de programa\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QNPlus] C:\Archivos de programa\Conceptworld\QNPlus\QNPlus.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Archivos de programa\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Archivos de programa\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Image Transfer.lnk = C:\Archivos de programa\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:\Archivos de programa\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Archivos de programa\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\ARCHIV~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARCHIV~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Archivos de programa\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {044123B5-35DF-4C4E-BAED-26B8ED964342} (HLiveRobotWeb Control) - https://update3.globalhauri.com/Custom/Live...iveRobotWeb.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {2882C368-D508-11D4-A2AB-000102598CE4} (LProtect Control) - http://fx.hauri.net/CLIENT/LiveSuite/livecall/livecall.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1138298356842
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmbox.itelcel.com/mmawap/jsp/compos...r/mmsPlayer.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...744/mcfscan.cab
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Archivos de programa\Archivos comunes\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\archivos de programa\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Archivos de programa\Spyware Doctor\sdhelp.exe
O23 - Service: SuperProServer - Unknown owner - C:\Archivos de programa\Rainbow Technologies\SPN Combo Installer\1.0.5\Server\WinNT\spnsrvnt.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Archivos de programa\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

BC AdBot (Login to Remove)

 


#2 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:50 PM

Posted 24 April 2006 - 02:44 PM

Hi theman21 :thumbsup:

Welcome to BC. I cannot see any malware in your log. Let's run a couple more scans and see what they come up with. But, first, let's clean the temp files so that the scanning time will be shortened.

1. Open My Computer
2. Right click on your hard drive that you wish to clean (C drive, for example)
3. In the context menu that opens, select properties
4. Under the general tab you should select Disk Cleanup
5. Windows will scan your drive which will take a few seconds/minutes
6. A box will display the various files you can remove.
Check all boxes except compress old files (If listed)
7. Click OK and windows will comply.

Restart your computer.

============================================

Download and install Ewido Anti-Malware

During the installation, uncheck the following under Additional Options:
Install background guard
Install scan via context menu


Check for updates but do not run it yet.

============================================

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
Look in here for more information.

==========================================

Run Ewido.
Click on Scanner
Click on Complete System Scan and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
When it asks if you want to clean the first file, put a checkmark in the lower left corner of the box that says 'Perform action with all infections' then choose clean and click OK.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report - click it.
Save the report.txt file to your desktop.

Now close Ewido-Anti-Malware.

Warning: While the scan is in progress, DO NOT open any folders or the Windows Control Panel !!

========================================

Reboot in Normal Mode and

Please do an online scan with Kaspersky Online Scanner
1. Click on Kapersky Online Scanner
2. A new smaller window will pop up. Press on Accept (after reading the contents).
3. Now Kapersky will update the anti-virus database. Let it run.
4. Click on Next/b]>Scan Settings, and make sure the database is set to "extended". And check both the scan options. Then click OK.
5. Then click on “My Computer". And the scan will start.
6. Once finished, save a log as ".txt" to the desktop. And restart.

For Kaspersky's WebScan you may need to set 'Download Unsigned Activex' to Prompt in order to get it to run.

In Internet Explorer, go to Tools > Internet Options > Security tab and select Custom Level. Scroll down and set Download unsigned Active X to [b]Prompt
. That should allow the Kaspersky scan to download the Active X after prompting you.

============================

Post back the scan results from Kaspersky and Ewido please.

#3 theman21

theman21
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 25 April 2006 - 10:57 AM

Hello AMATEUR!! :thumbsup:

THANK YOU SO MUCH BY REPLIED MY TOPIC, I DID WHAT YOU TOLD ME AND THE REPORTS IS SHOWN BELOW:

1. EWIDO REPORT:

---------------------------------------------------------
ewido anti-malware - Report de exploración
---------------------------------------------------------

+ Creado en: 04:28:02 p.m., 24/04/2006
+ Report-Checksum: 31F8970C

+ Scan result:

C:\Documents and Settings\PC\Cookies\pc@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Limpio con backup
C:\Documents and Settings\PC\Cookies\pc@adorigin[1].txt -> TrackingCookie.Adorigin : Limpio con backup
C:\Documents and Settings\PC\Cookies\pc@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Limpio con backup
C:\Documents and Settings\PC\Cookies\pc@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Limpio con backup
C:\Documents and Settings\PC\Cookies\pc@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Limpio con backup


::Fin Report


2. KASPERSKY REPORT 1 (IT WAS DONE YESTERDAY BECAUSE I NEEDED TO STOP THE SCAN (AROUND 63%)):

KASPERSKY ON-LINE SCANNER REPORTKASPERSKY ON-LINE SCANNER REPORT
Monday, April 24, 2006 6:47:33 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build
2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 25/04/2006
Kaspersky Anti-Virus database records: 189719


Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue

Scan TargetMy Computer
A:\
C:\
D:\
E:\
F:\

Scan Statistics
Total number of scanned objects38449
Number of viruses found1
Number of infected objects3
Number of suspicious objects0
Duration of the scan process01:06:52

Infected Object NameVirus NameLast Action
C:\Downloads\BitTorrent-4.2.1.exe/stream/data0009 Infected:
not-a-virus:RiskTool.Win32.PsKill.n skipped

C:\Downloads\BitTorrent-4.2.1.exe/stream Infected:
not-a-virus:RiskTool.Win32.PsKill.n skipped

C:\Downloads\BitTorrent-4.2.1.exe NSIS: infected - 2 skipped

Scan was interrupted by user!


3. 2. KASPERSKY REPORT 2:

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Tuesday, April 25, 2006 10:49:49 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 25/04/2006
Kaspersky Anti-Virus database records: 189825
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan Statistics:
Total number of scanned objects: 78812
Number of viruses found: 1
Number of infected objects: 3
Number of suspicious objects: 0
Duration of the scan process: 01:55:20

Infected Object Name / Virus Name / Last Action
C:\System Volume Information\_restore{95F9D9E3-406C-43A8-8008-F47B66346DED}\RP1\A0000184.exe/stream/data0009 Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{95F9D9E3-406C-43A8-8008-F47B66346DED}\RP1\A0000184.exe/stream Infected: not-a-virus:RiskTool.Win32.PsKill.n skipped
C:\System Volume Information\_restore{95F9D9E3-406C-43A8-8008-F47B66346DED}\RP1\A0000184.exe NSIS: infected - 2 skipped

Scan process completed.

#4 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:50 PM

Posted 25 April 2006 - 11:17 AM

Hi theman21,l

Yesterday's scan with Kaspersky shows Bittorent-4.2.1.exe as infected. Did you delete that? You can read more about the file sharing programs here. and maybe choose a cleaner one.

Ewido is only reporting some cookies which is normal. You'll get them whenever you visit a website. Clean your cookies regularly. Today's Kaspersky report is only showing some items in the system restore.

Disable and Enable System Restore If you are using Windows ME or XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point. Because Windows regularly sets restorepoints, it's very possible that the malware, you have removed, is still present in the System Restore. If you put Windows back to such a restorepoint, this malware will be put back, as well.

This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.) Please do this ONLY ONCE, not on a regular basis.

1. Right-click My Computer, and then click Properties.
2. On the System Restore tab, put a check mark in the 'Turn Off System Restore' check box.
3. Click OK, and then click Yes.

4. Restart the computer.
5. Repeat steps 1 - 2, this time clearing the box beside 'Turn Off System Restore', click 'OK'.

Reboot normally.

Here are some tips to keep your computer clean and safe:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialise and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.

Avoid illegal sites, because that's where most malware is present.

* Don't click on links inside popups.
* Don't click on links in spam messages claiming to offer anti-spyware software; because most of these so called removers ARE spyware.
* Download free software only from sites you know and trust. Because a lot of free software can bundle other software, including spyware.

Keep your antivirus-program up-to-date and do regular scans with it. Please make sure that you have only one active antivirus program on your system.
If you haven't got a antivirus, you can download and install one of the following free ones: Make sure that you have only ONE antivirus running on your computer as more than one would cause conflict and render the computer vulnerable.

AVG Free here
AntiVir here
Avast here

It is essential to keep the anti-virus program fully updated.
IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site <http://windowsupdate.microsoft.com/> to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site <http://office.microsoft.com/officeupdate/maincatalog.aspx?lc=en-us> and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.

Keep your pestware-scanners up-to-date and do regular scans with them.

To keep your computer free of Spyware, Adware, Hijackers etc., download and install the following free pestware-scanners (if you haven't installed them already):
AdAware here
Spybot here Remember to "immunize" after each update
Windows Defender here

Install realtime pestware-scanners and keep them up-to-date.

The following free realtime pestscanners prevent a number of malware-variants from entering your computer, in the first place:

SpywareBlaster here Remember to "enable all protection" after each update.
SpywareGuard here

If you haven't got one, already, install a firewall and keep it up-to-date. Please make sure that you have only one active firewall on your system.

A firewall will prevent unauthorized contact between your computer and internet.
If there is no firewall installed on your computer, you can download and install one of the following free firewalls:
ZoneAlarm here
Sygate here
Kerio Personal Firewall here
Outpost here
Important: (Windows XP only) If you install a firewall, be sure to turn off the WinXP-firewall!

Test your firewall here to make sure that it's working properly

Install these programs, to make surfing with Internet Explorer safer:

A popup-blocker, f.e. Google Toolbar here: A popup-blocker prevents popup-windows from opening, when you come along a websites that uses them, during internet-surfing.

IE-SPYAD here: This utility adds a long list of known bad sites to Internet Explorer's Restricted Sites zone. This prevents those sites from executing their malicious programs on your computer.

SiteHound by Firetrust
here:

Firetrust introduces the SiteHound Toolbar - the safe way to browse the Internet. With SiteHound, when you browse the Internet, you're shown a warning page every time you go to a site which is a known scam, potentially loads viruses or spyware on to your computer, has questionable content or anything you would not consider reasonable. You are shown a warning page with information about that site. From there you can choose to enter the site or go back. SiteHound is a free add-on to Internet Explorer.
SiteHound will alert you when you enter a site which is known to contain:
· Fraudulent claims or scams
· Offensive material
· Security vulnerabilities
· Spyware or Adware
· Spam related material
· or other content deemed to be unsafe
Specifically, SiteHound blocks these categories:

o Adult o Spyware o Spam Advertising o Phishing o Possible scam or fraud o Misleading or False Advertising
o Pharming o Rogue or Suspect Product o Adware o Malware or Virus

Install and use an alternative browser to surf on the internet.

Because Internet Explorer is the most-used browser on the planet, most of the hijackers, adware and spyware are made to abuse your computer thru Internet Explorer.
Here are some good alternative browsers:
Mozilla Suite here
Mozilla Firefox here
Opera here
Netscape here
Important: You can not uninstall Internet Explorer.
First of all, it's part of Windows and you'll need it to download and install Windows Updates.
Secondly, There are some sites that are only accessable with Internet Explorer, e.g. most of the Online Malware-scanners.

But above all, keep all your software UP-TO-DATE at all time!!

Also, I would recommend reading the excellent advice by Tony Klein: So how did I get infected in the first place

Happy and safe surfing. :thumbsup:

#5 theman21

theman21
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:50 PM

Posted 25 April 2006 - 11:39 AM

:thumbsup: THANKS AGAIN FOR YOUR SUPPORT, I DON'T KNOW HOW TO PAY EVERYTHING YOU DID IT FOR ME.

ABOUT THE BITTORRENT FILE, IT WAS DELETED.

I SWEAR YOU I'LL DO STEP BY STEP THE SUGGESTIONS YOU TOLD ME TO DO.

THANK YOU SO MUCH MAN!!!

AMATEUR MAN RULES!!

BEST REGARDS FROM MERIDA, YUCATAN, MEXICO.

BYE... AND GOOD LUCK :flowers:

#6 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:50 PM

Posted 25 April 2006 - 11:40 AM

You are very welcome. Glad we could help. :thumbsup:

Stay Safe. :flowers: :huh:

#7 amateur

amateur

    Malware Fighter


  • Malware Response Team
  • 2,775 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:50 PM

Posted 26 April 2006 - 04:56 PM

Since your problem appears to be resolved, this thread will now be closed. If you need this topic reopened, please PM me or a staff member with the address of the thread, and we will reopen it for you. This applies only to the original topic starter. Everyone else please begin a New Topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users