1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Email Problems. HJT Log included.

Discussion in 'Virus & Other Malware Removal' started by cutiecatuk, Feb 11, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. cutiecatuk

    cutiecatuk Thread Starter

    Joined:
    Jul 17, 2005
    Messages:
    75
    I am having lots of problems with my email. I think I have a worm as I am getting lots of returned email messages when I haven't been sending anything. I downloaded a new Norton but it has found nothing. Could someone please help me to get rid of this problem. This is my Hijack This log:

    Logfile of HijackThis v1.99.1
    Scan saved at 18:24:34, on 11/02/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
    C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\HPQ\SHARED\HPQWMI.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
    O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h20278.www2.hp.com/HPISWeb/Cu...ataManager.CAB
    O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
    O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/co...oScopeLite.cab
    O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://secure.sunterra.com/europe/downloads/svideo3.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
     
  2. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, Your log looks fine as far as any obvious malware.

    What I would do is scan online here:

    HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report


    As it says, make sure you Save Report and post the contents, but if NOTHING is found, of course just say so.
     
  3. cutiecatuk

    cutiecatuk Thread Starter

    Joined:
    Jul 17, 2005
    Messages:
    75
    Here is the report:


    Incident Status Location

    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.statcounter.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.com.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.burstnet.com/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.casalemedia.com/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.bs.serving-sys.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.xiti.com/]
    Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.apmebf.com/]
    Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.ct.360i.com/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[.as-eu.falkag.net/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[server.iad.liveperson.net/hc/74672439]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[server.iad.liveperson.net/]
    Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[server.iad.liveperson.net/hc/74672439]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[hc2.humanclick.com/hc/3684752]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[hc2.humanclick.com/]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Charlotte Notcutt\Application Data\Mozilla\Firefox\Profiles\cq0qhu3b.default\cookies.txt[hc2.humanclick.com/hc/3684752]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Charlotte Notcutt\Cookies\[email protected][2].txt

    Thank you in advance for your help.
     
  4. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, Well, nothing found except Cookies, you will always have some of those...

    Looks like your email address was picked up from somewhere and is being use to send spam. There is not much you can do about it, but your ISP should be contacted they may help you filter out the spoofed emails, which are returned to you though you actually did not send them.
     
  5. cutiecatuk

    cutiecatuk Thread Starter

    Joined:
    Jul 17, 2005
    Messages:
    75
    Thank you very much. I will contact my ISP. Can you recommend a spyware remover that will pick these cookies up.

    Cutie.
     
  6. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, I see you are using Ewido, that is a good program however it has changed hands... The new name, is AVG Antispyware.

    I believe the Ewido program continues to work, but it may be phased out, so I would download what is below, install, update it, and run a scan using the directions. Note that you should scan in Safe Mode- less chance of conflicts etc in Safe Mode.
    You should also Uninstall your old copy of Ewido from Control Panel, Add/Remove Programs
    before you install the new AVG Antispyware..

    Install and use directions for AVG Antispyware:
    You will need the correct steps to install and run a scan so here they are:
    Note:When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.

    You need to save these directions either to a Notepad text file, save to your desktop, I suggest as a filename, use steps.txt. Or, print this out.
    Please note that the actual scan will be run in Safe Mode, directions below

    Please download AVG Anti-Spyware to your Desktop or to your usual Download Folder.
    http://www.ewido.net/en/download/
    • Install AVG Anti-Spyware by double clicking the installer.
    • Follow the prompts. Make sure that Launch AVG Anti-Spyware is checked.
    • On the main screen under Your Computer's security
      (These settings may not be used anymore and the defaults of "N/A" are OK)
    • Click on Change state next to Resident shield. It should now change to inactive. (What shows is n/a =that's OK)
    • Click on Change state next to Automatic updates. It should now change to inactive. (same it should look like n/a)
    • Next to Last Update, click on Update now. (You will need an active internet connection to perform this)
    • Wait until you see the Update succesfull message.
    When the progress lines stop, ususally pressing "Start Update" will just
    change back- it's done if you don't get any further Updating activity)

    (Only If you are having problems with the updater, you can use this link to manually update AVG Anti-spyware. < only if you cannot update over the web.
    AVG Antispyware Updates
    Download the Full database to your Desktop or to your usual Download Folder and install it by double clicking the file. Make sure that AVG Anti-Spyware is closed before installing the update.)
    ______________________________


    • 1. On the main window, click on the "Scanner" button and choose the "Settings" tab.
      • Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
      • Under "How to Scan?" check all (default).
      • Under "Possibly unwanted software" check all (default).
      • Under "What to Scan?" make sure "Scan every file" is selected (default).
      • Under "Reports" select "Automatically generate report after every scan" and
        UNcheck "Only if threats were found".
      • 2. Click the "Scan" tab to return to scanning options. You don't scan just yet!
      • 3.If you were scanning now, you would Click "Complete System Scan" to start.
      • 4. When the scan finished you'd be presented with a list of infected objects found. Click "Apply all actions" to place the files in Quarantine.
      HOW TO SCAN- Please note the scan is done in Safe Mode-read on
    • If the computer is running, shut down Windows, and then turn off the power.
    • Reboot your computer TO Safe Mode. Here's how:
    • Wait 30 seconds, and then turn the computer on.
    • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
    • Ensure that the Safe Mode option is selected.
    • Press Enter. The computer then begins to start in Safe mode.
    • Login on your usual account.
    • Launch AVG Antispyware
    • Click "Complete System Scan" to start.

    IMPORTANT! Do not save the report before you have clicked the Apply all actions button. If you do, the log that is created will indicate "No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button!
    • 5. Click on "Save Report" to view all completed scans.
    • Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20072020-142816.txt.
    • Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\
    • 6. Exit AVG Anti-Spyware when done, reboot normally and submit the log report in your next response.



    Please note I have used our standard directions, and did not mean you have to post a log!
    But, if there IS anything found except the same type of Cookies, by all means, post it!

    Next: Here is a temp file cleaner, CleanUP! which I use, it's great.


    You should also benefit by using one of the free temp file cleaners- not that removing Cookies, that is all Cookies> will mean that you have to know and be able to type in your usernames and passwords, at all sites, like TSG, banks, any place you registered with an account the first time you visit these sites, your automatic logins will not work and you will have to type them in and login.

    Download Cleanup from here

    • Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
    • Click the Options... button on the right.
    • Move the arrow down to "Custom CleanUp!"
    • Put a check next to the following (Make sure nothing else is checked!):
      • Empty Recycle Bins
      • Delete Cookies
      • Cleanup! All Users
      Click OK
    • DO NOT RUN IT YET

    Now boot to safe mode.


    Run Cleanup:
    • Click on the "Cleanup" button and let it run.
    • Once its done, close the program.


    That's the best way to use it, I do use it from Normal Mode, but only just before the time at night I am shutting down> do Not use it in the middle of a session, only when you are done for the day/night.

    It will ask you to logoff and log back on and that is reccommended.
     
  7. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi catiecatuk, I am sorry, but I have had to modify the directions for AVG Antispyware I posted eariler....
    They are correct now, so just check my reply below, and re-save those directions. (y)
     
  8. cutiecatuk

    cutiecatuk Thread Starter

    Joined:
    Jul 17, 2005
    Messages:
    75
    I had already done it as per your earlier instructions. THere were just the same sort of tracking cookies. I have downloaded CleanUp! and am about to run that. Have had a reply from my ISP also and so will read there advice.

    Thanks.
     
  9. Byteman

    Byteman Gone but Never Forgotten

    Joined:
    Jan 24, 2002
    Messages:
    17,742
    Hi, Well then, just check my reply below with the correct steps in it, and compare to what the settings for AVG are, as it does make a difference.

    Post back when you find out anything helpful like from the ISP.


    You can be reasonably certain there is no ad or spy junk on there, since you have scanned with a good program and Panda online scan.

    The problem is most likely, on someone else's computer, who has your email address and it was found by some worm on there and is being "spoofed" by a spammer but you are getting those returned emails.

    It happens all the time, but it should go away by itself eventually- I know that is not much help, but it's impossible to stop it, except by using a good spam filter, or, changing the email addresses you use. That isnt much fun either, and sometimes it cannot be done if you must use your present email addys.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/543271

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice