We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
The Forum is currently experiencing technical issues which the team are working to resolve. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Any advice please
Comments
-
Spyware:Cookie/Belnk Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!6BB8E90E-ABFB-4F2C-AE6D-E8E2806AD855}.txt[!!6BB8E90E-ABFB-4F2C-AE6D-E8E2806AD855}.txt]
Spyware:Cookie/YieldManager Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!63F6613C-0E02-4DA7-B8C8-04736F3E6325}.txt[!!63F6613C-0E02-4DA7-B8C8-04736F3E6325}.txt]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!364A75D4-CDD2-4199-8CE6-FE7F3768B93D}.txt[!!364A75D4-CDD2-4199-8CE6-FE7F3768B93D}.txt]
Spyware:Cookie/Hitbox Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!420E8172-8643-4BD2-B10A-72DF37DC2F2E}.txt[!!420E8172-8643-4BD2-B10A-72DF37DC2F2E}.txt]
Spyware:Cookie/Hbmediapro Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!6A49759D-D625-4E6D-82C5-C2B575E79F09}.txt[!!6A49759D-D625-4E6D-82C5-C2B575E79F09}.txt]
Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!8FF3B031-1EE0-4D12-AFC4-DB794F9DB030}.txt[!!8FF3B031-1EE0-4D12-AFC4-DB794F9DB030}.txt]
Spyware:Cookie/WinFixer Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!48708CAF-7F3C-46BA-B6FC-B1329B99D47A}.txt[!!48708CAF-7F3C-46BA-B6FC-B1329B99D47A}.txt]
Spyware:Cookie/BurstNet Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{BB9BAC27-5A03-4067-A47B-52F16A8EBAD4}.txt[{BB9BAC27-5A03-4067-A47B-52F16A8EBAD4}.txt]
Spyware:Cookie/2o7.net Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!284B62F1-393A-4B30-8209-EEF59AB7D310}.txt[!!284B62F1-393A-4B30-8209-EEF59AB7D310}.txt]
Spyware:Cookie/Belnk Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{C7C39077-37D9-49F4-B79E-F09635732E0F}.txt[{C7C39077-37D9-49F4-B79E-F09635732E0F}.txt]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!28BDB1DF-BFE6-447E-99DD-7068398D39F3}.txt[!!28BDB1DF-BFE6-447E-99DD-7068398D39F3}.txt]
Spyware:Cookie/Hitbox Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!372E03D0-1238-4CC2-A4D2-D982BE65AB92}.txt[!!372E03D0-1238-4CC2-A4D2-D982BE65AB92}.txt]
Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!85E7089A-156D-4BCB-8A46-9CE7268605DA}.txt[!!85E7089A-156D-4BCB-8A46-9CE7268605DA}.txt]
Spyware:Cookie/Reliablestats Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!95B71BD2-2883-4CC6-8B1C-F6D94D1D67A6}.txt[!!95B71BD2-2883-4CC6-8B1C-F6D94D1D67A6}.txt]
Adware: Adware/SaveNow Not disinfected C:\Program Files\MyEmoticons\uninstall.exe
Adware: Adware/SaveNow Not disinfected C:\Program Files\MyEmoticons\My.Emo
Potentially unwanted tool: Application/Zango Not disinfected C:\Program Files\ProSiteFinder\Uninstall.EXE
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents And Settings\Dave\Cookies\dave@247realmedia[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents And Settings\Dave\Cookies\dave@xmts[1].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents And Settings\Dave\Cookies\dave@adviva[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents And Settings\Dave\Cookies\dave@atdmt[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents And Settings\Dave\Cookies\dave@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents And Settings\Dave\Cookies\dave@hitbox[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents And Settings\Dave\Cookies\dave@statse.webtrendslive[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents And Settings\Dave\Cookies\dave@statcounter[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents And Settings\Dave\Cookies\dave@adopt.hbmediapro[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents And Settings\Dave\Cookies\dave@advertising[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents And Settings\Dave\Cookies\dave@as1.falkag[1].txt
Virus: Trj/Dropper.GX Disinfected C:\WINDOWS\system32\msbb321.dll
Adware: Adware/nCase Not disinfected C:\WINDOWS\system32\BO2802040113.dll
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\inf\biini.inf
Adware: Adware/KeenValue Not disinfected C:\WINDOWS\Downloaded Program Files\imloader.exe
Potentially unwanted tool: Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
This is the end of the log. It was too long to fit in one post.Accept that some days you're the pigeon and some days you're the statue.0 -
OK. Lots of loose cannons to remove. Let's see if we can get your system cleaned up.
Again I suggest you print this out to help you.
> Go to this file (in BOLD) and remove it:
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
> Download Ad-aware SE here…
http://www.lavasoftusa.com/
Install it if you don't have it already. Make sure it's the newest version and check for any updates before running it.
……. & VX2 Cleaner…….
Next go back to that site to get the plug-in for fixing VX2 variants. To run this tool choose Software > Add-ons (left navigation bar) then select VX2 Cleaner.
Follow the instructions to run it. If your system is clean it will say “Status System Clean”. Otherwise, you will have to click on the Clean button to remove the VX2 infection.
Also make sure to customize the settings in Ad-aware for better scan results by reading the article here…
http://www.greyknight17.com/spyware.php
Run the scan and fix everything that it finds.
> Download Spybot Search & Destroy here .....
http://www.safer-networking.org/en/download/
...and install it. Please run it, click "Search for Updates" then "Check for Problems". If it finds something, check/tick all items in RED and hit the “Fix Selected Problems” button. Exit Spybot.
> You have the iolo system mechanic. Please ensure it is fully configured and working correctly if you still use it. If necessary uninstall it and re-install it.
If you don't use it any more then please completely uninstall it.
> This computer shows traces of having visited site that leave issues. Amongst them are FunWebProducts. Please don't go there again as this site offers junk, IMO, which can spy on your PC and clog it up.
> You also have issues with Abetterinternet, IgetNet and MyWay Search.
Hopefully the above scans will help out with at least some of these but please be careful when browsing.
>> After you have done all this please repeat the Panda Activescan process and again paste the resulting log report here.
Please also say how your computer is behaving now.
> Again, only after this is done, you should activate Spybot's Tea Timer tool. This will help give you ongong protection when browsing. Here's how to do that if you don't know already ....
http://www.malwarehelp.org/how-to-enabledisable-spybot-teatimer.html0 -
Here is a new panda scan log. The comp is being a bit slow but at least at least it hasn't crashed or made the emails unaccessable. I can't recall ever going on to the websites you said, could they have been pop ups?
Incident Status Location
Adware:adware/comet Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\dm.inf
Potentially unwanted tool:application/funweb Not disinfected C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.15.inf
Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\biini.inf
Adware:adware program Not disinfected C:\WINDOWS\ss3unstl.exe
Adware:adware/savenow Not disinfected C:\PROGRAM FILES\VVSN
Adware:adware/wupd Not disinfected C:\PROGRAM FILES\Media Gateway
Adware:adware/maxifiles Not disinfected C:\PROGRAM FILES\COMMON FILES\InetGet2
Adware:adware/shorty Not disinfected Windows Registry
Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CLASSES_ROOT\CLSID\!!147A976E-EEE1-4377-8EA7-4716E4CDD239}
Adware:adware/virtualbouncer Not disinfected Windows Registry
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Dave\Cookies\dave@com[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{DF3B883F-9070-45F8-8271-DB86A75C6B5D}.txt[{DF3B883F-9070-45F8-8271-DB86A75C6B5D}.txt]
Spyware:Cookie/Bfast Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!5F6A8871-FC3A-4FA5-8D6E-3816A55BDFD0}.txt[!!5F6A8871-FC3A-4FA5-8D6E-3816A55BDFD0}.txt]
Spyware:Cookie/Atlas DMT Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{B2BD91DC-C4CC-4404-A4E4-8C6E69509190}.txt[{B2BD91DC-C4CC-4404-A4E4-8C6E69509190}.txt]
Spyware:Cookie/Advertising Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{BC7A7FE4-AEE3-480C-8665-D05EAC7E8AFB}.txt[{BC7A7FE4-AEE3-480C-8665-D05EAC7E8AFB}.txt]
Spyware:Cookie/Maxserving Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{F30BDE4D-567E-4190-9EDF-108A4F666EA0}.txt[{F30BDE4D-567E-4190-9EDF-108A4F666EA0}.txt]
Spyware:Cookie/Belnk Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!6BB8E90E-ABFB-4F2C-AE6D-E8E2806AD855}.txt[!!6BB8E90E-ABFB-4F2C-AE6D-E8E2806AD855}.txt]
Spyware:Cookie/YieldManager Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!63F6613C-0E02-4DA7-B8C8-04736F3E6325}.txt[!!63F6613C-0E02-4DA7-B8C8-04736F3E6325}.txt]
Spyware:Cookie/Serving-sys Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!364A75D4-CDD2-4199-8CE6-FE7F3768B93D}.txt[!!364A75D4-CDD2-4199-8CE6-FE7F3768B93D}.txt]
Spyware:Cookie/Hitbox Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!420E8172-8643-4BD2-B10A-72DF37DC2F2E}.txt[!!420E8172-8643-4BD2-B10A-72DF37DC2F2E}.txt]
Spyware:Cookie/Hbmediapro Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!6A49759D-D625-4E6D-82C5-C2B575E79F09}.txt[!!6A49759D-D625-4E6D-82C5-C2B575E79F09}.txt]
Spyware:Cookie/Doubleclick Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!8FF3B031-1EE0-4D12-AFC4-DB794F9DB030}.txt[!!8FF3B031-1EE0-4D12-AFC4-DB794F9DB030}.txt]
Spyware:Cookie/WinFixer Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!48708CAF-7F3C-46BA-B6FC-B1329B99D47A}.txt[!!48708CAF-7F3C-46BA-B6FC-B1329B99D47A}.txt]
Spyware:Cookie/BurstNet Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{BB9BAC27-5A03-4067-A47B-52F16A8EBAD4}.txt[{BB9BAC27-5A03-4067-A47B-52F16A8EBAD4}.txt]
Spyware:Cookie/2o7.net Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!284B62F1-393A-4B30-8209-EEF59AB7D310}.txt[!!284B62F1-393A-4B30-8209-EEF59AB7D310}.txt]
Spyware:Cookie/Belnk Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\{C7C39077-37D9-49F4-B79E-F09635732E0F}.txt[{C7C39077-37D9-49F4-B79E-F09635732E0F}.txt]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!28BDB1DF-BFE6-447E-99DD-7068398D39F3}.txt[!!28BDB1DF-BFE6-447E-99DD-7068398D39F3}.txt]
Spyware:Cookie/Hitbox Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!372E03D0-1238-4CC2-A4D2-D982BE65AB92}.txt[!!372E03D0-1238-4CC2-A4D2-D982BE65AB92}.txt]
Spyware:Cookie/QuestionMarket Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!85E7089A-156D-4BCB-8A46-9CE7268605DA}.txt[!!85E7089A-156D-4BCB-8A46-9CE7268605DA}.txt]
Spyware:Cookie/Reliablestats Not disinfected C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{F2275C83-1FB9-4436-8E33-95E3A1A31BDD}\!!95B71BD2-2883-4CC6-8B1C-F6D94D1D67A6}.txt[!!95B71BD2-2883-4CC6-8B1C-F6D94D1D67A6}.txt]
Adware: Adware/SaveNow Not disinfected C:\Program Files\MyEmoticons\uninstall.exe
Adware: Adware/SaveNow Not disinfected C:\Program Files\MyEmoticons\My.Emo
Potentially unwanted tool: Application/Zango Not disinfected C:\Program Files\ProSiteFinder\Uninstall.EXE
Spyware:Cookie/Com.com Not disinfected C:\Documents And Settings\Dave\Cookies\dave@com[1].txt
Adware: Adware/nCase Not disinfected C:\WINDOWS\system32\BO2802040113.dll
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\inf\biini.inf
Adware: Adware/KeenValue Not disinfected C:\WINDOWS\Downloaded Program Files\imloader.exe
Potentially unwanted tool: Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.infAccept that some days you're the pigeon and some days you're the statue.0 -
Not sure why iolo system mechanic is still there, i uninstalled it and deleted it.Accept that some days you're the pigeon and some days you're the statue.0
-
Potentially unwanted tool: Application/FunWeb Not disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
I go into the folder you said to delete this and i can't find it, i searched for it and it comes up with nothing
Accept that some days you're the pigeon and some days you're the statue.0 -
Also, i have system pack 2, what would happen if i deleted it as i know this has issues.Accept that some days you're the pigeon and some days you're the statue.0
-
Do you mean XP service pack 2, in which case don't delete it, or you'll have even more "issues"..Ever get the feeling you are wasting your time? :rolleyes:0
-
albertross wrote:Do you mean XP service pack 2, in which case don't delete it, or you'll have even more "issues"..
Sorry, yes thats the one i mean. I thought microsoft recommended people not to download it as it had problems?Accept that some days you're the pigeon and some days you're the statue.0 -
Service Pack 2 is a collection of updates to Windows XP, to fix bugs, and security holes in the software. If you don't have it installed, and you connect the PC to the internet, you are exposing your PC to all sorts of risks. Even SP2 isn't current, there are subsequent fixes available from https://www.windowsupdate.com.
I would recommend that anyone who doesn't have it, installs it, and then runs windowsupdate, to patch Windows upto the latest level. If you don't you will probably get hit with something nasty, possibly within minutes of connecting to the internet.Ever get the feeling you are wasting your time? :rolleyes:0 -
Download CCleaner from :-
http://www.ccleaner.com/
After installing, go to Start > programs > CCleaner
Make sure the "windows" tab is selected
Under "internet explorer" tick...
Temporary internet files
Cookies
History
Recently typed URL's (leave this unticked if you DON'T want to clear the drop down list in the address window of IE)
Delete index.dat files
under "Windows explorer"
Other explorer MRU's (leave this unticked if you DON'T want to clear lists such as the start\run list)
under "System"
Empty recycle bin
Temporary files
Memory Dumps
Chkdsk File Fragments
Old prefetch data
If there are any cookies you want to keep (if you remove the cookie for a site you require a password for, you will need to re-enter your password when you next visit that site) ... click options > cookies > then keep the cookies you want.
I personally do not have any of the others ticked ... but be it on your head if you want to tick any of the others.
DO NOT allow or accept any optional toolbars or similar things to be installed by this program except from the above.
Make sure you have exposed the Hidden Files & Folders as I explained previously.
These files are still showing as present in the Downloaded Program Files folder…..
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
C:\WINDOWS\Downloaded Program Files\dm.inf
C:\WINDOWS\Downloaded Program Files\imloader.exe
Go to the folder named Downloaded Program Files and delete these three files. Let us know if you can’t find any.
Go to Add/Remove programs and uninstall these if still present (again, let us know any you can’t find) …..
VVSN
Media Gateway
Iolo
MyEmoticons
ProSiteFinder
Go to the following file and delete them IF still present ….
C:\WINDOWS\INF\biini.inf
C:\WINDOWS\ss3unstl.exe
C:\PROGRAM FILES\VVSN
C:\PROGRAM FILES\Media Gateway
C:\PROGRAM FILES\COMMON FILES\InetGet2
C:\Program Files\iolo
C:\Program Files\MyEmoticons
C:\Program Files\ProSiteFinder
C:\Documents And Settings\Dave\Cookies
C:\WINDOWS\system32\BO2802040113.dll
C:\WINDOWS\inf\biini.inf
Search your entire system for anything that contains the name funweb. List the results of the search and post them here before you delete anything.
Run Activescan again and post the result of the log here.
ALSO …. Please post a new HijackThis log and let us know how the PC is working now. Any better?0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.4K Banking & Borrowing
- 252.9K Reduce Debt & Boost Income
- 453.3K Spending & Discounts
- 243.4K Work, Benefits & Business
- 598K Mortgages, Homes & Bills
- 176.7K Life & Family
- 256.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards