Various Problems

Hi there,

I was experiencing extreme slowness with my computer so I decided to run through all of the spyware scans because I assumed that was the problem.

First I went through the entire "Read and Run me first" procedures. I have attached the Bitdefender and Panda reports to this post. The Panda scan turned up something called "b4ndrevy.bat". Also, while I was running it, a window popped up saying "Choose Profile" with a drop-down menu with choices of Outlook, pstloadtmp000, and pstloadtmp001. All of the initial scans (Spybot, etc.) were done in Safe Mode.

Then I rebooted into normal mode and went through all of the "Alternative Scans". The Kapersky Scanner found "trojan.win32.Qhost.r" but did not remove it. The Ewido scan found "spyware.webrebates", "spyware.LOP" and "spyware.cookie.myaffiliate program". I saved a report of this if you would like to see it.

Lastly I ran a Hijack This scan and have attached the log to this post.

Currently I think I have Spysweeper, disspy, spy subtract and ewido running at the same time. Is this a bad idea? I think that my computer is even slower now after doing all these steps. It take FOREVER to open IE.

Any advice and help you can give would be greatly appreciated!

thanks,
Emily

 

Please look in Add/Remove Programs for the following and uninstall them if found:

Ewido

Spy Sweeper

Disspy

Spy Subtract
(If you have purchased these, you can leave them)

Now scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher\SCActiveBlock.dll (file missing)

O4 - HKLM\..\Run: [eTrust PestPatrol Active Protection] none

Again, make sure ALL browser windows are closed when you click FIX.

Next, run CCleaner to clean up cookies and temp files.

After you complete the above, reboot and let me know what problems remain.

 

I followed your instructions and everything seems to be running smoothly and much quicker. Will deleting those two entries from the Hijack This log take care of the problem with the trojan and the problems found by the Panda scanner?

Thanks!

Emily

 

Reboot into Safe Mode and delete the below...

C:\Program Files\Microsoft AntiSpyware\Quarantine ← Delete everything in this folder!

C:\Documents and Settings\Owner\Favorites\Health ← Delete this whole folder if it exist!

After you complete this post, reboot and run another Panda Scan and see if anything is detected.

 

Hi,

The Panda scan detected three things. I have attached the report to this post.

It also came up with that window again that reads: "Choose Profile" with a drop-down menu with choices of Outlook, pstloadtmp000, and pstloadtmp001. This time it has three more added pstloadtmp002 and pstloadtmp003. Very strange.

Thanks,
Emily

 

Everything looks ok, those are detections are ok.

Are you having any current problems?

 

Thank you, I think everything is okay. Would you recommend I purchase Panda so that I can have it protect my computer at all times? Or, do you have another suggestion on software to use? I had Spysubtract running, and I also regularily ran Spybot, Adaware and CCleaner when this all happened so I'm not sure how well those worked for me.

Thanks for your help!!

 

Personally I would recommend AVG AntiVirus for an antivirus and ZoneAlarm for a firewall. Both programs are free and IMO do a great job.

You should see this article on How to Protect yourself from malware!

Surf Safely!

 

I just realized what may have happened. My ZoneAlarm Pro trial version that I had installed ages ago expired (which I was not aware of) and it did not automatically convert to the free version so my computer was vulnerable this entire time.

Thanks!

 

Ouch! You should be able to uninstall then reinstall the free version.