Jump to content

snakize

Members
  • Content Count

    109
  • Joined

  • Last visited

About snakize

  • Rank
    Member
  1. Hi there, Thanks a lot for all your help Ares Galaxy is a nice P2P program, and i have been using it for some time now, and there is no spyware in it, although theres an option to put some extra programs with it (spyware) you can disable that option. Thanks,
  2. Hi, Thanks a lot. Well i've scanned with Adaware and Spybot, and it found a couple of stuff and i have removed it. Then i scanned with Ewido (Which is a very nice program, thanks for telling me). And this is what it found. --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 11:55:24 AM, 8/14/2005 + Report-Checksum: 47B75726 + Scan result: C:\WINDOWS\system32\k404SearchSetup_MS28.exe -> Spyware.404Search : Cleaned with backup :mozilla.11:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\CO17EA~1.TX0 -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.26:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\CO17EA~1.TX0 -> Spyware.Cookie.Falkag : Cleaned with backup :mozilla.27:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\CO17EA~1.TX0 -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.28:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\CO17EA~1.TX0 -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.11:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\cookies-1576.txt -> Spyware.Cookie.Burstnet : Cleaned with backup :mozilla.12:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\xamlpn6p.default\cookies-1576.txt -> Spyware.Cookie.Burstnet : Cleaned with backup :mozilla.7:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.17:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.18:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.19:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.20:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.21:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.22:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.25:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup :mozilla.26:C:\Documents and Settings\moody\Application Data\Mozilla\Firefox\Profiles\6dlr22qz.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup :mozilla.23:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Doubleclick : Cleaned with backup :mozilla.37:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.38:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.39:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.40:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.41:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.42:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Tribalfusion : Cleaned with backup :mozilla.54:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.55:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.64:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Adtech : Cleaned with backup :mozilla.65:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Adtech : Cleaned with backup :mozilla.75:C:\FOUND.041\FILE0002.CHK -> Spyware.Cookie.Revenue : Cleaned with backup ::Report End I scanned with CCleaner and removed and fixed any problems. This is my new HJT Log, thanks a lot for your help. ----------------------------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 12:07:36 PM, on 8/14/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\Brmfrmps.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\IPWireless Inc\IPWireless PC Software\UEStatus.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\GetRight\getright.exe C:\Program Files\GetRight\getright.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xport to Microsoft Excel - c:\program files\microsoft office\office10\excel.exe O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8FACB588-4A4B-46C1-807B-1F08D0AC7592} (eTours Control) - http://www.360etours.net/tours/activex/eTours3-3-0-0.ocx O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{60CEC8A7-7B01-4400-AFA4-F9FB961BDAE6}: NameServer = 202.74.207.10 202.74.207.100 O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  3. Please advice me on what to do. I have scanned with Spybot, Ad-aware, Microsoft Anti Spyware, Spyware Doctor. Logfile of HijackThis v1.99.1 Scan saved at 12:41:52 PM, on 8/10/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\WINDOWS\System32\alg.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS\system32\Brmfrmps.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Executive Software\DiskeeperLite\DKService.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\System32\wuauclt.exe C:\Program Files\IPWireless Inc\IPWireless PC Software\UEStatus.exe C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.nz/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing) O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O8 - Extra context menu item: E&xport to Microsoft Excel - c:\program files\microsoft office\office10\excel.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/m...84/mcinsctl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {8FACB588-4A4B-46C1-807B-1F08D0AC7592} (eTours Control) - http://www.360etours.net/tours/activex/eTours3-3-0-0.ocx O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/m...,21/mcgdmgr.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{60CEC8A7-7B01-4400-AFA4-F9FB961BDAE6}: NameServer = 202.74.207.10 202.74.207.100 O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINDOWS\system32\Brmfrmps.exe" -service (file missing) O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  4. It's just Mcafee files, i think. Not too sure.
  5. Norton = CRAP!. I've used Norton Anti Virus 2005, didn't like it. I'm just currently using Zone Alarm Pro and im WELL protected.
  6. Awesome i tested the my firewall, currently im using ZoneAlarm Pro, and it blocked everything. I highly recommend ZoneAlarm.
  7. check out my system its crap compared to u guys, and mine is pretty much the same as urs http://www.pcpitstop.com/techexpress.asp?i...EULKWGZHYMSA8S3
×
×
  • Create New...