|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
08-27-2005, 12:49 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2005
Posts: 27
OS: XP
|
Clean log?
Hi it's Ben again...
I scanned my computer with ewido and ad aware and I think that everything that came up was 3rd party cookies... Here is the ewido log, --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 20:14:02, 27/08/2005 + Report-Checksum: B93E82AD + Scan result: C:\Documents and Settings\Roger\Cookies\roger@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfk4chd5wgo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfk4ckcpmgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkiegdjkbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkiglcjelp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkiokc5clp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkiwiczsbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkocpd5eap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkogmcpmco.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkoogdpobo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkywhd5efo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfkywhd5gep.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfl4cgc5ebo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfl4klcpkgq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfliamazcfo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wflienajeko.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfliomcpgep.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wflisodjgfo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfliwmcjahq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfloakczobp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wflocicpoko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wflockczahp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wflowmdjgcp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfmicid5wgq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wfmiwiczmdo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wgkyejczcap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjk4wocjkbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjkosgcjihq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjkysncjsfo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjl4qlazwhp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjliejdpwep.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjlikpdpmeq.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjlowgajoeo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjlowhcjwgp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmicjdpoao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmicnd5gdo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmighczaao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmiogdjolo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmiogdzsfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmyckczmbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmyggdpwao.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmysidzeko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmysjcpmgp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjmywpazmbo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjnycoczklo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@e-2dj6wjnyuocpkap.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\Roger\Cookies\roger@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup ::Report End ^^^^^Is that stuff just all 3rd party cookies and advertising?^^^^^ Just doing one last check with you guys to see if there is any problems with my computer... Here is my HJT log... Logfile of HijackThis v1.99.1 Scan saved at 19:46:43, on 27/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Program Files\ewido\security suite\ewidoctrl.exe C:\Program Files\ewido\security suite\ewidoguard.exe C:\WINDOWS\system32\IFXSPMGT.exe C:\WINDOWS\system32\IFXTCS.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\mcshield.exe C:\Program Files\Network Associates\VirusScan\vstskmgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\Program Files\Infineon\Security Platform Software\SpTNA.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Grisoft\AVG Free\avgwb.dat C:\Program Files\ewido\security suite\SecuritySuite.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\unzipped\hijackthis[1]\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\en-gb\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [IfxSecurePlatformIndication] C:\Program Files\Infineon\Security Platform Software\SpTNA.exe O4 - HKLM\..\Run: [PSDruntime] C:\Program Files\Infineon\Security Platform Software\PSDrt.EXE O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe" O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe O4 - Global Startup: VTAgentReboot.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1123842971218 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37240.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab O20 - Winlogon Notify: IfxWlxEN - C:\WINDOWS\SYSTEM32\IfxWlxEN.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: PSDNtfy - C:\Program Files\Infineon\Security Platform Software\PSDNtfy.dll O20 - Winlogon Notify: STOPzilla - C:\WINDOWS\SYSTEM32\IS3WLHandler.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\Infineon\Security Platform Software\PSDsrvc.EXE O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\SZServer.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Please reply as soon as you can! Thanks, Ben27 
Last edited by Ben27; 08-27-2005 at 01:15 PM. |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
08-27-2005, 08:46 PM
|
#2 (permalink) | |
|
1337 C0D3R
Join Date: Mar 2005
Location: Canada
Posts: 1,457
OS: Server 2K3/XP Pro/XP MCE/Win 98/Ubuntu Linux/BackTrack 2
|
UNless you can tell me what this file is, please visit Jotti.org and submit the following files for testing by clicking "Browse," navigating to the correct file, Clicking "Open," then "Submit."
Copy and paste the Results back here with your next post when you are finished. Quote:
|
|
|
|
|
| Thread Tools | |
|
|
Thanks again!
