Dear Forum Members
I want to use a P2P file sharing program. I have been hearing that file sharing programs are a source of spywares. Are there any safe ones? Is Kazaa safe?
Thank you
...
Type: Posts; User: thameen; Keyword(s):
Dear Forum Members
I want to use a P2P file sharing program. I have been hearing that file sharing programs are a source of spywares. Are there any safe ones? Is Kazaa safe?
Thank you
...
Thank You Jak and Happy New Year for U
Thameen
Dear Jak
Now a day has passed after the disappearance of the annoying alert and I still do not see it. Thats good.
I keep the keyloggers on purpose, I use then when I use my laptop outside...
I did the SmitFraudFix clean. Was not prompted for wininet.dll, here is the log:
SmitFraudFix v2.131
Scan done at 9:08:32.70, Mon 12/25/2006
Run from C:\SmitfraudFix
OS: Microsoft Windows XP...
Dear Jak3
Regarding your note about process.exe, I have followed the link you provided but I did not understand much of what the page said. I do not have a basic knowledge about how the windows...
Hey Jak3, here is the scan log:
SmitFraudFix v2.131
Scan done at 4:07:30.40, Mon 12/25/2006
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem...
Dear Jak3
Thank you for taking up my question and for your time.
I was not sure from the tutorial if I have to run all the online scans mentioned or just a one. I have run only the online...
Dear Forum Members
First let me wish you all a merry Xmas and a happy new year.
I have since yesterday been seeing the activities of a spyware. It appears in the form of repeated alert nitices...
Thanks Shaba for this information.
Thameen
Dear Shaba.
Since two days I had no pop ups. Thats of course due to your help and your valuable time and attention you gave me.
Thameen
Dear Shaba. I want to add that I did not see the pop ups since yesterday.
Thameen
Logfile of HijackThis v1.99.1
Scan saved at 12:14:03 ?, on 30/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:...
Hi Shaba.
I found the "instant access" folder and removed it. But I did not find it at "Add Remove Programs" where I looked for it first.
The keylogger I keep them because I use them now and...
Logfile of HijackThis v1.99.1
Scan saved at 11:16:33 ?, on 29/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:...
Hi Shaba. Here are the results of the online scan.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Wednesday, November 29, 2006...
Dear Shaba.
Thank you very much. I think we got rid of it. After I did the last BL scan and did the rename, I used the net for a good time without seeing the malware pop ups.
I did remove the...
Dear Shaba. I did the BL scan again, and I found the same five files. I renamed the first file and rebootedm but in the second scan I found no more files. Could all the files been renamed in the...
Hi Shaba . I'm now taking it personal with this smart malware. I really will enjoy it when I crush it. I hope I will. But I do not want to give you extended trouble. If you see that we need to stop,...
GMEr Scan part III
.text C:\WINDOWS\system32\svchost.exe[1812] ADVAPI32.dll!CreateProcessAsUserA 77E10958 5 Bytes JMP 10002D16
.text ...
GMER scan part II
.text C:\WINDOWS\system32\svchost.exe[844] ADVAPI32.dll!CreateProcessAsUserW 77DF7775 5 Bytes JMP 10002DA7
.text ...
Here is the GMEr scan part I
GMER 1.0.12.11889 - http://www.gmer.net
Rootkit scan 2006-11-26 11:18:48
Windows 5.1.2600 Service Pack 2
---- System - GMER 1.0.12 ----
SSDT 82167420 ...
Dear Shaba.
I did do the KillBox. It did not reboot automatically. I had to reboot it manually.
Here is the fresh HJT report, GMER report follows in another message. Thanks alot.
Logfile...
.text C:\WINDOWS\system32\svchost.exe[784] ntdll.dll!NtQuerySystemInformation 7C90E1AA 5 Bytes JMP 1000191B
.text C:\WINDOWS\system32\svchost.exe[784]...
Dear Shaba. Although I turned off Word Wrap in the Txt file, but the format here in the post was crampy. I apologize for the inconvenience.
GMER 1.0.12.11889 - http://www.gmer.net
Rootkit...
Thank you again Shaba. It is indded very nice of you to give me your attention and your time. I do appreciate both.
Here is the startup scan, in the next scan it is the GMER log:
!. StartUp...
[>> Winlogon <<]
HMLM->AltDefaultDomainName - JABA-8345EAAE63
HMLM->AltDefaultUserName - NASRI
HMLM->AutoAdminLogon - Reg Data - Value does not exist
HMLM->DefaultDomainName - JABA-8345EAAE63 ...
Dear Shaba. Here is the WinPFind scan as per your instructions, the log is too long for this forum, so I will post it in two parts:
Logfile created on: 24/11/2006 04:05:44 Õ
WinPFind2 by...
Hi Shaba
Thank you for replying to my post and for your time analyzing my case.
I did remove the lines in HJT that you recommended.
I too found C:\WINDOWS\system32\mwsrvacc.exe and deleted...
Dear Forum members
I have a problem with the pop ups:
1. WayPointCash
2. em.gad and fp.gad
I used to have lots of spywares. I installed some antispy software and removed every thing...