Raekwon Posted August 5, 2006 Report Share Posted August 5, 2006 Fire away! Quote Link to comment Share on other sites More sharing options...
Superman Posted August 20, 2006 Report Share Posted August 20, 2006 Okay, McAfee says I have the Spy-Agent.n trojan in my windowslogon.exe file. The trojan cannot be cleaned, deleted or quarantined. I looked online and several people had this problem, but each situation seems different and I don't know how to get rid of this thing. Cany anyone help me? Below is my Hijack this log file that I just got today. Any help is appreciated. Logfile of HijackThis v1.99.1 Scan saved at 11:27:12 AM, on 8/20/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Digital Media Reader\shwiconem.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\D-Link\AirPremier Utility\AirPMCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\McAfee.com\VSO\mcvsshld.exe C:\Program Files\Lexmark 7100 Series\lxbxmon.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Lexmark 7100 Series\ezprint.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Common Files\AOL\1136324492\ee\AOLSoftware.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\LxrJD31s.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\McAfee.com\VSO\oasclnt.exe c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe c:\program files\mcafee.com\agent\mcdetect.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe c:\PROGRA~1\mcafee.com\agent\mctskshd.exe C:\Program Files\MySpace\IM\MySpaceIM.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\BigFix\BigFix.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\PGP Corporation\PGP Desktop\PGPtray.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Netscape Internet Service\ncupdatesvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PGPserv.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\svchost.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\lxbxcoms.exe C:\WINDOWS\system32\DllHost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\George\Desktop\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant/ac...mpaign=webda135 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gatewaybiz.com R3 - URLSearchHook: (no name) - <default> - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [sunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe O4 - HKLM\..\Run: [Gateway Extended Warranty] "C:\Program Files\Gateway\GWCares\GWCares.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [intelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [D-Link AirPremier Utility] C:\Program Files\D-Link\AirPremier Utility\AirPMCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\MssCli.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe O4 - HKLM\..\Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBXtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxbxmon.exe] "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe" O4 - HKLM\..\Run: [FaxCenterServer4_in_1] "C:\Program Files\Lexmark 7100 Series\fm3032.exe" /s O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 7100 Series\ezprint.exe" O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1136324492\ee\AOLSoftware.exe O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe O4 - HKLM\..\Run: [iPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: PGPtray.exe.lnk = ? O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\George\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\pgplsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\pgplsp.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: OCMAPIHK.DLL O20 - Winlogon Notify: awvvu - C:\WINDOWS\system32\awvvu.dll (file missing) O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxbx_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbxcoms.exe O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: Netscape Update Service (NCUpdateSvc) - Netscape Communications Corporation - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe Quote Link to comment Share on other sites More sharing options...
werdnA kroY Posted August 20, 2006 Report Share Posted August 20, 2006 You obviously know more about PC's than me but I have found Panda Antivirus better than Norton and Mcafee for eliminating nasties from my Pc... Click HERE for an online Activescan to see if it eliminates it (ya never know it's worth a try !) Good Luck Andy Quote Link to comment Share on other sites More sharing options...
Superman Posted August 20, 2006 Report Share Posted August 20, 2006 You obviously know more about PC's than me but I have found Panda Antivirus better than Norton and Mcafee for eliminating nasties from my Pc... Click HERE for an online Activescan to see if it eliminates it (ya never know it's worth a try !) Good Luck Andy It didn't delete anything. It was one of those "free scanner" ripoffs that tells you you're infected and tells you to buy their software to remove the threats. Anyone have anymore ideas? Quote Link to comment Share on other sites More sharing options...
Raekwon Posted August 20, 2006 Author Report Share Posted August 20, 2006 Did you try the Microsoft Anti Spyware program or whatever the hell they've decided to call it today? That's quite good at removing things. http://www.microsoft.com/athome/security/s...re/default.mspx Quote Link to comment Share on other sites More sharing options...
AngelR Posted December 21, 2006 Report Share Posted December 21, 2006 For some reason our firewall didn't start up yesterday and when we realised we did a scan (we use Nod32) It found... File D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip is infected with multiple infiltrations. D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »Counter.class - Java/Femad.A Trojan D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »Gummy.class - Java/Bytverify Trojan D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »VerifierBug.class - Java/Femad.C Trojan But the only option we get after the scan is to leave it - we can't delete or anything else. We have also ran Adaware, spybot, AVG antivirus and Microsoft malicious software remover but they don't find anything to get rid of. Help please - we don't know what to do next. Quote Link to comment Share on other sites More sharing options...
Guested Account Posted December 21, 2006 Report Share Posted December 21, 2006 For some reason our firewall didn't start up yesterday and when we realised we did a scan (we use Nod32) It found... File D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip is infected with multiple infiltrations. D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »Counter.class - Java/Femad.A Trojan D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »Gummy.class - Java/Bytverify Trojan D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip »ZIP »VerifierBug.class - Java/Femad.C Trojan But the only option we get after the scan is to leave it - we can't delete or anything else. We have also ran Adaware, spybot, AVG antivirus and Microsoft malicious software remover but they don't find anything to get rid of. Help please - we don't know what to do next. can't you delete those femad aned bytverify trojan files manually from the zip file? Quote Link to comment Share on other sites More sharing options...
AngelR Posted December 22, 2006 Report Share Posted December 22, 2006 can't you delete those femad aned bytverify trojan files manually from the zip file? Well I thought we could too, but we can't find them to delete, I'm probably looking in the wrong place (Control panel, Java) and have deleted the temporary files but can't see anything else to clear. I've read it's the 'cache' but I can't see that option. I know it's not a really dangerous trojan but I'd rather not have it. Quote Link to comment Share on other sites More sharing options...
Ms.Croft Posted December 22, 2006 Report Share Posted December 22, 2006 I guess the best thing to do is to follow the file directly..so do as follows: D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-67a26fe4-73f04691.zip My Computer (Hard Drive D:) Documents And Settings User (Guessing it's a shared account..if not try the account that you used whilst scanning) Application Data Sun Java Deployment Cache Javapi v1.0 Try deleing all the stuff in that folder and do the rest with the ones that are also on the list. If they don't delete it means that it's busy, so press Ctrl + Alt + Delete and try to find something to do with Sun or Java. End the task delete the folders and then restart your computer. Good Luck Ange!! MsC Quote Link to comment Share on other sites More sharing options...
AngelR Posted December 22, 2006 Report Share Posted December 22, 2006 I guess the best thing to do is to follow the file directly..so do as follows: D:\Documents and Settings\User\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar- [*]User (Guessing it's a shared account..if not try the account that you used whilst scanning) MsC That was why I couldn't find it - I was deleting the files in the main account - the other 'user' isn't used much so it didn't occur to search in there (in fact it's used so little we deleted the account). Thank you, I'm all clean again. Quote Link to comment Share on other sites More sharing options...
Blade Posted February 11, 2007 Report Share Posted February 11, 2007 I don't have a question here, but I just want to tell everyone something. I downloaded a browser accessory called Hotbar. I got it because it was supposed to show me weather reports in my system tray. But when I installed it, it closed down because of an error. However it still remained running without me knowing it. This caused some programs to not run properly and I had to uninstall Hotbar. Once I fully had it removed I thought I was in the clear, I was wrong. I was out during the day today and my Zonealarm Pro did a anti-spyware scan. When I got home I turn on my monitor to see it found two trojans and both were from Hotbar (I was able to delete them also, so now its gone for good). So fellow members here's what I have to say in close. DON'T DOWNLOAD HOTBAR!!!!! Quote Link to comment Share on other sites More sharing options...
ghostrider Posted June 20, 2007 Report Share Posted June 20, 2007 Hi i run CA suite,spybot,spyware blaster,PC tools registry mechanic and touch wood ive had no problems but i also have to reformat my HDD 6 times.So now im very careful about what i down load by checking the software out on forums so i dont get caught Quote Link to comment Share on other sites More sharing options...
Superman Posted July 4, 2007 Report Share Posted July 4, 2007 Yeah, I agree about Hotbar. Don't download that or WeatherBug. Both of those programs are Spyware... the effects are not pretty. Quote Link to comment Share on other sites More sharing options...
Guested Account Posted July 5, 2007 Report Share Posted July 5, 2007 (edited) don't forget Comet Cursor, another Spyware that takes forever to remove from your PC I learned my lesson in 1999 and I will never fall for it again!! http://en.wikipedia.org/wiki/Comet_Cursor oh and if you like to still use Real Player, you are stuck with it!! Real Player is another stupid program I have not used in 8 years on any of my PC and I never will!! I had to completely reformat the HD on my Pentium 3 computer and then reinstall Windows 98 and Anti Virus and update any programs and software drivers that needed updating (imagine doing this on a dial up) just to remove it!! http://www.pcworld.com/article/id,125772-page,5/article.html oh the Comet Cursor people claim their product is not Spyware: http://blogs.pcworld.com/techlog/archives/002194.html Edited July 5, 2007 by j7wild Quote Link to comment Share on other sites More sharing options...
Mike Posted July 5, 2007 Report Share Posted July 5, 2007 The new Real Player 11 beta, is actually pretty good. It lets you download videos from webpages (YouTube, etc). It has low memory usage and of course they don't install spyware anymore. Quote Link to comment Share on other sites More sharing options...
Shrensh Posted July 5, 2007 Report Share Posted July 5, 2007 I tried RealPlayer a few years ago, and it'll take me a very long time to ever try it again. Even if they say they're not using spyware or adware anymore, I don't trust them at all and would rather not take the risk. I don't need it though. I'm using Real Alternative, which allows you to play RealMedia without having RealPlayer. It has the added advantage that it allows RealMedia files to be played with Media Player Classic, which is the programme I prefer to use for videos I download off the web. For downloading off YouTube and other sites like it, I use a FireFox plugin called Video Downloader. Quote Link to comment Share on other sites More sharing options...
Mike Posted July 5, 2007 Report Share Posted July 5, 2007 Yeah but Real Alternative and QuickTime Alternative are illegal. I personally haven't had any problem with this version, I don't use it as my default player. I use it for downloading videos, seems easier than Video Downloader. Quote Link to comment Share on other sites More sharing options...
Shrensh Posted July 5, 2007 Report Share Posted July 5, 2007 Yeah but Real Alternative and QuickTime Alternative are illegal That's the first I've ever heard of that... I wouldn't believe anything that RealNetworks says though Quote Link to comment Share on other sites More sharing options...
Mike Posted July 5, 2007 Report Share Posted July 5, 2007 That's the first I've ever heard of that... I wouldn't believe anything that RealNetworks says though They are illegal because the use verdors' codecs without there permission.. but who cares? LOL Quote Link to comment Share on other sites More sharing options...
ghostrider Posted February 6, 2008 Report Share Posted February 6, 2008 I have just removed a virus called Win 32/cotmonger.EA and updated to privacy guardian and spyware doctor for a little more safety , i also run CA anti-virus suite 2007,spybot 1.5.2 and so far so good but scanning all downloads is a must Quote Link to comment Share on other sites More sharing options...
Guested Account Posted July 10, 2013 Report Share Posted July 10, 2013 (edited) I keep getting a USA.gov RSS feed XML document appearing in my Temporary Internet Folder. First, I am running Chrome and not even using Internet Explorer so why does it appear in the Temporary Internet Folder? Second, I have never visited USA.gov much less click on the RSS feed button there to subscribe so it shouldn't even appear in the Temporary Internet Folder. I had the computer off for a few hours and I always clean out my browsing cache and history and cookies in Chrome and my Windows Temp and Temporary Internet Folder before shutting down. I only been back online for 1 hr and the sites I visited are the usual sites: local CBS and NBC news, Lara Croft online, IMDB, Facebook,online banking, Grocery Stores online ads, Google Mail, etc etc I even deleted the thing from the Temporary Internet Folder and then leaving it (The Temporary Internet Folder) open on my desktop, I went back to my browsing history and re-visited every page in there one at a time. Visit the page and then go to the Temporary Internet Folder, click REFRESH to see if it appears. NOTHING! Repeat process. So I have no idea which site is triggering this thing to appear in my Temporary Internet Folder. Is it a virus or spyware or adware? Is the GOV spying on my computer? Edited July 10, 2013 by J7Dadda Quote Link to comment Share on other sites More sharing options...
Guested Account Posted July 11, 2013 Report Share Posted July 11, 2013 It's 970 bytes. I uploaded it here: http://q7ci4b.1fichier.com/en/ Bit Defender scan says it's not a threat but does Bit Defender scan it as a spyware too or just as a virus? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.