eternal7666
30 Jan 2006, 2:26pm
Potentially unwanted tool:application/funweb
C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.15.inf
Adware:adware/cws.searchmeup
C:\WINDOWS\toolbar.exe
Spyware:Cookie/RealMedia
C:\Documents and Settings\EterNal LoVer\Cookies\eternal lover@realmedia[1].txt
Potentially unwanted tool:Application/Processor
C:\Documents and Settings\EterNal LoVer\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor
C:\Documents and Settings\EterNal LoVer\Desktop\smitRem.exe[Process.exe]
Potentially unwanted tool:Application/FunWeb
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
This is what i get from Panda Free Online Virus Scan. I was wondering how can i remove these annoying things.. Especially eternal lover@realmedia[1].txt. This thing keep on getting into my computer when i play Utopia (www.games.swirve.com/utopia/login.htm). Can i block this files forever? Somehow?
smitRem.exe is like harmless i guess so.. because i download this to remove some spyware.. suggested by other forum discussion. Well.. what's the opinion here? Safe?
f3initialsetup1.0.0.15.inf i can this file in my directory. Is it really exist or just cheating?? Is this thing dangerous? Remove it? How?
toolbar.exe. Really have no idea on this file. Trojan?
Please kindly guide me to solve these problem. Kind of worry if i lost my data in my comp and need to reformat. Don't wish that to happen.
Logfile of HijackThis v1.99.1
Scan saved at 10:22:55 PM, on 1/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\PFShared\UmxCfg.exe
C:\Program Files\Tiny Firewall\UmxFwHlp.exe
C:\Program Files\Common Files\PFShared\UmxPol.exe
C:\Program Files\Tiny Firewall\UmxAgent.exe
C:\Program Files\Tiny Firewall\UmxTray.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\PFShared\umxlu.exe
C:\WINDOWS\Explorer.EXE
E:\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://games.swirve.com/utopia/login.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://games.swirve.com/utopia/login.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [AMonitor] C:\Program Files\Tiny Firewall\amon.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: ASUS Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: FW Event Manager (UmxAgent) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall\UmxAgent.exe
O23 - Service: FW Configuration Interpreter (UmxCfg) - Tiny Software, Inc. - C:\Program Files\Common Files\PFShared\UmxCfg.exe
O23 - Service: FW User-Mode Helper (UmxFwHlp) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall\UmxFwHlp.exe
O23 - Service: FW Live Update (UmxLU) - Tiny Software, Inc. - C:\Program Files\Common Files\PFShared\umxlu.exe
O23 - Service: FW Policy Manager (UmxPol) - Tiny Software Inc. - C:\Program Files\Common Files\PFShared\UmxPol.exe
I run Spybot - Search & Destroy and Ad-Aware everyday. Ewido also updated everyday and run to clear those spyware. I wonder how they get in. I'm so tired keep on scanning everyday. I even have Tiny Firewall free trial.
C:\WINDOWS\DOWNLOADED PROGRAM FILES\f3initialsetup1.0.0.15.inf
Adware:adware/cws.searchmeup
C:\WINDOWS\toolbar.exe
Spyware:Cookie/RealMedia
C:\Documents and Settings\EterNal LoVer\Cookies\eternal lover@realmedia[1].txt
Potentially unwanted tool:Application/Processor
C:\Documents and Settings\EterNal LoVer\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor
C:\Documents and Settings\EterNal LoVer\Desktop\smitRem.exe[Process.exe]
Potentially unwanted tool:Application/FunWeb
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15.inf
This is what i get from Panda Free Online Virus Scan. I was wondering how can i remove these annoying things.. Especially eternal lover@realmedia[1].txt. This thing keep on getting into my computer when i play Utopia (www.games.swirve.com/utopia/login.htm). Can i block this files forever? Somehow?
smitRem.exe is like harmless i guess so.. because i download this to remove some spyware.. suggested by other forum discussion. Well.. what's the opinion here? Safe?
f3initialsetup1.0.0.15.inf i can this file in my directory. Is it really exist or just cheating?? Is this thing dangerous? Remove it? How?
toolbar.exe. Really have no idea on this file. Trojan?
Please kindly guide me to solve these problem. Kind of worry if i lost my data in my comp and need to reformat. Don't wish that to happen.
Logfile of HijackThis v1.99.1
Scan saved at 10:22:55 PM, on 1/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\PFShared\UmxCfg.exe
C:\Program Files\Tiny Firewall\UmxFwHlp.exe
C:\Program Files\Common Files\PFShared\UmxPol.exe
C:\Program Files\Tiny Firewall\UmxAgent.exe
C:\Program Files\Tiny Firewall\UmxTray.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\PFShared\umxlu.exe
C:\WINDOWS\Explorer.EXE
E:\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://games.swirve.com/utopia/login.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://games.swirve.com/utopia/login.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [AMonitor] C:\Program Files\Tiny Firewall\amon.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: ASUS Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: FW Event Manager (UmxAgent) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall\UmxAgent.exe
O23 - Service: FW Configuration Interpreter (UmxCfg) - Tiny Software, Inc. - C:\Program Files\Common Files\PFShared\UmxCfg.exe
O23 - Service: FW User-Mode Helper (UmxFwHlp) - Tiny Software, Inc. - C:\Program Files\Tiny Firewall\UmxFwHlp.exe
O23 - Service: FW Live Update (UmxLU) - Tiny Software, Inc. - C:\Program Files\Common Files\PFShared\umxlu.exe
O23 - Service: FW Policy Manager (UmxPol) - Tiny Software Inc. - C:\Program Files\Common Files\PFShared\UmxPol.exe
I run Spybot - Search & Destroy and Ad-Aware everyday. Ewido also updated everyday and run to clear those spyware. I wonder how they get in. I'm so tired keep on scanning everyday. I even have Tiny Firewall free trial.