suspicious

Unknown

Hi there
Sometimes I check my pc with Panda on-line scan (antivirus); Now panda can find but not eliminate spywares; and they have detected 15 spywares on my pc. But I've made a full scan with spybot, pest patrol and ad aware (fully uploadeds) and can't find nothing...So, I have 4 questions:
1- Is it possible that my pc is infected and none of the programs thet I have (spybot, avg antivirus, pest patrol and ad aware)can find it?
2- should I have some other program to pc defense?
3- Should I send u hijackthis log?
4- should I send u pandas log?

Thank u guys

Buckeye_Sam

1-Yes, but unlikely.

2-Yes. Spyware Blaster and a good firewall.

3-Sure, we can take a look.

4-No. Panda has been known lately for false positives on spyware. You're probably fine.

adrianoc

Ok, good to know about panda, because I use to trust in it...Is there a good on line scan?
About the firewall, windows firewall is good enough or do I need another one? Is there a free option?
wow...how many questions...
Just in case, I'm sending hijack this log

Logfile of HijackThis v1.99.0
Scan saved at 07:22:11, on 13/3/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\system32\RunDll32.exe
C:\ARQUIV~1\PESTPA~1\PPControl.exe
C:\ARQUIV~1\PESTPA~1\PPMemCheck.exe
C:\ARQUIV~1\PESTPA~1\CookiePatrol.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Kazaa Lite Resurrection\kazaalite.kpp
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Windows Media Player\wmplayer.exe
C:\Arquivos de programas\MSN Messenger\msnmsgr.exe
C:\DOCUME~1\ADRIAN~1\CONFIG~1\Temp\Diretório temporário 1 para hijackthis99.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://login.yahoo.com/config/mail?.intl=br
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\ARQUIV~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\ARQUIV~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\ARQUIV~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{62663EDD-B513-4768-948B-A6D6A3AD89D8}: NameServer = 200.196.238.10,200.193.238.34
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe


Thanks for your help..u r great
Adriano

Buckeye_Sam

Your log is clean.

Windows firewall is probably ok for you if you connect with a dialup. If you have broadband(cable or DSL) then I would recommend Zone Alarm. There's a free edition.


Panda is an excellent online virus scan. But like most antivirus vendors now they realize that there is real problems with spyware and they're trying to get into that market. I haven't run across a antivirus vendor with a good spyware solution yet. But a lot of them are trying. Just not succeeding.


Stick with Adaware, Spybot, and Microsoft Antispyware. Those three together will do a better job than any other one program out there.

adrianoc

I've installed zone alarm ('cause I use radio conection) and Microsoft Antispyware (what a nice program!!! )
Thank u very very much again for your attention. I hope that we always can count on u helping out for a safe internet community. I hope that some day we can help too...see ya