Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: ermite67 on November 16, 2007, 08:57:21 AM
-
Hi,
Few week ago, some spyware send mails from my computer and just i see "scanning output mail" (in french : Scanne du mail sortant...), and many différents mail adress.
Is it possible to keep historic of these outpout mails scanned ?? And from whish program it is send ?
Thanks for your help
-
HI
What firewall are you using?
You could check your firewall logs and see if there is an unknown program connecting to the internet.
You can post a hijackthis log here and we can try to see what is running.
Click here (http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis) to download HJTsetup.exe
- Save HJTsetup.exe to your desktop.
- Doubleclick on the HJTsetup.exe icon on your desktop.
- By default it will install to C:\Program Files\Hijack This.
- Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
- Put a check by Create a desktop icon then click Next again.
- Continue to follow the rest of the prompts from there.
- At the final dialogue box click Finish and it will launch Hijack This.
- Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
- Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
- Come back here to this thread and Paste the log in your next reply.
- DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
-
Hi dear oldman,
Thank you for your reply.
Firewall : The default windows XP firewall is active.
And Avast! Isnt a firewall too ???
Here is the Hijackthis result :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:24:28, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
C:\MEMTOOLS\START\MEMFILE2000.EXE
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
D:\Pierre\Progs\Ethereal\dumpcap.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.defaulthomepage.info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26F34125-D06E-4434-8E57-EB7D9BDEE694} - C:\WINDOWS\system32\mljjj.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MEMFILE2000.lnk = C:\MEMTOOLS\START\MEMFILE2000.EXE
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179349491656
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O20 - Winlogon Notify: ��°�À��� - ��°�À��� (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Unknown owner - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 7730 bytes
Great THANKS for the next step...
-
WOW this is old C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe
Ensure you have the latest version of JRE (JAVA Runtime Environment) because older versions can be vulnerable to malware. First remove All Older Versions From Add/Remove Programs.
Then get the latest update from here http://www.java.com/en/download/index.jsp (http://www.java.com/en/download/index.jsp)
Or JRE version 6 update 3 http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html)
You don't appear to have an active firewall, what is your firewall ?
Suspect
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.defaulthomepage.info - Do you know what this is did you set it up, if not FIX.
O20 - Winlogon Notify: ��°�À��� - ��°�À��� (file missing)
FIX
O2 - BHO: (no name) - {26F34125-D06E-4434-8E57-EB7D9BDEE694} - C:\WINDOWS\system32\mljjj.dll (file missing) - Check for the presence of this file also
It is associated with winfixer2005 try this tool, RogueRemover, available here http://www.malwarebytes.org/rogueremover.php (http://www.malwarebytes.org/rogueremover.php)
Is this your ISP, belgacom.be as that is what the IP addresses are in these items ?
O17 - HKLM\System\CCS\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
-
Fix the lines as DavidR suggests, then do the following
Download superantispyware (http://www.superantispyware.com/)
First update SAS Then
Under Configuration and Preferences, click the Preferences button.
Then click the Scanning Control tab.
Under Scanner Options make sure the following are checked
- Close browsers before scanning
- Scan for tracking cookies
- Terminate memory threats before quaranine.
leave the others unchecked.
Return to the main page by clicking close on that screen. On the main screen, under Scan for Harmful Software click Scan your computer. On the left check C:\Fixed Drive.(and other fixed drives)
Under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan.
When the scan is done, quaretine everthing found . Reboot if asked. You can post the log in your next reply if you wish.
Please post another HJT log with your next reply.
I would also suggest that you download and install comodo firewall from here
http://www.personalfirewall.comodo.com/
a brief setup video can be found here
http://forums.comodo.com/frequently_asked_questions_faq_for_comodo_firewall/noob_install_video_guide-t4766.0.html
I'll have a look after your next reply and we'll take it from there. ;D
-
Hi DavidR, Hi Oldman,
Great THANKS for your help !
- C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe uninstalled
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.defaulthomepage.info - FIXED
- O20 - Winlogon Notify: ��°�À��� - ��°�À��� (file missing) - FIXED
- O2 - BHO: (no name) - {26F34125-D06E-4434-8E57-EB7D9BDEE694} - C:\WINDOWS\system32\mljjj.dll (file missing) - FIXED
- Rogueremover installed and nothing found (all right)
- Superantispyware installed and 16 items was found and deleted.
Is this your ISP, belgacom.be as that is what the IP addresses are in these items ?
O17 - HKLM\System\CCS\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
I DONT NOW
NEW Hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:03:58, on 16/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MozyHome\mozybackup.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Messenger\MSMSGS.EXE
D:\Pierre\Progs\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Pierre\Progs\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MEMFILE2000.lnk = C:\MEMTOOLS\START\MEMFILE2000.EXE
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MozyHome Status.lnk = C:\Program Files\MozyHome\mozystat.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179349491656
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O20 - Winlogon Notify: !SASWinLogon - D:\Pierre\Progs\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Unknown owner - C:\Program Files\MozyHome\mozybackup.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 7078 bytes
I hope that all virus and / or spyware are out now...
THANKS
-
Is your computer still sending mail?
re:belgacom does this look familar? It's their homepage.(in English)
http://www.belgacom.be/home/en/jsp/dynamic/homepage.jsp
What did SAS find?
Nothing jumps out from the HJT log, if you still are having problems, we can look deeper.
You should really consider a third party firewall, windows does not provide out bound monitoring.
-
Considering your email address @ belgacom.net I would say it probably is your ISP, I didn't think to check it before, mainly as I don't display my own email, I assume others will be the same.
Your log looks OK, nothing obvious.
Now you want to get on to a third party firewal to beef up your protection and install the latest JAVA version.
Can you give examples of what SAS found, malware name, file name and location ?
-
Hello,
Here is news: I think i have problems again ...
This morning, avast have automatic update make (2 time), and after my computer reboot and i have a black screen on startup to choose a profil... after, fortunately, computer have started normaly, but ...
Problems find by SAS was coockies tracker (adserver, doubleclick, etc...)
Today, SAS found coockies tracker again. Pc tools - spyware doctor too.
My internet provider is effectively BELGACOM.
Now i am installing comodo personal firewall. After i post a new Hijackthis.
Thanks
-
Hi,
SAS has detected adware again (not dangerous):
Adware.Tracking Cookie (2 items)
- Files
- C:\Documents and Settings\Pierre\Cookies\pierre@adserver.aol(1).txt
- C:\Documents and Settings\Pierre\Cookies\pierre@xiti(1).txt
Here is the new Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:07, on 17/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Pierre\Progs\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
D:\Pierre\Progs\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Pierre\Progs\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\Pierre\Progs\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Pierre\Progs\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: MEMFILE2000.lnk = C:\MEMTOOLS\START\MEMFILE2000.EXE
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179349491656
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O17 - HKLM\System\CS1\Services\Tcpip\..\{1400900D-E9E6-41CF-B34C-5DB1E46CE723}: NameServer = 195.238.2.22 195.238.2.21
O20 - Winlogon Notify: !SASWinLogon - D:\Pierre\Progs\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Pierre\Progs\Comodo\Firewall\cmdagent.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
--
End of file - 7082 bytes
Bye
-
Tracking cookies are a very minor issue, they are text files that should only be available to the sit that you accepted them for. Personally I uncheck the option to even look for tracking cookies in SAS, see image (up to you what you decide).
Many anti-spyware applications make a really big deal out of flagging tracking cookies when any risk is normally related to your browsing history and is a minor privacy, rather than security issue. I'm of the opinion that if they scare you half to death about these minor irritations you feel they are doing a valuable job. SAS is good enough in its own right not to have to make a big deal out of cookies.
So if the only thing you have to wory about are tracking cookies, you have little to worry about.
Edit: I see nothing obvious in your log.
-
I agree with DavidR about the tracking cookies, they don't really mean a whole lot. The only reason I include them in the scan, is when you quaratine everything found, they are gone. There are other ways of removing them, but if you are doing a scan, why not get rid of them at the same time?
Your HJT log looks fine. If you want to look deeper we can.
Open the Folder Options in the Control Panel. On the View tab make sure Show Hidden Files and Folders is checked and Hide Protected Operating System Files and hide known file extentions are not checked. Click OK.
Please download Deckard's System Scanner (DSS) (http://www.techsupportforum.com/sectools/Deckard/dss.exe) and save it to your Desktop.- Close all other windows before proceeding.
- Double-click on dss.exe and follow the prompts.
- When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
edit to add: are you still having problems with unknown mail being sent?
-
Hi DavidR, Hi Oldman,
I think all is right now... Computer is a few faster, and i have not see yet any bad output mail.
Computer is securised with Avast!, SuperAntiSpyware, Spyware Doctor (pc tools) and Commodo Firewall !!!
Here is then dss report :
DSS report in Attach (too long for include in this post...).
For me, for now, all is right.
Great job for you 2, great THANK YOU !
-
Your welcome, I'm just glad that things are (fingers crossed) back to normal.
-
Hi
Check these files at www.virustotal.com
C:\WINDOWS\system32\dmxysyyx.dll
C:\WINDOWS\system32\dmxttwys.dll
C:\WINDOWS\system32\dmxrrwwy.dll
I couldn't find anything on them. Please post the results.
-
About JAVA
Never really used it myself before, I mean theres the JAVA engine that comes with IE but as for runtime environments, according to some test on SUN`s webpage, I don't even have one. Is JAVA used in many programs which you may or may not really notice ? And may cause some programs to not run as well as they are able to if no JAVA is detected ? For example, I noticed the people who run Spyware Blaster are called JAVAiscool..
-
JAVA doesn't come with IE, you may be confused with JavaScript, which is something completely different.
There used to be MS JAVA Virtual Machine (no longer available) and Sun's JAVA Runtime Environment.
The issue is if you do use JAVA that you keep it up to date.
-
Hi oldman,
For me, all problems are out !
Folow your request, here is then result for the 3 files you need :
Fichier dmxysyyx.dll reçu le 2007.11.20 17:16:20 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.20.1 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5311 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5166 2007.11.19 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 archive damaged
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.20 -
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.134 2007.11.19 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Information additionnelle
File size: 1610455 bytes
MD5: 1963967d22f82acc4dd9d586cafc67ed
SHA1: 972ac2758d29798d8b69f9c05805da6e460e3457
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.20.1 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5311 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5166 2007.11.19 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 archive damaged
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.20 -
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.134 2007.11.19 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Information additionnelle
File size: 1610455 bytes
MD5: 1963967d22f82acc4dd9d586cafc67ed
SHA1: 972ac2758d29798d8b69f9c05805da6e460e3457
Fichier dmxttwys.dll reçu le 2007.11.20 19:14:59 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.21.0 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5311 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5166 2007.11.19 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 archive damaged
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.20 -
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.134 2007.11.19 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Information additionnelle
File size: 1610455 bytes
MD5: 43cb1853245239dbe760b26980fc2bc2
SHA1: 48c5bdee6d8d8284a6565b5d16508c1469f57b65
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.21.0 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5311 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5166 2007.11.19 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 archive damaged
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.20 -
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.134 2007.11.19 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Information additionnelle
File size: 1610455 bytes
MD5: 43cb1853245239dbe760b26980fc2bc2
SHA1: 48c5bdee6d8d8284a6565b5d16508c1469f57b65
Fichier dmxrrwwy.dll reçu le 2007.11.20 19:54:34 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2007.11.21.0 2007.11.20 -
AntiVir 7.6.0.34 2007.11.20 -
Authentium 4.93.8 2007.11.20 -
Avast 4.7.1074.0 2007.11.20 -
AVG 7.5.0.503 2007.11.20 -
BitDefender 7.2 2007.11.20 -
CAT-QuickHeal 9.00 2007.11.20 -
ClamAV 0.91.2 2007.11.20 -
DrWeb 4.44.0.09170 2007.11.20 -
eSafe 7.0.15.0 2007.11.14 -
eTrust-Vet 31.3.5311 2007.11.20 -
Ewido 4.0 2007.11.20 -
FileAdvisor 1 2007.11.20 -
Fortinet 3.11.0.0 2007.11.20 -
F-Prot 4.4.2.54 2007.11.19 -
F-Secure 6.70.13030.0 2007.11.20 -
Ikarus T3.1.1.12 2007.11.20 -
Kaspersky 7.0.0.125 2007.11.20 -
McAfee 5167 2007.11.20 -
Microsoft 1.3007 2007.11.20 -
NOD32v2 2673 2007.11.20 archive damaged
Norman 5.80.02 2007.11.20 -
Panda 9.0.0.4 2007.11.20 -
Prevx1 V2 2007.11.20 -
Rising 20.19.10.00 2007.11.20 -
Sophos 4.23.0 2007.11.20 -
Sunbelt 2.2.907.0 2007.11.20 -
Symantec 10 2007.11.20 -
TheHacker 6.2.9.134 2007.11.19 -
VBA32 3.12.2.5 2007.11.20 -
VirusBuster 4.3.26:9 2007.11.20 -
Webwasher-Gateway 6.0.1 2007.11.20 -
Information additionnelle
File size: 1610455 bytes
MD5: d25f2b832a4db81a5e60b36720dcc3d8
SHA1: 17b5b4c17e2e4d39a7bb38431e4cff026868beea
Is it ok for you ??
Thank
-
JAVA doesn't come with IE, you may be confused with JavaScript, which is something completely different.
Oh thats what it is, ok so is there any need to use the JAVA runtime environment for anything like media players or something similar to the Adobe Flash player ?
-
For the most part you can live without JAVA it isn't essential and for a long time that is what I did, there was nothing that I needed JAVA to view/do.
However, there are a few things that do require JAVA that I use now, so I have it installed. One of these is an on-line scan by Trend Micro it has an option to use JAVA to do the scanning rather than activeX (which requires you to use IE). Another is the Secunia Software Inspector http://secunia.com/software_inspector/ (http://secunia.com/software_inspector/).
-
@ermite67
Ok, the files just had unusal names and where all the same size. Just my curious naature I guess.
It looks like you are good to go.
Happy surfing.
-
For the most part you can live without JAVA it isn't essential and for a long time that is what I did, there was nothing that I needed JAVA to view/do.
However, there are a few things that do require JAVA that I use now, so I have it installed. One of these is an aniline scan by Trend Micro it has an option to use JAVA to do the scanning rather than activeX (which requires you to use IE). Another is the Secunia Software Inspector http://secunia.com/software_inspector/.
Thanks for insight, I understand it a little better now
-
Your welcome.