| View previous topic :: View next topic |
| Author |
Message |
Yair_Tzikinovski
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
 Posted: Fri Feb 15, 2008 8:57 am Post subject: MaxPlore - A brand new tool |
|
|
Hello,
I have developed a new tool called MaxPlore.
It is very similar to Hijackthis (which is a great tool itself), it scans the system for the running processes, startup entries, homepage and hosts file. (if you have any more ideas, just tell me)
After scanning it displays a detailed logfile, here's mine:
| Code: | Logfile of MaxPlore v1.0 pre 1015 - ran under Microsoft Windows XP Service Pack 2
MaxPlore System Scanner ran at 2/15/2008 10:15:54 AM
==================================================================
Running processes:
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Admin\Desktop\MaxPlore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Winamp\winamp.exe
Startup entries:
HKCU: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
HKLM: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM: [nwiz] nwiz.exe /install
HKLM: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
HKLM: [RTHDCPL] RTHDCPL.EXE
HKLM: [Alcmtr] ALCMTR.EXE
HKLM: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
HKLM: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
HKLM: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
HKLM: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Security Suite Pro\feedback.exe" /dump:os_startup
HKLM: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Common startup: [desktop.ini] C:\Documents and Settings\Admin\Start Menu\Programs\Startup\desktop.ini
Home page:
about:blank
Search page:
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Hosts file:
127.0.0.1 localhost |
MaxPlore also comes with a System Commander which is a small yet powerful consule-tool that can give you control over your PC. It can kill processes, remove files, delete registry keys (be careful!) and more. You can use simple commands using the command line, or you can load a commands script which can contain multiple commands.
Here's an example of a commands script:
| Code: |
# This line is a comment, use # in the first line to use comments
process kill notepad
# This command will kill all the proccesses named notepad
file delete C:\file.txt
# This command will delete the file c:\file.txt
registry delete HKLM\abc\test
# This command will delete the registry key HKEY_LOCAL_MACHINE\abc\test and all it's child subkeys
/about
# Display about
|
And another one:
| Code: |
# Removal of ProtectWin (Rogue security tool)
# Written by Yair Tzikinovski
process kill xpupdate
# Sometimes it might come as xpupdate[1]
process kill xpupdate[1]
file delete C:\WINDOWs\xpupdate.exe
|
Here are some screen-shots of MaxPlore:
Main Menu:
hxxp://img301.imageshack.us/my.php?image=43668167hf1.jpg
System Scanner:
hxxp://img301.imageshack.us/my.php?image=40504178cs5.jpgSystem Commander:
hxxp://img508.imageshack.us/my.php?image=76163941jb6.jpg
About:
hxxp://img508.imageshack.us/my.php?image=81676206es7.jpg
MaxPlore does not require any 3rd party software, it is fully portable and can be ran under any Windows NT operating system, Here's a screen-shot:
hxxp://img508.imageshack.us/my.php?image=cleanqt3.jpg
Download link:
hxxp://www.mediafire.com/?70sylszojon
What's in the ZIP?
MaxPlore.exe - Main application
MaxPlore.exe.md5 - An MD5 hash of the application
Links disabled by Moderator
|
|
| Back to top |
|
 |
PCBruiser
SRT Team Lead
Forums Admin
Joined: May 11, 2005
Posts: 11723
|
| Posted: Fri Feb 15, 2008 3:26 pm Post subject: |
|
|
Moved to Web Malware links for checking. Links disabled.
@Yair_Tzikinovski, we do not permit self-serving advertising. We consider that site spamming, and will delete posts like that, so keep that in mind. Secondly, we will always treat listing of unknown sites and file links as potential malware sites. Do not post live links like that.
_________________
Don't read? Can't learn!
|
|
| Back to top |
|
|
Yair_Tzikinovski
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Fri Feb 15, 2008 4:16 pm Post subject: |
|
|
I think you have misunderstood.
MaxPlore is not a malware, vice versa - it is a security tool to scan you system and give a full detailed log about it.
Secondly, You haven't read the whole post, if you think you'll might find any potential malware activity, you can do what-ever comes to your mind (aswell as suing me) - MaxPlore has been strictly tested before it got published.
-I'm waiting your analysis.
_________________
MaxPlore creator & developer.
|
|
| Back to top |
|
|
PCBruiser
SRT Team Lead
Forums Admin
Joined: May 11, 2005
Posts: 11723
|
|
| Back to top |
|
|
Yair_Tzikinovski
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Fri Feb 15, 2008 4:49 pm Post subject: |
|
|
You are welcome to test MaxPlore as much as you like, but when you'll finish, please move the thread back to it's place, thanks.
_________________
MaxPlore creator & developer.
|
|
| Back to top |
|
|
Yair_Tzikinovski
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Fri Feb 15, 2008 8:10 pm Post subject: |
|
|
I'm awaiting your reply.
_________________
MaxPlore creator & developer.
|
|
| Back to top |
|
|
Oldfrog
Special Response Team
Joined: Jun 27, 2004
Posts: 8576
Location: Deep in the Heart of Texas
|
| Posted: Tue Feb 19, 2008 9:39 pm Post subject: |
|
|
Well, Yair, while you are waiting would you mind answering a couple of honest questions?
1. Why would someone choose to run MaxPlore rather than another reporting tool? In other words, what makes your product better?
2. Is your product a reporting tool only or does it also have the capability of removing items that it finds if they are determined to be bad?
3. MaxPlore reports home page and search page. For which browsers does it do this?
4. The tool seems incomplete. Do you have plans to implement reporting for such things as BHOs, Toolbars, running services, LSP layers, forced proxies, etc, just to name a few?
_________________
 MS MVP Security 2006-2008
|
|
| Back to top |
|
|
MaxPlore
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Thu Feb 21, 2008 3:19 pm Post subject: |
|
|
Hello,
MaxPlore contains a control console called MaxPlore System Commander; you can use the System Commander to do different tasks - removing files, killing processes, etc.
The homepage reported in the MaxPlore System Scanner as IE's settings, as said before - MaxPlore is still in its early baby steps and is getting improved with every update.
I am not going to expose any future planning, but as I already said - MaxPlore is still in its early baby steps and is getting improved with every update.
|
|
| Back to top |
|
|
MaxPlore
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Sun Mar 09, 2008 3:45 pm Post subject: |
|
|
MaxPlore is now official.
http://www.maxplore.info - The latest version is at the download section, I ask any mod to check MaxPlore and move this topic back to it's place. While searching MaxPlore in google, this is the 3rd result. I please you to approve my software so this case of misunderstanding will be over because you are scaring away users who would like to you MaxPlore.
Thanks,
Yair Tzikinovsky
MaxPlore
|
|
| Back to top |
|
|
maliciousbrains
Sergeant
Premium Member
Joined: Feb 23, 2008
Posts: 103
|
| Posted: Sun Mar 09, 2008 4:42 pm Post subject: |
|
|
@Yair Tzikinovsky
This is not a place for advertising your creation.
Do appreciate your endeavor to make an utility that may in some way turn out to be beneficial, but this is not the way you sud be doing it...
Once the tool is tested thoroughly and once it gets proper affiliation, then you can approach the mods to review the tool.
In some way, an untested application may harm the integrity of the users systems, and this by no way is acceptable here @CC
Hope, this clears your misunderstanding at least...
_________________
.:: Malicious Brains ::.
http://www.malwareinfo.org
http://blog.malwareinfo.org
http://forum.malwareinfo.org
There are no patches or service packs for ignorance!
|
|
| Back to top |
|
|
MaxPlore
Cadet
Joined: Feb 15, 2008
Posts: 4
Location: Israel
|
| Posted: Sun Mar 09, 2008 7:42 pm Post subject: |
|
|
Hello,
I understand the situation, but there is no reasonable reason that my software will be treated as malware, I ask any mod to check it and update the status because (as I said before) this thread is scaring users away from my software, and it's not a good way to start with your new product (I hope someone agrees with me).
I guess I started with the wrong foot when coming to CC, I hope my position will be cleared after resolving this issue.
Yair Tzikinovsky
MaxPlore
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
