Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
     
 
 Reply to this topicStart new topic
desktop Icons and Start button keep disappear
oferkn
post Jun 4 2008, 02:04 PM
Post #1


New Member
*
Posts: 1
OS: windows xp
My desktop Icons and Start button keep disappearing and reappearing , I have windows xp sp2 up to date nod32, used spyware doctor, regclean, and a few other free AV programs but no luck, have tried other advice and downloads from other forums and still no luck.
after i followed all required steps at "you must read this before posting hjt log"
the icon and start button works o.k
and panda detect virus
so please check all log files i copy, and if need more to do .
any help would be greatly appreciated.

Thanks for any help

Logfile of HijackThis v1.99.1
Scan saved at 15:27:13, on 05/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\spyware doctor\Spyware Doctor\pctsAuxs.exe
C:\Program Files\spyware doctor\Spyware Doctor\pctsSvc.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\WinZip E-Mail Companion\loadwzco.exe
C:\Program Files\spyware doctor\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ynet.co.il/home/0,7340,L-8,00.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: עוזר הכניסה של Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe Reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\spyware doctor\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\DOCUME~1\1F10~1\LOCALS~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware
O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1201715804007
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1201717922917
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\spyware doctor\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\spyware doctor\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe



Malwarebytes' Anti-Malware 1.14
Database version: 826

12:12:56 05/06/2008
mbam-log-6-5-2008 (12-12-56).txt

Scan type: Quick Scan
Objects scanned: 41558
Time elapsed: 6 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 8
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\vtUmLffD.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\opnnolmk.dll (Trojan.Vundo) -> Unloaded module successfully.

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{f08032f3-2223-47c2-9ee8-2f69cdfa9939} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f08032f3-2223-47c2-9ee8-2f69cdfa9939} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\CLSID\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\opnnolmk (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{129fa2a1-408c-4824-83a4-5001581fd01e} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtumlffd -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\vtUmLffD.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\opnnolmk.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\geBsrRjI.dll (Trojan.Vundo) -> Quarantined and deleted successfully.


SUPERAntiSpyware Scan Log
Generated 06/05/2008 at 01:13 PM

Application Version : 3.6.1000

Core Rules Database Version : 3475
Trace Rules Database Version: 1466

Scan type : Complete Scan
Total Scan Time : 00:39:24

Memory items scanned : 433
Memory threats detected : 0
Registry items scanned : 4423
Registry threats detected : 0
File items scanned : 31278
File threats detected : 1

Adware.Tracking Cookie
C:\Documents and Settings\עופר קנאפו\Cookies\עופר_קנאפו@a.total-media[1].txt



;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-06-05 14:59:01
PROTECTIONS: 1
MALWARE: 28
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
ESET NOD32 antivirus system 2.70 2.70 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\2.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\11.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\5.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\4.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\8.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\10-05-2008-19-19-07\3.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\30-04-2008-17-14-11\1.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\12.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\24-03-2008-11-26-53\2.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\6.qit
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\3.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\1.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\08-04-2008-11-17-02\0.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\3.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\5.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\10-05-2008-19-19-07\0.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\4.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-03-2008-15-19-52\1.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\8.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\2.qit
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\7.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\12.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\7.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\5.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-08-31-49\2.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\9.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\13.qit
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\24-03-2008-11-26-53\3.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\10-05-2008-19-19-07\6.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\6.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\23-05-2008-14-23-26\1.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\14.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\10.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\21-05-2008-11-52-45\3.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-05-2008-20-37-38\4.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\10.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\02-04-2008-21-32-56\4.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\24-03-2008-11-26-53\9.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\13-03-2008-08-56-09\0.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-05-2008-09-02-07\7.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\28.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\8.qit
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\9.qit
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\5.qit
00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\24.qit
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\11.qit
00145869 Cookie/SpyLog TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-05-2008-09-02-07\6.qit
00146967 Cookie/PayCounter TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\20.qit
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\True Sword 4\backuped\25\עופר_קנאפו@clickbank[2].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\9.qit
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\18.qit
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\8.qit
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\19.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\21-05-2008-11-52-45\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\25-03-2008-15-47-58\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-05-2008-20-37-38\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\1.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-03-2008-00-19-30\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\24-03-2008-11-26-53\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-05-2008-09-02-07\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-03-2008-15-19-52\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\30-04-2008-17-14-11\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-08-31-49\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\20-05-2008-08-25-10\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\02-04-2008-21-32-56\0.qit
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\0.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\4.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\6.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-08-31-49\1.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\6.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\2.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\18-05-2008-09-02-07\2.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\3.qit
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\True Sword 4\backuped\24\עופר_קנאפו@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Program Files\True Sword 4\backuped\40\עופר_קנאפו@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\24-03-2008-11-26-53\1.qit
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\10-05-2008-19-19-07\1.qit
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\10.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\9.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\7.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\5.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\16.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\13.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\08-04-2008-11-17-02\4.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\23.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\8.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\7.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\02-04-2008-21-32-56\3.qit
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-05-2008-20-37-38\3.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-05-2008-20-37-38\1.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\2.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\8.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\3.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\9.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\4.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\1.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\15-05-2008-22-44-51\6.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\4.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\02-04-2008-21-32-56\1.qit
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\08-04-2008-11-17-02\1.qit
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\26-05-2008-17-15-58\2.qit
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\11-04-2008-19-37-09\1.qit
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\True Sword 4\backuped\23\עופר_קנאפו@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\5.qit
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\5.qit
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\2.qit
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\03-05-2008-22-27-33\11.qit
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\6.qit
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\21.qit
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\14.qit
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\18.qit
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\16-03-2008-09-35-15\4.qit
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-04-2008-20-09-25\19.qit
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\14-03-2008-21-19-44\11.qit
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\31.qit
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\22-05-2008-20-37-38\5.qit
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\29-05-2008-13-54-39\10.qit
00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\15.qit
01176994 Bck/VB.XB Virus/Trojan No 0 No No C:\Documents and Settings\עופר קנאפו\שולחן העבודה\ComboFix.exe[327882R2FWJFW\NirCmdC.cfexe]
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\4.qit
02908816 Cookie/Starware TrackingCookie No 0 Yes No C:\Documents and Settings\עופר קנאפו\Application Data\SpywareStop\Quarantine\12-03-2008-19-55-55\14.qit
02962645 Application/SpywareStop HackTools No 0 Yes No C:\System Volume Information\_restore{517368AD-84F8-41FF-B640-34DC23FA7C6C}\RP90\A0125030.msi[unk_0023]
02962645 Application/SpywareStop HackTools No 0 Yes No C:\System Volume Information\_restore{517368AD-84F8-41FF-B640-34DC23FA7C6C}\RP66\A0015992.msi[unk_0031]
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location o
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description o
;===============================================================================
=================================================================================
===================
133387 MEDIUM MS06-065 o
;===============================================================================
=================================================================================
===================




This post has been edited by oferkn: Jun 5 2008, 06:35 AM
Go to the top of the page
 
+Quote Post
 

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 
RSS Time is now: 8th January 2009 - 01:34 AM
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Powered By IP.Board © 2009  IPS, Inc.