Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

heeeeeeeeeeeeeeelp [CLOSED]


  • This topic is locked This topic is locked

#1
Ebelin

Ebelin

    New Member

  • Member
  • Pip
  • 2 posts
norton has identified the virus w32.gaobot.wo and has quarenteed the file, but my computer is still acting funny. do i still the virus?

Logfile of HijackThis v1.97.7
Scan saved at 8:34:39 AM, on 4/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\Ebelin\My Documents\hijackthis\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.emachines.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM95\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.4.5.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: WeatherBug (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.emachines.com
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot4_x.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...ry/msgrchkr.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weat...Transporter.cab?
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...s/yinst0401.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldw...ared/dephlp.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://mirror.worldw...ll/freecell.cab
O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://mirror.worldw...be/wordcube.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...StatsClient.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gatew...rvest/gwCID.CAB
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.c.../ymmapi_416.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg...ol_v1-0-3-0.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw10fd.law10....ex/HMAtchmt.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/p...t/msnchat45.cab
  • 0

Advertisements


#2
Ebelin

Ebelin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
i did an adware search and this is what i got

avasoft Ad-aware Personal Build 6.181
Logfile created on :Thursday, April 22, 2004 3:12:11 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R298 20.04.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file


4-22-2004 3:12:11 PM - Scan started. (Smart mode)

Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 4-22-2004 6:36:55 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:36:57 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:36:58 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:31 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:36:58 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:07 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:36:59 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:37 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 4-22-2004 6:36:59 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:37 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:7 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 296 KB
FileVersion : 8.16
ProductVersion : 8.16
Copyright : © 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
OriginalFilename : LexBceS.exe
ProductName : MarkVision for Windows (32 bit)
Created on : 4/7/2003 8:55:20 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/7/2003 8:55:20 PM

#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:36 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:9 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 170 KB
FileVersion : 8.16
ProductVersion : 8.16
Copyright : © 1993 - 2003 Lexmark International, Inc.
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
OriginalFilename : LEXPPS.EXE
ProductName : MarkVision for Windows (32 bit)
Created on : 4/7/2003 8:51:48 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/7/2003 8:51:48 PM

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
Copyright : Copyright
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
OriginalFilename : DefWatch.exe
ProductName : Norton AntiVirus
Created on : 4/26/2003 5:19:36 AM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/26/2003 5:19:36 AM

#:11 [rtvscan.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 596 KB
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
Copyright : Copyright © Symantec Corporation 1991-2003
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
ProductName : Symantec AntiVirus
Created on : 4/26/2003 5:24:08 AM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/26/2003 5:24:08 AM

#:12 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 2/11/2003 7:29:37 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 8/29/2002 12:00:00 PM

#:13 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 4-22-2004 6:37:03 PM
BasePriority : Normal
FileSize : 64 KB
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
Copyright : Copyright
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
OriginalFilename : WanMPSvc.exe
ProductName : America Online
Created on : 12/17/2003 8:39:44 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 10/15/2002 8:37:50 PM

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 4-22-2004 6:37:11 PM
BasePriority : Normal
FileSize : 973 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 5/12/2003 2:12:10 AM
Last accessed : 4/22/2004 6:37:12 PM
Last modified : 5/12/2003 2:12:10 AM

#:15 [mhotkey.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 4-22-2004 6:37:15 PM
BasePriority : Normal
FileSize : 466 KB
FileVersion : 2, 2, 2, 0
ProductVersion : 2, 2, 2, 0
Copyright : Copyright © 2001 Chicony
CompanyName : Chicony
FileDescription : Chicony Multimedia Driver
InternalName : Multimedia Hotkey Driver
OriginalFilename : mHotkey.res
ProductName : Chicony Multimedia Driver
Created on : 2/13/2003 10:30:39 PM
Last accessed : 4/22/2004 6:37:15 PM
Last modified : 7/23/2002 7:09:48 PM

#:16 [dlbkbmgr.exe]
FilePath : C:\Program Files\Dell AIO Printer A920\
ThreadCreationTime : 4-22-2004 6:37:15 PM
BasePriority : Normal
FileSize : 264 KB
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
CompanyName : Dell Computer Corporation
FileDescription : Dell AIO Printer A920Button Manager
InternalName : dlbkbmgr.exe
OriginalFilename : dlbkbmgr.exe
ProductName : Button Manager Executable
Created on : 4/10/2003 11:52:38 AM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/10/2003 11:52:38 AM

#:17 [dlbkbmon.exe]
FilePath : C:\Program Files\Dell AIO Printer A920\
ThreadCreationTime : 4-22-2004 6:37:16 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
CompanyName : Dell Computer Corporation
FileDescription : Dell AIO Printer A920Button Monitor
InternalName : dlbkbmon.exe
OriginalFilename : dlbkbmon.exe
ProductName : Button Monitor Executable
Created on : 4/10/2003 12:10:14 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/10/2003 12:10:14 PM

#:18 [realtime.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 4-22-2004 6:37:16 PM
BasePriority : Normal
FileSize : 164 KB
FileVersion : 1.00
ProductVersion : 1.00
CompanyName : Dell
InternalName : realtime
OriginalFilename : realtime.exe
ProductName : realtime
Created on : 2/23/2004 8:12:32 PM
Last accessed : 4/22/2004 6:37:16 PM
Last modified : 3/16/2003 3:46:14 AM

#:19 [mmtask.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ThreadCreationTime : 4-22-2004 6:37:17 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
Copyright : TODO: © <Company name>. All rights reserved.
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
OriginalFilename : mmtask.exe
ProductName : TODO: <Product name>
Created on : 3/25/2004 8:10:44 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 1/26/2004 3:46:48 PM

#:20 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.4.2_04\bin\
ThreadCreationTime : 4-22-2004 6:37:17 PM
BasePriority : Normal
FileSize : 32 KB
Created on : 2/23/2068 3:44:46 AM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 2/23/2004 3:44:44 AM

#:21 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 4-22-2004 6:37:17 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 3,0,0,1918
ProductVersion : 7,0,0,1918
Copyright : Copyright 1999-2002, Intel Corporation
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
OriginalFilename : HKCMD.EXE
ProductName : Intel® Common User Interface
Created on : 2/13/2003 4:54:47 PM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 10/16/2002 7:05:58 AM

#:22 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ThreadCreationTime : 4-22-2004 6:37:17 PM
BasePriority : Normal
FileSize : 88 KB
FileVersion : 8.1.0.821
ProductVersion : 8.1.0.821
Copyright : Copyright © Symantec Corporation 1991-2003
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
ProductName : Symantec AntiVirus
Created on : 4/26/2003 5:18:18 AM
Last accessed : 4/22/2004 6:36:55 PM
Last modified : 4/26/2003 5:18:18 AM

#:23 [weather.exe]
FilePath : C:\Program Files\AWS\WeatherBug\
ThreadCreationTime : 4-22-2004 6:37:18 PM
BasePriority : Normal
FileSize : 808 KB
FileVersion : 5, 0, 0, 5
ProductVersion : 5, 0, 0, 5
Copyright : Copyright
CompanyName : AWS Convergence Technologies, Inc.
FileDescription : WeatherBug
InternalName : Desktop Weather
OriginalFilename : WeatherBug.exe
ProductName : AWS, Inc.WeatherBug
Created on : 10/20/2003 7:38:37 PM
Last accessed : 4/22/2004 6:37:57 PM
Last modified : 4/25/2003 6:38:08 PM

#:24 [aim.exe]
FilePath : C:\Program Files\AIM95\
ThreadCreationTime : 4-22-2004 6:37:19 PM
BasePriority : Normal
FileSize : 60 KB
FileVersion : 5.1.3036
ProductVersion : 5.1.3036
Copyright : Copyright
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
OriginalFilename : AIM.EXE
ProductName : AOL Instant Messenger
Created on : 3/2/2004 12:14:57 AM
Last accessed : 4/22/2004 6:37:19 PM
Last modified : 11/14/2002 12:50:20 AM

#:25 [bigfix.exe]
FilePath : C:\Program Files\BigFix\
ThreadCreationTime : 4-22-2004 6:37:21 PM
BasePriority : Normal
FileSize : 1701 KB
FileVersion : 1, 7, 6, 0
ProductVersion : 1, 7, 6, 0
Copyright : Copyright
CompanyName : BigFix Inc.
FileDescription : BigFix Client Application
InternalName : BigFix
OriginalFilename : BigFix.exe
ProductName : BigFix
Created on : 10/26/2003 4:25:19 PM
Last accessed : 4/22/2004 6:37:22 PM
Last modified : 7/31/2002 3:22:26 PM

#:26 [wmplayer.exe]
FilePath : C:\Program Files\Windows Media Player\
ThreadCreationTime : 4-22-2004 6:44:15 PM
BasePriority : Normal
FileSize : 72 KB
FileVersion : 9.00.00.2980
ProductVersion : 9.00.00.2980
Copyright : © Microsoft Corporation. All rights reserved.
CompanyName : Microsoft Corporation
FileDescription : Windows Media Player
InternalName : WMPLAYER.EXE
OriginalFilename : WMPLAYER.EXE
ProductName : Microsoft® Windows Media Player
Created on : 1/28/2004 4:52:25 AM
Last accessed : 4/22/2004 7:08:22 PM
Last modified : 12/11/2002 10:27:32 PM

#:27 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 4-22-2004 6:50:13 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 2/11/2003 8:44:17 PM
Last accessed : 4/22/2004 6:50:13 PM
Last modified : 8/29/2002 12:00:00 PM

#:28 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 4-22-2004 6:57:56 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 4/14/2004 10:17:55 PM
Last accessed : 4/22/2004 7:01:42 PM
Last modified : 7/13/2003 2:00:20 AM

Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Tracking Cookie Object recognized!
Type : File
Data : ebelin@advertising[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/22/2004 6:32:12 PM
Last accessed : 4/22/2004 6:32:13 PM
Last modified : 4/22/2004 6:32:13 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@atdmt[2].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 4:06:01 PM
Last accessed : 4/22/2004 6:32:12 PM
Last modified : 4/20/2004 4:06:01 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@bluestreak[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 4:12:20 PM
Last accessed : 4/22/2004 7:15:37 PM
Last modified : 4/20/2004 4:12:20 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@centrport[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 4:22:38 PM
Last accessed : 4/22/2004 7:15:37 PM
Last modified : 4/20/2004 4:22:38 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@doubleclick[2].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 4:06:28 PM
Last accessed : 4/22/2004 6:37:23 PM
Last modified : 4/20/2004 4:06:37 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@edge.ru4[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\
FileSize : 1 KB
Created on : 4/22/2004 6:32:16 PM
Last accessed : 4/22/2004 6:32:16 PM
Last modified : 4/22/2004 6:32:16 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@fastclick[2].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/22/2004 12:54:42 AM
Last accessed : 4/22/2004 7:15:39 PM
Last modified : 4/22/2004 12:54:42 AM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@mediaplex[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 4:22:38 PM
Last accessed : 4/22/2004 7:15:41 PM
Last modified : 4/20/2004 4:22:38 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@qksrv[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/21/2004 11:21:20 PM
Last accessed : 4/22/2004 7:15:43 PM
Last modified : 4/21/2004 11:21:20 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@questionmarket[2].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/21/2004 12:37:03 PM
Last accessed : 4/22/2004 7:15:43 PM
Last modified : 4/21/2004 12:37:03 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@realmedia[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/22/2004 6:34:10 PM
Last accessed : 4/22/2004 6:34:20 PM
Last modified : 4/22/2004 6:34:20 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@s111319[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/20/2004 1:06:51 PM
Last accessed : 4/22/2004 7:15:44 PM
Last modified : 4/20/2004 1:06:51 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@servedby.advertising[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\
FileSize : 2 KB
Created on : 4/22/2004 6:34:00 PM
Last accessed : 4/22/2004 6:34:10 PM
Last modified : 4/22/2004 6:34:10 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@tmpad[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/21/2004 5:10:59 PM
Last accessed : 4/22/2004 7:15:45 PM
Last modified : 4/21/2004 5:10:59 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@trafficmp[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\
FileSize : 1 KB
Created on : 4/22/2004 4:54:31 AM
Last accessed : 4/22/2004 6:34:06 PM
Last modified : 4/22/2004 6:34:06 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@valueclick[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/22/2004 5:18:27 AM
Last accessed : 4/22/2004 7:15:45 PM
Last modified : 4/22/2004 5:18:27 AM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@z1.adserver[1].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/21/2004 12:09:18 AM
Last accessed : 4/22/2004 6:34:30 PM
Last modified : 4/22/2004 6:34:30 PM



Tracking Cookie Object recognized!
Type : File
Data : ebelin@zedo[2].txt
Object : C:\Documents and Settings\Ebelin\Cookies\

Created on : 4/21/2004 3:40:22 AM
Last accessed : 4/22/2004 7:15:55 PM
Last modified : 4/21/2004 3:40:22 AM


ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ


Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ


Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Hosts file scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
1 entries scanned.
New objects :0
Objects found so far: 18




Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 18


3:17:37 PM Scan complete

Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00:05:25:671
Objects scanned :45237
Objects identified :18
Objects ignored :0
New objects :18
  • 0

#3
ditto

ditto

    - i pwn n00bs -

  • Member
  • PipPipPipPip
  • 1,260 posts
Hey,

I didnt see much, but I do know that certain versions of BearShare contain spyware. So you may want to uninstall that program.


ditto
  • 0

#4
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts
How is your computer acting funny?

Your logs are clean, and you don't show any signs of being infected by w32.gaobot.wo or any other virus (or spyware) <_<
  • 0

#5
Kat

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP