Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

pop up windows

Started by jmtele , Oct 13 2006 05:49 PM

  • Please log in to reply

#1
jmtele
Posted 13 October 2006 - 05:49 PM

jmtele

    Member

  • Member
  • PipPip
  • 26 posts
Hi please please please I need your help,
I have a problem with pop up, I must have installed something accidentally (can't remember) and since then the antivirus (norton2005) kept displaying Error 4002,516 plus I could not access to winXP firewall settings, Now the antivirus is ok, but I had to reinstall it ... also the firewall its ok too
I have followed all your steps from 1 to 5, as I said, it is a bit better, but still this annoying popups are there even now that I am writing :whistling: .
here it is the Hijack this log and at the end of the page the Ewido log.
Please :blink:

Logfile of HijackThis v1.99.1
Scan saved at 9:24:19 AM, on 10/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ABIT\ABIT uGuru\uGuru_Event_Receiver.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\TrojanHunter 4.6\THGuard.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Washer\washer.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\PCSuite\Services\NclBTHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GuruClock] C:\Program Files\ABIT\ABIT uGuru\GuruClock.exe
O4 - HKLM\..\Run: [ABIT uGuru] C:\Program Files\ABIT\ABIT uGuru\uGuru.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\spywarebot\SpywareBot.exe -boot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.6\THGuard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - HKCU\..\Run: [Washer] C:\Program Files\Washer\washer.exe /0
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jmtele.spaces...ad/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1158794667562
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: MSSYCLM - C:\WINDOWS\system32\irp0l57m1.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe



EWIDO LOG

---------------------------------------------------------
AVG Anti-Spyware - Scanning report
---------------------------------------------------------

+ Created at: 10:29:43 PM 10/13/2006

+ Scanning result:



C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001635.dll -> Adware.CommAd : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001648.exe -> Adware.CommAd : Ripulito con backup (in quarantena)
C:\Installer4.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000001.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000010.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000012.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000014.DLL -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000015.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000016.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000017.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000058.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000263.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000298.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000302.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000317.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000327.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000463.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000467.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000472.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000476.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000477.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000480.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000491.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000495.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0000538.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001540.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001552.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001556.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001561.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001565.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001570.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001574.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001580.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001584.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001637.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001641.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001653.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\behserv.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\cbrtcli.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\djnput8.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\jt8607lse.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\k8no0i53e8.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\kwdcan.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\mdcomput.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\mh3216.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\mvjsl9171.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\ommanage.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\sasbkup.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\WINDOWS\system32\sjbcsp.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\warebundlenewer.exe -> Adware.Look2Me : Ripulito con backup (in quarantena)
[692] C:\WINDOWS\system32\behserv.dll -> Adware.Look2Me : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000473.dll -> Adware.Softomate : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001546.dll -> Adware.Softomate : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001647.dll -> Adware.Softomate : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000002.dll -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000006.dll -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000011.exe/IUCMORE.DLL -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000011.exe/UCMTSAIE.DLL -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000011.exe/empty_00000001 -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000483.dll -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000484.dll -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\ucmoreiex.exe/IUCMORE.DLL -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\ucmoreiex.exe/UCMTSAIE.DLL -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\ucmoreiex.exe/empty_00000001 -> Adware.Ucmore : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0000526.exe/server.exe -> Backdoor.Bifrost : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001646.exe -> Downloader.Adload.gk : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000013.dll -> Downloader.Agent.awb : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000471.exe -> Downloader.Agent.azc : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000018.dll -> Downloader.Small : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP1\A0000470.exe -> Downloader.Small : Ripulito con backup (in quarantena)
C:\MTE3NDI6ODoxNg.exe -> Downloader.Small.buy : Ripulito con backup (in quarantena)
F:\Documents and Settings\All Users\Documents\Downoladed programs\CD_DVD softwares\virtual clone drive 5.1.1.1\Virtual CloneDrive 5.1.1.1 KeyGen.rar/Virtual CloneDrive 5.1.1.1 KeyGen\keygen.exe -> Dropper.Agent.xp : Ripulito con backup (in quarantena)
F:\Documents and Settings\Lina\Local Settings\Temporary Internet Files\Content.IE5\0123C5AB\popup[1].htm -> Hijacker.Agent.a : Ripulito con backup (in quarantena)
C:\WINDOWS\csrssr.exe -> Logger.Perfloger.l : Ripulito con backup (in quarantena)
C:\System Volume Information\_restore{E13C67C8-FCE2-44B4-A809-79469A2DFE21}\RP2\A0001649.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Ripulito con backup (in quarantena)
C:\WINDOWS\csrss.exe -> Not-A-Virus.Monitor.Win32.Perflogger.ad : Ripulito con backup (in quarantena)
C:\WINDOWS\csrsshk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.al : Ripulito con backup (in quarantena)
:mozilla.19:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.2o7 : Ripulito.
:mozilla.20:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.2o7 : Ripulito.
:mozilla.21:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.2o7 : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.2o7 : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ripulito.
C:\WINDOWS\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Ripulito.
F:\Documents and Settings\Lina\Cookies\lina@admarketplace[1].txt -> TrackingCookie.Admarketplace : Ripulito.
:mozilla.15:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.Atdmt : Ripulito.
F:\Documents and Settings\Lina\Cookies\lina@burstnet[1].txt -> TrackingCookie.Burstnet : Ripulito.
:mozilla.171:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Clickbank : Ripulito.
F:\Documents and Settings\Lina\Cookies\lina@com[1].txt -> TrackingCookie.Com : Ripulito.
C:\Documents and Settings\Max\Local Settings\Temp\Cookies\max@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ripulito.
C:\WINDOWS\Temp\Cookies\max@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ripulito.
:mozilla.114:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.12:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.140:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.149:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.170:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.53:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
:mozilla.87:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Esomniture : Ripulito.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.143:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.144:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.145:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.146:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.147:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.148:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.155:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.158:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.166:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.156:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.157:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.80:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][2].txt -> TrackingCookie.Overture : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Planetactive : Cleaned.
C:\Documents and Settings\Max\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\WINDOWS\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.
F:\Documents and Settings\Lina\Cookies\lina@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.86:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\ntcu8ge4.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
F:\Documents and Settings\Lina\Cookies\lina@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
F:\Documents and Settings\Max\Cookies\max@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.31:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.27:F:\Documents and Settings\Max\Application Data\Mozilla\Firefox\Profiles\opalj983.Max profile\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Max\Local Settings\Temp\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\Temp\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.
F:\Documents and Settings\Lina\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned.


::End of report

Thanks
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP