This is the report log for AVG Anti-spyware.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 5:22:54 PM 11/8/2006
+ Scan result:
C:\Program Files\Common Files\{14F261BD-0BB0-1033-1221-051229050001}\Update.exe -> Adware.Softomate : No action taken.
C:\Program Files\Common Files\{14F261BD-0BB0-1033-1221-051229050001}\services.dll -> Adware.Softomate : No action taken.
C:\WINDOWS\system32\ishost.exe -> Downloader.Zlob.avb : No action taken.
C:\WINDOWS\system32\ismini.exe -> Downloader.Zlob.avb : No action taken.
:mozilla.117:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.60:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.61:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.62:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.118:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.128:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.93:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.94:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.95:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.96:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.82:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.101:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.149:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken.
:mozilla.17:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.28:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.29:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.30:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.31:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.32:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.103:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.126:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.23:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.51:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.52:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.53:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.54:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.55:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.56:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.57:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.58:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.59:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt -> TrackingCookie.Liveperson : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.65:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.66:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.67:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.38:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.39:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.40:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.83:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.84:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.85:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.86:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.89:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.90:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][2].txt -> TrackingCookie.Tracking101 : No action taken.
:mozilla.130:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.131:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.132:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.133:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.134:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.135:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.136:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@trafficmp[2].txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.41:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Guest\Cookies\guest@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.42:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.43:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.44:C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Guest\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\WINDOWS\temp\win124.tmp.exe -> Trojan.Dialer.qs : No action taken.
C:\WINDOWS\temp\win1AE.tmp.exe -> Trojan.Dialer.qs : No action taken.
C:\System Volume Information\_restore{7420FD96-6C8F-4069-B959-922421B1340A}\RP499\A0190604.exe -> Worm.Krepper.c : No action taken.
C:\System Volume Information\_restore{7420FD96-6C8F-4069-B959-922421B1340A}\RP499\A0190605.exe -> Worm.Krepper.c : No action taken.
C:\System Volume Information\_restore{7420FD96-6C8F-4069-B959-922421B1340A}\RP499\A0190606.exe -> Worm.Krepper.c : No action taken.
C:\System Volume Information\_restore{7420FD96-6C8F-4069-B959-922421B1340A}\RP499\A0190607.exe -> Worm.Krepper.c : No action taken.
C:\System Volume Information\_restore{7420FD96-6C8F-4069-B959-922421B1340A}\RP499\A0190608.exe -> Worm.Krepper.c : No action taken.
::Report end
The following is the Panda ActiveScan Log.
Incident Status Location
Adware:Adware/Adservice Not disinfected C:\WINDOWS\system32\drvsev.dll
Adware:adware/pornmagpass Not disinfected c:\windows\system32\ishost.exe
Adware:adware/emediacodec Not disinfected Windows Registry
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\VundoFix\VundoFix\process.exe
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@888[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Don Juan\Cookies\don [email protected][1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@adultfriendfinder[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@atdmt[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@azjmp[2].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@clickbank[2].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Don Juan\Cookies\don [email protected][1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Don Juan\Cookies\don [email protected][1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Don Juan\Cookies\don juan@toplist[1].txt
Adware:Adware/Adservice Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temp\mst2B7.tmp
Adware:Adware/Adservice Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temp\win2B5.tmp.exe
Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temp\win2B8.tmp.exe
Possible Virus. Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temp\win2BA.tmp.exe
Adware:Adware/Adservice Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temporary Internet Files\Content.IE5\CHA7W12N\antzom[1].exe
Possible Virus. Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temporary Internet Files\Content.IE5\CLCDEFMN\l11[1].exe
Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Don Juan\Local Settings\Temporary Internet Files\Content.IE5\OTAJSD2R\mulbin32[1].exe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.revenue.net/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.go.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.2o7.net/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\q9kr20kv.default\cookies.txt[data.coremetrics.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Guest\Cookies\guest@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Guest\Cookies\guest@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Guest\Cookies\guest@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Guest\Cookies\guest@casalemedia[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Guest\Cookies\guest@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Guest\Cookies\guest@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Guest\Cookies\guest@realmedia[1].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Guest\Cookies\guest@revenue[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Guest\Cookies\guest@statcounter[1].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\Guest\Cookies\guest@tickle[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Guest\Cookies\guest@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Guest\Cookies\guest@tribalfusion[2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Guest\Cookies\guest@valueclick[1].txt
Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\{14F261BD-0BB0-1033-1221-051229050001}\services.dll
Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\{14F261BD-0BB0-1033-1221-051229050001}\Update.exe
The following is the HiJackThis Scan Log.
Logfile of HijackThis v1.99.1
Scan saved at 7:09:41 PM, on 11/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Lexmark 2300 Series\lxcgmon.exe
C:\Program Files\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\NETGEAR\WG111 Configuration Utility\WG111CFG.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Binnsware, Inc\KaBoom! Popup Blocker\IEAgent.exe
C:\Program Files\Binnsware, Inc\KaBoom! Popup Blocker\IEAgentSvc.exe
C:\Program Files\DAP\DAP.exe
C:\Documents and Settings\Don Juan\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {13CC1242-D483-91CC-E8E0-0590D8DD8ECE} - C:\WINDOWS\system32\epsyzbn.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {C004DEC2-2623-438e-9CA2-C9043AB28508} - (no file)
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvsev.dll,startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKLM\..\Run: [SpeedOptimizer] C:\PROGRA~1\SPEEDO~1\SPO.EXE -s
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: KaBoom! Popup Blocker.lnk = C:\Program Files\Binnsware, Inc\KaBoom! Popup Blocker\IEAgent.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Smart Wizard Wireless Settings.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1149528968921
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winhoq32 - C:\WINDOWS\SYSTEM32\winhoq32.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IEAgentSvc - Binns and Company Software, Inc. - C:\Program Files\Binnsware, Inc\KaBoom! Popup Blocker\IEAgentSvc.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
The following is the HiJackThis Uninstall log.
ABBYY FineReader 6.0 Sprint
Adobe Reader 7.0.8
APC PowerChute Personal Edition
Apple Software Update
ArcSoft Software Suite
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
ATI HYDRAVISION
ATI Problem Report Wizard
AVG Anti-Spyware 7.5
AVG Free Edition
Battle.net
BitComet 0.70
CH Control Manager
Diablo
Download Accelerator Plus (DAP)
Far Cry
Hotfix for Windows Media Format SDK (KB902344)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
IsoBuster 1.9.1
iTunes
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Lexmark 2300 Series
Lexmark Fax Solutions
LimeWire PRO 4.12.3
Macromedia Flash Player 8
Macromedia Shockwave Player
Mailinfo for Outlook Express
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Flight Simulator X
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft Visual C++ 2005 Redistributable
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 Parser and SDK
Nero 7 Demo
NETGEAR WG111 Software
NVIDIA Drivers
O&O Defrag Professional Edition
Panda ActiveScan
QuickTime
RealPlayer
Realtek AC'97 Audio
Registry Mechanic 5.0
Rhapsody Player Engine
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913433)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
SpeedOptimizer
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VIA Platform Device Manager
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Safety Scanner
Windows Live Sign-in Assistant
Windows Media Connect
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
ZoneAlarm Pro