J-P
HJT Log
Logfile of HijackThis v1.99.1
Scan saved at 10:54:55 AM, on 1/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SMPClient.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\AOL\1126648333\ee\AOLSoftware.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
C:\WINDOWS\$NtUninstallKB896428$\ciwisi.exe
C:\Program Files\eFax Messenger 4.0\J2GTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Handspring\HOTSYNC.EXE
c:\program files\common files\aol\1126648333\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1126648333\ee\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\JohnP\My Documents\talking\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com...DT/0409/bl8.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com...DT/0409/bl8.asp
O2 - BHO: 0 - {033D9AD7-9550-49B7-40A0-03FA66764561} - C:\Program Files\Common Files\qubap.dll (file missing)
O2 - BHO: (no name) - {D640E03F-DE59-4085-8009-76F0AB922BB5} - C:\Program Files\Internet Explorer\mepovyfuq.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [SMPClient] C:\WINDOWS\SMPClient.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1126648333\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\6.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [gbwhqfd.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\gbwhqfd.dll,oymljaf
O4 - HKLM\..\Run: [ciwisi] C:\WINDOWS\$NtUninstallKB896428$\ciwisi.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [RIMDeviceManager] "C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Handspring\HOTSYNC.EXE
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: eFax DllCmd 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 4.0.lnk = C:\Program Files\eFax Messenger 4.0\J2GTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZNxdm006BAUS
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.contentdiscount.info
O15 - Trusted Zone: www.extremeaccess.info
O16 - DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} (Mines Control) - http://www.worldwinn...mines/mines.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/...UI.cab46479.cab
O16 - DPF: {156BF4B7-AE3A-4365-BD88-95A75AF8F09D} (HPSDDX Class) - http://www.hp.com/cp...ddObjSigned.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinn...GamesLoader.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O16 - DPF: {1D95A7C7-3282-4DB7-9A48-7C39CE152A19} (TeamOn Import Object) - https://myemail.t-mo...ls/TOImport.cab
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} (Brickout Control) - http://www.worldwinn...ut/brickout.cab
O16 - DPF: {3269A168-A467-4236-9D77-FF36D8DFB20F} - https://bis.t-mobile...M-PwpClient.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://www.worldwinn...8/pool/pool.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildt...iveLauncher.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/...dy.cab32846.cab
O16 - DPF: {405BBF5B-2FD8-4614-AC51-D8566F635B94} (SafeWallet Class) - http://idsm.citadelp...s/WalletCab.CAB
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp...ads/sysinfo.cab
O16 - DPF: {50D05FAC-D462-4795-8818-738FCF776FBC} - https://myemail.t-mo...e-PwpClient.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/...at.cab32846.cab
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} (BJA Control) - http://www.worldwinn...ck/bjattack.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinn...d/bejeweled.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1137690977525
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://www.worldwinn...ll/freecell.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1169131960226
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave...mjolauncher.cab
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://ipgweb.cce.hp...oads/msxml4.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinn...ed/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinn...v45/sol/sol.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/...he.cab51411.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.micro...n6/dlhelper.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://www.worldwinn...man/hangman.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn...ro.cab53083.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/...xy.cab41227.cab
O16 - DPF: {E12EB891-D000-421B-A8ED-EDE1BDCA14A0} (GolfSol Control) - http://www.worldwinn...sol/golfsol.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinn...es/wwspades.cab
O16 - DPF: {FAE74270-E5EE-49C3-B816-EA8B4D55F38F} (H2hPool Control) - http://www.worldwinn...ool/h2hpool.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sslicny.loc
O17 - HKLM\Software\..\Telephony: DomainName = sslicny.loc
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sslicny.loc
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = sslicny.loc
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Client IP-IPX - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e mc-110-12-0000501 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
PANDA LOG
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:19:39 PM 1/30/2007
+ Scan result:
HKU\S-1-5-21-130484306-7502519-305008010-3654\CLSID\{020B1227-417D-4682-9AC3-61F43CB5B6B1} -> Adware.Generic : No action taken.
HKU\S-1-5-21-130484306-7502519-305008010-3654\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} -> Adware.Generic : No action taken.
HKU\S-1-5-21-130484306-7502519-305008010-3654\CLSID\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF} -> Adware.MyTool : No action taken.
C:\Program Files\NewDotNet -> Adware.NewDotNet : No action taken.
C:\Program Files\NewDotNet\newdotnet7_48.dll -> Adware.NewDotNet : No action taken.
C:\Program Files\WorldWinner.com\WorldWinner\Hangman\NNSKYA638.exe -> Adware.NewDotNet : No action taken.
C:\WINDOWS\NDNuninstall7_48.exe -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink.1 -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CLSID -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Classes\Tldctl2.URLLink\CurVer -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\New.net Startup -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net -> Adware.NewDotNet : No action taken.
HKLM\SOFTWARE\New.net -> Adware.NewDotNet : No action taken.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-21-130484306-7502519-305008010-3654\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : No action taken.
HKU\S-1-5-21-130484306-7502519-305008010-3654\Software\New.net -> Adware.NewDotNet : No action taken.
C:\Program Files\Common Files\{345B6F9C-095F-1033-0509-030204200001}\Bar888.dll -> Adware.Softomate : No action taken.
C:\Program Files\Common Files\{445B6F9C-095F-1033-0509-030204200001}\Update.exe -> Adware.Softomate : No action taken.
C:\Program Files\Common Files\{445B6F9C-095F-1033-0509-030204200001}\system.dll -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-18\Dc1\system.dll -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-18\Dc2\Update.exe -> Adware.Softomate : No action taken.
C:\RECYCLER\S-1-5-18\Dc2\system.dll -> Adware.Softomate : No action taken.
HKU\S-1-5-21-130484306-7502519-305008010-3654\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4} -> Adware.WinAntiVirus : No action taken.
C:\WINDOWS\lcass.exe -> Downloader.Small : No action taken.
C:\tskmgr.exe -> Dropper.Agent.bbp : No action taken.
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\winsys.exe.Vir -> Hijacker.Small.kj : No action taken.
C:\WINDOWS\17617818259.exe -> Hijacker.Small.kj : No action taken.
C:\WINDOWS\svhost.dll -> Hijacker.Small.kj : No action taken.
C:\System Volume Information\_restore{4617D869-6DFF-4342-BE3F-6D5D37A05BC1}\RP985\A0119336.exe -> Hijacker.VB.is : No action taken.
C:\WINDOWS\$NtUninstallKB896424$\beve.exe -> Hijacker.VB.is : No action taken.
C:\fakefmt.exe -> Not-A-Virus.BadJoke.Win32.FakeFormat.105 : No action taken.
C:\Documents and Settings\JohnP\Application Data\winantiviruspro2006freeinstall[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@adrevolver[2].txt -> TrackingCookie.Adrevolver : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@casalemedia[1].txt -> TrackingCookie.Casalemedia : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.Epilot : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@revenue[2].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@statcounter[1].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.Top-banners : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\JohnP\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\JohnP\Cookies\johnp@zedo[2].txt -> TrackingCookie.Zedo : No action taken.
C:\WINDOWS\system32\out.dll -> Trojan.Agent.adl : No action taken.
C:\WINDOWS\winlog.exe -> Trojan.LdPinch.bdf : No action taken.
C:\hqkvrqo.exe -> Trojan.ProcKill.DJ : No action taken.
C:\iffpcnv.exe -> Trojan.ProcKill.DJ : No action taken.
C:\qmapfyw.exe -> Trojan.ProcKill.DJ : No action taken.
C:\ygtybkb.exe -> Trojan.ProcKill.DJ : No action taken.
C:\WINDOWS\system32\msmapi32.exe.vir -> Trojan.VB.atw : No action taken.
C:\WINDOWS\system32\msmapi32.exe.vir1 -> Trojan.VB.atw : No action taken.
C:\WINDOWS\system32\msmapi32.exe.vir2 -> Trojan.VB.atw : No action taken.
C:\Documents and Settings\JohnP\Shared\Madonna - Hung Up (Promo CD 2005).zip/Setup.exe -> Worm.VB.an : No action taken.
::Report end
Edited by JOHN-PATRICK, 31 January 2007 - 10:12 AM.