Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help removing darksma!


  • Please log in to reply

#1
lebana

lebana

    Member

  • Member
  • PipPip
  • 19 posts
My computer is infected with darksma and possibly other viruses, trojans. I tried using the Yahoo!- Anti Spy to remove it but all it does is detect it "remove" it and in less then 2 minutes it's there again. The pop-ups are extremely annoying. I get tons of them sometimes its so many that I can't do anything at all because they pop-up like one per second. I've also noticed that some of my links don't seem to work because the file is corrupted. In addition my computer is starting to slow down. I believe I got the virus when I downloaded a file. Well I really hope you can help me because I feel that it's gonna kill my computer. Thanks in advance!

Logfile of HijackThis v1.99.1
Scan saved at 2:03:03 PM, on 7/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\retadpu2000373.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinPop\winpop.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\Yahoo!\browser\ybrowser.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Yahoo!\YPSR\ypsr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {10a1fec9-6b18-45f9-8f80-e8492cfa2418} - C:\WINDOWS\system32\ltimntz.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\system32\ipv6mons.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmpA.tmp.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AutoRun] "E:\AUTORUN\AutoRun.exe" "/12"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu2000373.exe 61A847B5BBF72810329B385575FA01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310F3
1DC7E4638E8323A15806F97BDE4417E70CE7C0726B954E1C2832211359826033AAC
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - HKCU\..\Run: [EvidenceEraser] C:\Program Files\EvidenceEraser\EvidenceEraser.exe -boot
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://edits.mywebse...US_ZNxmk502DJUS
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\gebcccd.dll
O20 - Winlogon Notify: ltimntz - C:\WINDOWS\SYSTEM32\ltimntz.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE



Uninstalled List

56Kbps Internal Modem
Adobe Flash Player ActiveX
Adobe Reader 8.1.0
Adobe® Photoshop® Album Starter Edition 3.2
Apple Mobile Device Support
Apple Software Update
AT&T Yahoo! Applications
Audacity 1.2.6
AV Music Morpher Gold
BroadJump Client Foundation
Corel Paint Shop Pro Photo XI
Encore 4.5.5 DEMO
getPlus®_ocx
Hijackthis 1.99.1
HijackThis 1.99.1
hp instant support
HP Photo and Imaging 2.0 - All-in-One
HP Photo and Imaging 2.0 - All-in-One Drivers
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 8
LimeWire 4.12.6
Microsoft Office 2000 SR-1 Premium
Move Networks Player for Internet Explorer
MSN Messenger 7.5
MSN Toolbar
MSXML 4.0 SP2 (KB927978)
Multimedia Keyboard Driver Ver1.1
My Web Search (My Fun Cards)
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
OIN
Overture 3.6 Demo
Overture 4.0 ?????
Overture 4.0 Demo
PC Connectivity Solution
PowerDVD
QuickTime
Realtek AC'97 Audio
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
SBC Self Support Tool
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Viewpoint Media Player
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
Windows Driver Package - Nokia Modem (02/15/2007 3.1)
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Service Pack 2
WinRAR archiver
WinZip 11.1
Yahoo! Browser Services
  • 0

Advertisements


#2
Stamper19

Stamper19

    Expert

  • Expert
  • 1,992 posts
Hello lebana,

Welcome to Geeks to Go!

My name is Stamper19 and I will be helping you with your Malware problem. Please give me some time to look over your log. I will post back soon with instructions on how to proceed.
  • 0

#3
Stamper19

Stamper19

    Expert

  • Expert
  • 1,992 posts
Hi lebana,

Time for us to get to work. During the course of our interactions please be sure to follow all instructions carefully, and ask questions if you are unsure of how to proceed at any point. :whistling:

----------------------------------------------------------------

Download ComboFix from Here or Here to your Desktop.
  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall

----------------------------------------------------------------

Please download and run AVG Anti-Spyware.

First download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
----------------------------------------------------------------
Information to include in your next post:
  • ComboFix Log
  • AVG Anti-Spyware Log
  • Fresh HijackThis Log

  • 0

#4
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Sorry I took so long, but I couldn’t find the ComboFix Log till today and my computer was acting crazy and it didn’t let me do anything.
Ok I did everything you told me to do, but I don't know if the AVG Anti-Spyware Log is right because well I followed the instructions but when I clicked on the"Reports" icon it said that there were no reports available. So what I did was made sure that I had clicked on the automatically generate report after every scan and it was the way it was supposed to be. Then I decided I should try and do another scan. The second scan only had like 5 things in it that were of high risk, viruses and trojans. While the first one had like 100 and something results, most of which were cookies but their were also quite a few results of high risk which I am assuming are viruses or trojans. Then I clicked on the reports icon and what I believe to be the first scan report appeared though I'm not quite sure if it is it. However, the second scan report did not appear.

Here are the logs:


"Luis Dominguez" - 2007-07-29 17:32:13 [GMT -5:00] - ComboFix 07-07-24 - Service Pack 2 NTFS


(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\tutqpo.dll
C:\WINDOWS\system32\gebya.exe
C:\WINDOWS\opqtut.ini
C:\WINDOWS\system32\ltimntz.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp11.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp12.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp15.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp19.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp1B.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp20.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp22.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp24.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp2A.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp32.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp33.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp37.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp3A.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp3C.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp4.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp43.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp49.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp4A.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp4E.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp53.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp54.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp6.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp7.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp8.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmp9.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmpA.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmpB.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmpE.tmp.exe
C:\DOCUME~1\LUISDO~1\APPLIC~1\tmpF.tmp.exe
C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\PopSwatr\History\allowed
C:\Program Files\FunWebProducts\PopSwatr\History\notallow
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Cache06C3DF
C:\Program Files\MyWebSearch\bar\Cache0CCFD8.bin
C:\Program Files\MyWebSearch\bar\Cache0CD1AD.bin
C:\Program Files\MyWebSearch\bar\Cache4343BA.w
C:\Program Files\MyWebSearch\bar\Cache4347C1.bin
C:\Program Files\MyWebSearch\bar\Cache43481F.bin
C:\Program Files\MyWebSearch\bar\Cache4348AB.bin
C:\Program Files\MyWebSearch\bar\Cache81177C
C:\Program Files\MyWebSearch\bar\CacheEEF130.bin
C:\Program Files\MyWebSearch\bar\CacheEEF278.bin
C:\Program Files\MyWebSearch\bar\CacheEEF353.bin
C:\Program Files\MyWebSearch\bar\CacheEEF46C.bin
C:\Program Files\MyWebSearch\bar\CacheEEF508.bin
C:\Program Files\MyWebSearch\bar\Cache127C875
C:\Program Files\MyWebSearch\bar\Cache1EAD88E.bin
C:\Program Files\MyWebSearch\bar\Cache1EAD959.bin
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
C:\Program Files\MyWebSearch\bar\Settings\settings.dat
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
C:\Program Files\winpop
C:\Program Files\winpop\UnInstall.exe
C:\Program Files\winpop\winpop.exe
C:\WINDOWS\144.exe
C:\WINDOWS\b104.exe
C:\WINDOWS\b122.exe
C:\WINDOWS\b128.exe
C:\WINDOWS\b136.exe
C:\WINDOWS\retadpu2000373.exe
C:\WINDOWS\system32\f3PSSavr.scr
C:\WINDOWS\system32\tmp12.tmp.dll
C:\WINDOWS\system32\tmp15.tmp.dll
C:\WINDOWS\system32\tmp20.tmp.dll
C:\WINDOWS\system32\tmp6.tmp.dll
C:\WINDOWS\system32\tmp9.tmp.dll
C:\WINDOWS\system32\tmpA.tmp.dll
C:\WINDOWS\system32\tmpE.tmp.dll
C:\WINDOWS\system32\tmpF.tmp.dll
C:\WINDOWS\wr.txt


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\core


((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-29 )))))))))))))))))))))))))))))))


2007-07-29 17:05 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-29 13:02 131,787 --a------ C:\WINDOWS\geeffc.dll
2007-07-27 19:46 131,732 --a------ C:\WINDOWS\jkjhig.dll
2007-07-27 19:43 131,732 --a------ C:\WINDOWS\iihebx.dll
2007-07-27 19:37 131,732 --a------ C:\WINDOWS\yaayxu.dll
2007-07-27 19:34 131,732 --a------ C:\WINDOWS\byvutt.dll
2007-07-27 19:27 131,732 --a------ C:\WINDOWS\iihggf.dll
2007-07-27 19:18 131,732 --a------ C:\WINDOWS\khiiif.dll
2007-07-23 16:35 <DIR> d-------- C:\DOCUME~1\LUISDO~1\APPLIC~1\Corel
2007-07-22 12:46 26,787 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys
2007-07-22 12:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CA
2007-07-22 12:45 95,344 --a------ C:\WINDOWS\system32\ISafeIf.dll
2007-07-22 12:45 879,832 --a------ C:\WINDOWS\system32\drivers\VetEFile.sys
2007-07-22 12:45 86,016 --a------ C:\WINDOWS\system32\YPcservice.exe
2007-07-22 12:45 74,864 --a------ C:\WINDOWS\system32\VetRedir.dll
2007-07-22 12:45 74,864 --a------ C:\WINDOWS\system32\iSafProd.dll
2007-07-22 12:45 243,824 --a------ C:\WINDOWS\unicows.dll
2007-07-22 12:45 21,031 --a------ C:\WINDOWS\system32\drivers\Vet-Filt.sys
2007-07-22 12:45 15,735 --a------ C:\WINDOWS\system32\drivers\VetFDDNT.sys
2007-07-22 12:45 15,478 --a------ C:\WINDOWS\system32\drivers\Vet-Rec.sys
2007-07-22 12:45 131,072 --a------ C:\WINDOWS\system32\ypclsp.dll
2007-07-22 12:45 115,824 --a------ C:\WINDOWS\UnVet32.exe
2007-07-22 12:45 111,728 --a------ C:\WINDOWS\AVShlExt.dll
2007-07-22 12:45 108,360 --a------ C:\WINDOWS\system32\drivers\VetEBoot.sys
2007-07-22 12:45 <DIR> d-------- C:\Program Files\Common Files\Scanner
2007-07-20 23:07 <DIR> d-------- C:\DOCUME~1\LUISDO~1\APPLIC~1\Nokia Multimedia Player
2007-07-20 15:07 <DIR> d-------- C:\DOCUME~1\LUISDO~1\APPLIC~1\EvidenceEraser
2007-07-20 14:42 <DIR> d-------- C:\Program Files\LimeWire Turbo Accelerator
2007-07-20 14:42 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2007-07-03 17:15 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2007-07-03 17:15 <DIR> d-------- C:\Program Files\Common Files\Nokia
2007-07-02 20:33 <DIR> d-------- C:\Program Files\AV Music Morpher Gold
2007-07-02 17:44 <DIR> d-------- C:\Program Files\iPod
2007-07-02 17:40 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-07-02 17:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-07-01 15:31 3,997 --a------ C:\WINDOWStj232zg.exe
2007-07-01 15:02 <DIR> d-------- C:\Program Files\Overture 4.0 ?????
2007-07-01 14:47 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-07-01 14:47 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-07-01 14:47 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-07-01 14:47 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-07-01 14:47 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-07-01 14:47 5,632 --a------ C:\WINDOWS\system32\kbd103.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-22 17:45:33 -------- d-----w C:\Program Files\Yahoo!
2007-07-21 00:33:04 -------- d-----w C:\Program Files\Windows NT
2007-07-11 23:51:03 -------- d-----w C:\Program Files\GenieSoft
2007-07-03 22:15:37 -------- d-----w C:\Program Files\Nokia
2007-07-02 22:44:48 -------- d-----w C:\Program Files\iTunes
2007-07-01 16:02:39 -------- d-----w C:\Program Files\MySpace
2007-06-28 04:48:58 -------- d-----w C:\Program Files\MSXML 4.0
2007-06-27 02:48:30 -------- d-----w C:\Program Files\VSTPlugins
2007-06-27 02:48:30 -------- d-----w C:\DOCUME~1\LUISDO~1\APPLIC~1\GenieSoft
2007-06-26 22:58:47 -------- d-----w C:\Program Files\Common Files\Corel
2007-06-26 22:57:34 -------- d-----w C:\Program Files\Corel
2007-06-26 22:15:17 2,552,319 ----a-w C:\Program Files\e456m_patch.dmg
2007-06-24 22:24:25 -------- d-----w C:\Program Files\Encore DEMO
2007-06-22 22:21:13 -------- d-----w C:\DOCUME~1\LUISDO~1\APPLIC~1\WinRAR
2007-06-02 02:37:03 -------- d-----w C:\Program Files\Audacity
2007-06-01 01:23:39 -------- d-----w C:\Program Files\QuickTime
2007-05-31 00:30:56 -------- d-----w C:\DOCUME~1\LUISDO~1\APPLIC~1\Yahoo!
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6039E6C-BDE9-4de5-BB40-768CAA584FDC}]
C:\WINDOWS\system32\tmpA.tmp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2003-03-21 12:26 C:\WINDOWS\mHotkey.exe]
"AutoRun"="E:\AUTORUN\AutoRun.exe" []
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 05:23 C:\WINDOWS\SOUNDMAN.EXE]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2002-09-10 22:26]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [2003-12-09 15:02]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [2003-12-10 05:52]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 04:03]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"CaAvTray"="C:\Program Files\Yahoo!\Antivirus\CAVTray.exe" [2007-07-22 12:45]
"CAVRID"="C:\Program Files\Yahoo!\Antivirus\CAVRID.exe" [2007-07-22 12:45]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [2006-07-21 10:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-03-27 15:22]
"EvidenceEraser"="C:\Program Files\EvidenceEraser\EvidenceEraser.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\Documents and Settings\Luis Dominguez\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2006-08-22 10:45:55]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-09 19:21:38]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-09 19:11:12]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 03:15:54]
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [2006-01-05 20:45:04]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\windows\system32\gebcccd.dll

R3 ALCXSENS;Service for WDM 3D Audio Driver;C:\WINDOWS\system32\drivers\ALCXSENS.SYS
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\fetnd5.sys
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver;C:\WINDOWS\system32\drivers\msmpu401.sys
R3 Mtlmnt5;Mtlmnt5;C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
R3 Slntamr;SmartLink AMR_PCI Driver;C:\WINDOWS\system32\DRIVERS\slntamr.sys
R3 SlWdmSup;SlWdmSup;C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
S3 Mtlstrm;Mtlstrm;C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
S3 nmwcd;Nokia USB Phone Parent;C:\WINDOWS\system32\drivers\nmwcd.sys
S3 nmwcdc;Nokia USB Generic;C:\WINDOWS\system32\drivers\nmwcdc.sys
S3 nmwcdcj;Nokia USB Port;C:\WINDOWS\system32\drivers\nmwcdcj.sys
S3 nmwcdcm;Nokia USB Modem;C:\WINDOWS\system32\drivers\nmwcdcm.sys
S3 NtMtlFax;NtMtlFax;C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys
S3 RecAgent;recagent;\??\C:\WINDOWS\System32\DRIVERS\RecAgent.sys
S3 SlNtHal;SlNtHal;C:\WINDOWS\system32\DRIVERS\Slnthal.sys
S3 wanatw;WAN Miniport (ATW);C:\WINDOWS\system32\DRIVERS\wanatw4.sys


Contents of the 'Scheduled Tasks' folder
2007-07-18 00:41:02 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2006-07-04 04:24:10 C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1136940440.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-29 17:45:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-29 17:50:49 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-29 17:50

--- E O F ---

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:02:43 PM 7/29/2007

+ Scan result:



C:\QooBox\Quarantine\C\WINDOWS\system32\gebya.exe.vir -> Adware.Virtumonde : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034684.exe -> Adware.Virtumonde : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD.tmp -> Adware.YourSiteBar : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\GenieSoft Overture 4.02.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP402\A0034459.exe -> Downloader.Agent.auv : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034704.exe -> Downloader.Agent.auv : Cleaned.
D:\found.003\dir0007.chk\apellmart[4].htm -> Downloader.Psyme.a : Cleaned.
C:\QooBox\Quarantine\C\Program Files\Common Files\Yazzle1122OinAdmin.exe.vir -> Downloader.PurityScan.eh : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b128.exe.vir -> Downloader.PurityScan.eh : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034607.exe -> Downloader.PurityScan.eh : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034649.exe -> Downloader.PurityScan.eh : Cleaned.
D:\found.001\dir0069.chk\retro64_loader[2].dll -> Downloader.Small : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b104.exe.vir -> Downloader.Small.buy : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP403\A0034515.exe -> Downloader.Small.buy : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034647.exe -> Downloader.Small.buy : Cleaned.
C:\WINDOWStj232zg.exe -> Downloader.Tiny.fl : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b136.exe.vir -> Dropper.Agent.bfr : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034650.exe -> Dropper.Agent.bfr : Cleaned.
C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp4.tmp.exe.vir -> Dropper.Small : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP404\A0034561.exe -> Dropper.Small : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034624.exe -> Dropper.Small : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\GenieSoft Overture 4.02.zip/GenieSoft Overture 4.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\123 Flash Menu v2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\123 HTML Protector 2006 v.2.5.2.61127.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\1st Italian ExamCram v.4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\A-one DVD Creator v.4.22.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AIS Backup v2.40.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ASP.Net Maker ver.3.2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ASPMaker v6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Accepted 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ace Utilities v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Acoustica Premium Edition ver.4.00.353.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Active Desktop Calendar v7.16.070716.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AiO FLASH Mixer 3.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Amazon DVD Shrinker v.2.5.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AntiCutAndPaste v1.8.989.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AnyDVD v6.1.0.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Apple Shake v4.1 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Are We Done Yet 2007 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ashampoo Office 2006 v.1.20.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ask the Dust 2006 DVDrip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AssetManage 2007 v7.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Atani v4.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Atranex HotKey Wizard 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Audio Edit Magic ver.9.2.14.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Aurora MPEG To DVD Burner v5.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Awaken v3.0 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Babylon Pro v6.0.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Backup4all 3.7.246.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bar Code Pro 6.05 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Best SMTP Server 2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Beyond Good Evil.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bickford Shmecklers Cool Ideas 2006 LiMiTED DVDSCR.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bionicle 3 Web of Shadows.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bmp2Cnc v2.10.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Cheetah DVD Burner 2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Cheetah DVD Burner ver.2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Civilization IV Beyond The Sword.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\CodeLobster 3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Collectors Choice v.1.4.6.418.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Colorful Email Creator v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\CyberSitter 9.7.1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DM Genie v.2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD Menu Studio v.2.0.17.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD Region-CSS Free 5.58.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD X Player Professional 3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD-Cloner IV v4.40.920.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum 3.1.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum v3.0.5.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum ver.3.1.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DaRO Uninstaller 2006 v.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Daddys Little Girls DVDRip XviD-iMBT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Dart Karaoke Studio 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DebitPro 1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Diamond Dogs 2007 DVDScr.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Digger 2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Digital Audio Editor v7.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DirectX Happy Uninstall v3.91.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Droppix Recorder v2.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Duplicate File Remover 1.2.287.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Network Diagrammer v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Organizational Chart v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Soft Diagrammer v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Easy File Sharing Web Server 4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Elecard MPEG Player v4.5.70111.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ErrorKiller 2.6.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Eternal Sunshine of the Spotless Mind 2004 DVDrip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FTP Now 2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FTP Now v2.6.66.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FantaMorph Deluxe Edition v3.7.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fantom DVD Professional v1.7.6.26.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fluid Mask v3.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FontExplorerL.M v4.6.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FontFrenzy v1.5.151.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Dvd Creator 7.9.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Movie Manager v1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Video Studio v8.0.1.18.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\GeekBench v2.05.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Genie Backup Manager Pro v7.0.159.329.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Genie Soft Genie Backup Manager Pro v8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\GetRight Professional 6.1+2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Recon Advanced Warfighter 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Rider 2007 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Rider EXTENDED DVDRip XviD-DiAMOND.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Go1984 Enterprise Edition v3.5.2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Golden Eye 2.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Goldenfoundsoft 3D Desktop Recorder v9.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Goldenfoundsoft MSN Webcam Recorder v10.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\HDDlife Pro v2.9.109.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Harry Potter.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Hitman Blood Money Pc-dvd.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ISS BlackICE PC Protection v3.6 cqm.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ISS BlackICE Server Protection v3.6 cqm.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\IVT Corporation-BlueSoleil v.2.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Icesun Audio Converter v2.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Imagistick Photo Editor v1.1.2724.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Imagistik Markup v4.0.2727.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Incomedia WebSite X5 v5.08.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\IncrediMail Xe Premium 5.3.1 Build 2740.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ingenious v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Internet Download Manager V.5.11 Build 3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Invisible.Secrets v.4.6.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Jetico BestCrypt v8.02.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\JuiceSoft Bad CD DVD Recovery v2.40.4897.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\KasperSky Internet Security 6.0.2.621 3 Year Keys.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Kaspersky Internet Security 6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\LanHelper v1.72.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\License to Wed 2007 CAM XViD.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Lockout 2006 PROPER DVDRip XviD-VoMiT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MBSS Fireworks 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MDickie Reach v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MIDIMaestro MM4 rel 4.00.54.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MP3 AVI MPEG WMV RM To Audio CD Burner v1.2.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Magic Notes v3.4.7184.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MagicScore Maestro v4.120.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Magix Movie Edit Pro 11.5.5.4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Office 2006 Enterprise Final.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Windows Vista Final 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Windows Xp Sp2 Black Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Mobile Master Professional v6.8.1.2395.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Molipop v1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Monkey 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox DVD Converter 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox Movie Converter 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox Movie Joiner 3.51.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Mr Robot v1.10ZG.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\My Video Converter v1.2.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Naqaab 2007 Pre-DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nature Illusion Studio 1.50.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Naturpic Software AIO 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Need For Speed Carbon ISO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Need For Speed Underground 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nero PhotoShow Deluxe 4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\NetShareWatcher 1.2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\NevronVision Enterprise v7.2 VS-2005.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nikon Capture NX 1.1 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\OmniGraffle Professional 4.1.2 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ong-Bak 2003 SUBFiX DVDRip XviD-VALiOMEDiA.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\OraCmd v1.2.3.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF Filler Pilot v.1.28.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF Filler Pilot v1.281.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF to DXF JPG TIFF Converter v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF2XL CLI v3.4.4.110.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PHPEdit v.2.6.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PM Master v.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PM Master v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Password Age 1.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Picture Window Pro v.4.0.1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Player Genie v.2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Player Genie v2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Pocket Tank v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Poker Pro 2006 v.4.6.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Poker Pro 2006 v4.6.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ProShow Producer v3.0.1902.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\R-Studio Network Edition v3.6.123536.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rank Exec v1.8.6.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rapid PDF Count v2.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Real Spy Monitor v2.60.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Reaper v.1.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\RegEditer 3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry Booster v2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry First Aid Platinum v.5.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry Purify v4.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Reign Over Me 2007 DVDSCR XviD-TKK.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Resume Builder ver.4.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Return to Castle Wolfenstein.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rob Papen ConcreteFX Predator VSTi v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rock Your Mobile Ringtone Converter v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SRS Audio SandBox v1.6.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Samurai 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ScanSoft PDF Create v4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shadow IM Sniffer v4.04.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shadow IM Sniffer v4.06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shrek - 2001 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Sinner Computing Volt v1.301.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SinnerComputing GigAlarm v1.291.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SmartSound Sonicfire Pro 4.53 Network Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Snappy Fax Archive Manager v1.7.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SoftwarePassport Armadillo v5.00 Pro.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Source Insight v3.50.0058.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SourcePublisher for Ada v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SourcePublisher for C Plus Plus v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Speed Download 4.1.6 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Speed Video Converter v3.0.29.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Spot Software Spot v4.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SpyRemover v2.63.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Star Downloader Pro v1.52.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Stealth Files 4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\StepOK Recomposit v1.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Stormpredator V.3.0.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SuperFlexible FileSynchronizer Pro v3.49b.622.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Surfulater v2.00.30.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\TechSmith Camtasia Studio v.4.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Teleport Pro v1.47.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Texefex v3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Benchwarmers DVDRip DivX.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Caper 2007 DVDRip XviD-VoMiT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Notebook DVDRip XviD-DiAMOND.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Omen 666 - 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Road to El Dorado - 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Tools for Television PRO v2.1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Toon Boom Studio 3.5.058.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Total Commander v.7.01 Full.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\UCINET v6.165.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\USB Drive Data Recovery 2.0.1.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for C Plus Plus v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Delphi v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Fortran v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Java v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Jovial v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\VB Net to C Sharp Converter v2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Vertus Fluid Mask 3 v2.100.2.RC2 For Photoshop.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Visual Money v2.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\War In The Gulf Deser

Edited by lebana, 31 July 2007 - 05:16 PM.

  • 0

#5
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Apparently the logs don't all fit into one reply so here's the complete AVG Anti-Spyware Log and the Fres HijackThis Log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 8:02:43 PM 7/29/2007

+ Scan result:



C:\QooBox\Quarantine\C\WINDOWS\system32\gebya.exe.vir -> Adware.Virtumonde : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034684.exe -> Adware.Virtumonde : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD.tmp -> Adware.YourSiteBar : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\GenieSoft Overture 4.02.rar/Setup.exe -> Backdoor.IRCBot.dd : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP402\A0034459.exe -> Downloader.Agent.auv : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034704.exe -> Downloader.Agent.auv : Cleaned.
D:\found.003\dir0007.chk\apellmart[4].htm -> Downloader.Psyme.a : Cleaned.
C:\QooBox\Quarantine\C\Program Files\Common Files\Yazzle1122OinAdmin.exe.vir -> Downloader.PurityScan.eh : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b128.exe.vir -> Downloader.PurityScan.eh : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034607.exe -> Downloader.PurityScan.eh : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034649.exe -> Downloader.PurityScan.eh : Cleaned.
D:\found.001\dir0069.chk\retro64_loader[2].dll -> Downloader.Small : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b104.exe.vir -> Downloader.Small.buy : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP403\A0034515.exe -> Downloader.Small.buy : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034647.exe -> Downloader.Small.buy : Cleaned.
C:\WINDOWStj232zg.exe -> Downloader.Tiny.fl : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\b136.exe.vir -> Dropper.Agent.bfr : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034650.exe -> Dropper.Agent.bfr : Cleaned.
C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp4.tmp.exe.vir -> Dropper.Small : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP404\A0034561.exe -> Dropper.Small : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034624.exe -> Dropper.Small : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\GenieSoft Overture 4.02.zip/GenieSoft Overture 4.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\123 Flash Menu v2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\123 HTML Protector 2006 v.2.5.2.61127.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\1st Italian ExamCram v.4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\A-one DVD Creator v.4.22.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AIS Backup v2.40.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ASP.Net Maker ver.3.2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ASPMaker v6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Accepted 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ace Utilities v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Acoustica Premium Edition ver.4.00.353.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Active Desktop Calendar v7.16.070716.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AiO FLASH Mixer 3.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Amazon DVD Shrinker v.2.5.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AntiCutAndPaste v1.8.989.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AnyDVD v6.1.0.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Apple Shake v4.1 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Are We Done Yet 2007 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ashampoo Office 2006 v.1.20.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ask the Dust 2006 DVDrip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\AssetManage 2007 v7.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Atani v4.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Atranex HotKey Wizard 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Audio Edit Magic ver.9.2.14.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Aurora MPEG To DVD Burner v5.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Awaken v3.0 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Babylon Pro v6.0.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Backup4all 3.7.246.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bar Code Pro 6.05 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Best SMTP Server 2.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Beyond Good Evil.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bickford Shmecklers Cool Ideas 2006 LiMiTED DVDSCR.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bionicle 3 Web of Shadows.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Bmp2Cnc v2.10.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Cheetah DVD Burner 2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Cheetah DVD Burner ver.2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Civilization IV Beyond The Sword.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\CodeLobster 3.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Collectors Choice v.1.4.6.418.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Colorful Email Creator v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\CyberSitter 9.7.1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DM Genie v.2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD Menu Studio v.2.0.17.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD Region-CSS Free 5.58.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD X Player Professional 3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVD-Cloner IV v4.40.920.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum 3.1.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum v3.0.5.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DVDFab Platinum ver.3.1.4.8.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DaRO Uninstaller 2006 v.2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Daddys Little Girls DVDRip XviD-iMBT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Dart Karaoke Studio 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DebitPro 1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Diamond Dogs 2007 DVDScr.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Digger 2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Digital Audio Editor v7.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\DirectX Happy Uninstall v3.91.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Droppix Recorder v2.12.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Duplicate File Remover 1.2.287.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Network Diagrammer v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Organizational Chart v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\EDraw Soft Diagrammer v3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Easy File Sharing Web Server 4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Elecard MPEG Player v4.5.70111.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ErrorKiller 2.6.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Eternal Sunshine of the Spotless Mind 2004 DVDrip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FTP Now 2.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FTP Now v2.6.66.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FantaMorph Deluxe Edition v3.7.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fantom DVD Professional v1.7.6.26.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fluid Mask v3.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FontExplorerL.M v4.6.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\FontFrenzy v1.5.151.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Dvd Creator 7.9.0.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Movie Manager v1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Fox Video Studio v8.0.1.18.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\GeekBench v2.05.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Genie Backup Manager Pro v7.0.159.329.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Genie Soft Genie Backup Manager Pro v8.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\GetRight Professional 6.1+2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Recon Advanced Warfighter 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Rider 2007 DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ghost Rider EXTENDED DVDRip XviD-DiAMOND.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Go1984 Enterprise Edition v3.5.2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Golden Eye 2.01.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Goldenfoundsoft 3D Desktop Recorder v9.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Goldenfoundsoft MSN Webcam Recorder v10.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\HDDlife Pro v2.9.109.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Harry Potter.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Hitman Blood Money Pc-dvd.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ISS BlackICE PC Protection v3.6 cqm.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ISS BlackICE Server Protection v3.6 cqm.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\IVT Corporation-BlueSoleil v.2.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Icesun Audio Converter v2.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Imagistick Photo Editor v1.1.2724.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Imagistik Markup v4.0.2727.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Incomedia WebSite X5 v5.08.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\IncrediMail Xe Premium 5.3.1 Build 2740.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ingenious v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Internet Download Manager V.5.11 Build 3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Invisible.Secrets v.4.6.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Jetico BestCrypt v8.02.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\JuiceSoft Bad CD DVD Recovery v2.40.4897.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\KasperSky Internet Security 6.0.2.621 3 Year Keys.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Kaspersky Internet Security 6.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\LanHelper v1.72.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\License to Wed 2007 CAM XViD.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Lockout 2006 PROPER DVDRip XviD-VoMiT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MBSS Fireworks 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MDickie Reach v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MIDIMaestro MM4 rel 4.00.54.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MP3 AVI MPEG WMV RM To Audio CD Burner v1.2.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Magic Notes v3.4.7184.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MagicScore Maestro v4.120.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Magix Movie Edit Pro 11.5.5.4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Office 2006 Enterprise Final.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Windows Vista Final 2006.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Microsoft Windows Xp Sp2 Black Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Mobile Master Professional v6.8.1.2395.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Molipop v1.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Monkey 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox DVD Converter 1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox Movie Converter 2.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\MovieToolbox Movie Joiner 3.51.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Mr Robot v1.10ZG.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\My Video Converter v1.2.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Naqaab 2007 Pre-DVDRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nature Illusion Studio 1.50.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Naturpic Software AIO 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Need For Speed Carbon ISO.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Need For Speed Underground 2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nero PhotoShow Deluxe 4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\NetShareWatcher 1.2.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\NevronVision Enterprise v7.2 VS-2005.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Nikon Capture NX 1.1 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\OmniGraffle Professional 4.1.2 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Ong-Bak 2003 SUBFiX DVDRip XviD-VALiOMEDiA.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\OraCmd v1.2.3.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF Filler Pilot v.1.28.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF Filler Pilot v1.281.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF to DXF JPG TIFF Converter v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PDF2XL CLI v3.4.4.110.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PHPEdit v.2.6.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PM Master v.3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\PM Master v3.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Password Age 1.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Picture Window Pro v.4.0.1.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Player Genie v.2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Player Genie v2.22.323.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Pocket Tank v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Poker Pro 2006 v.4.6.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Poker Pro 2006 v4.6.5.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ProShow Producer v3.0.1902.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\R-Studio Network Edition v3.6.123536.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rank Exec v1.8.6.4.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rapid PDF Count v2.00.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Real Spy Monitor v2.60.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Reaper v.1.02.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\RegEditer 3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry Booster v2.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry First Aid Platinum v.5.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Registry Purify v4.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Reign Over Me 2007 DVDSCR XviD-TKK.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Resume Builder ver.4.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Return to Castle Wolfenstein.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rob Papen ConcreteFX Predator VSTi v1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Rock Your Mobile Ringtone Converter v1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SRS Audio SandBox v1.6.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Samurai 1.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ScanSoft PDF Create v4.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shadow IM Sniffer v4.04.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shadow IM Sniffer v4.06.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Shrek - 2001 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Sinner Computing Volt v1.301.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SinnerComputing GigAlarm v1.291.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SmartSound Sonicfire Pro 4.53 Network Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Snappy Fax Archive Manager v1.7.1.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SoftwarePassport Armadillo v5.00 Pro.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Source Insight v3.50.0058.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SourcePublisher for Ada v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SourcePublisher for C Plus Plus v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Speed Download 4.1.6 for Mac.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Speed Video Converter v3.0.29.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Spot Software Spot v4.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SpyRemover v2.63.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Star Downloader Pro v1.52.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Stealth Files 4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\StepOK Recomposit v1.6.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Stormpredator V.3.0.3.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\SuperFlexible FileSynchronizer Pro v3.49b.622.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Surfulater v2.00.30.10.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\TechSmith Camtasia Studio v.4.0.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Teleport Pro v1.47.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Texefex v3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Benchwarmers DVDRip DivX.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Caper 2007 DVDRip XviD-VoMiT.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Notebook DVDRip XviD-DiAMOND.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Omen 666 - 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\The Road to El Dorado - 2006 DvdRip.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Tools for Television PRO v2.1.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Toon Boom Studio 3.5.058.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Total Commander v.7.01 Full.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\UCINET v6.165.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\USB Drive Data Recovery 2.0.1.5.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for C Plus Plus v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Delphi v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Fortran v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Java v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Understand for Jovial v1.4.410.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\VB Net to C Sharp Converter v2.13.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Vertus Fluid Mask 3 v2.100.2.RC2 For Photoshop.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Visual Money v2.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\War In The Gulf Desert Storm The Air Assault.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Warhammer Mark of Chaos.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Web Cache Illuminator v4.9.3.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WinCapture 8.4.0.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WinDVD 7 Professional.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WinRAR v.3.70.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WinRar 3.70 Gold Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Wincopy 2007 Screen Capture v3.1.2727.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WindowBlinds 5.1 Enhanced.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Windows Vista Ultimate 64bit Edition.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\WitCobber Super Video Splitter v3.7.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Wondershare Photo Collage Studio v.2.6.2.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Xilisoft FLV Converter 3.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\XoftSpySE 4.33.241.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\Zip Express v.2.4.5.1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\iWeb Watcher 1.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\ionCube PHP Encoder v6.5.9.exe -> Dropper.VB.lu : Cleaned.
C:\Documents and Settings\Luis Dominguez\My Documents\My Music\iTunes\songsr\_\xzxzxzxzxzxz.exe -> Dropper.VB.lu : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9.tmp -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq11.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq13.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq17.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq18.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq19.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1A.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqF.tmp -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@aavalue[2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Aavalue : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1E.tmp -> TrackingCookie.Adbrite : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD7.tmp -> TrackingCookie.Adbrite : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq20.tmp -> TrackingCookie.Addynamix : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq22.tmp -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Adobe : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@adorigin[1].txt -> TrackingCookie.Adorigin : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@adrevolver[3].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq27.tmp -> TrackingCookie.Adrevolver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD0.tmp -> TrackingCookie.Adserver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2E.tmp -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2F.tmp -> TrackingCookie.Advertising : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq30.tmp -> TrackingCookie.Adviva : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@adviva[2].txt -> TrackingCookie.Adviva : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq33.tmp -> TrackingCookie.Atdmt : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3A.tmp -> TrackingCookie.Bfast : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3D.tmp -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Bpath : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq46.tmp -> TrackingCookie.Bridgetrack : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq40.tmp -> TrackingCookie.Burstbeacon : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDD.tmp -> TrackingCookie.Burstbeacon : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq41.tmp -> TrackingCookie.Burstnet : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq42.tmp -> TrackingCookie.Burstnet : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDE.tmp -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq43.tmp -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq44.tmp -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE0.tmp -> TrackingCookie.Casalemedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq45.tmp -> TrackingCookie.Centrport : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq48.tmp -> TrackingCookie.Clickbank : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq49.tmp -> TrackingCookie.Clickzs : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Cnn : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4A.tmp -> TrackingCookie.Com : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4B.tmp -> TrackingCookie.Commission-junction : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@commission-junction[1].txt -> TrackingCookie.Commission-junction : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4E.tmp -> TrackingCookie.Coremetrics : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4F.tmp -> TrackingCookie.Coremetrics : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq51.tmp -> TrackingCookie.Coremetrics : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Coremetrics : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Counted : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Dbbsrv : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq52.tmp -> TrackingCookie.Dealtime : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq53.tmp -> TrackingCookie.Dealtime : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@dealtime[1].txt -> TrackingCookie.Dealtime : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq56.tmp -> TrackingCookie.Doubleclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE2.tmp -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5F.tmp -> TrackingCookie.Euroclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE3.tmp -> TrackingCookie.Euroclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq32.tmp -> TrackingCookie.Falkag : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp -> TrackingCookie.Falkag : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq61.tmp -> TrackingCookie.Falkag : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Falkag : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE4.tmp -> TrackingCookie.Fastclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq63.tmp -> TrackingCookie.Fortunecity : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE5.tmp -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis d
  • 0

#6
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Well apparently it STILL doesn't all fit, here's the rest starting form where it cut off:

C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq58.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq59.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5A.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq68.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq69.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6A.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6B.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6C.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6D.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6E.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6F.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq70.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq71.tmp -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq72.tmp -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Hitbox : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq73.tmp -> TrackingCookie.Hitslink : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq75.tmp -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Infinite-ads : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@info[2].txt -> TrackingCookie.Info : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7B.tmp -> TrackingCookie.Information : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq83.tmp -> TrackingCookie.Linksynergy : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq85.tmp -> TrackingCookie.Liveperson : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8A.tmp -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq8D.tmp -> TrackingCookie.Mediaplex : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE9.tmp -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Netflame : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA9.tmp -> TrackingCookie.Onestat : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqEB.tmp -> TrackingCookie.Overture : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq90.tmp -> TrackingCookie.Pointroll : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq50.tmp -> TrackingCookie.Pro-market : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq93.tmp -> TrackingCookie.Qksrv : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Quarterserver : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq95.tmp -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq97.tmp -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq98.tmp -> TrackingCookie.Realmedia : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq99.tmp -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9A.tmp -> TrackingCookie.Revenue : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9C.tmp -> TrackingCookie.Revsci : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq57.tmp -> TrackingCookie.Ru4 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqE1.tmp -> TrackingCookie.Ru4 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq3F.tmp -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA3.tmp -> TrackingCookie.Serving-sys : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA4.tmp -> TrackingCookie.Sextracker : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA5.tmp -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq2A.tmp -> TrackingCookie.Specificclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA7.tmp -> TrackingCookie.Specificclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Specificclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][2].txt -> TrackingCookie.Specificpop : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@spinbox[2].txt -> TrackingCookie.Spinbox : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA8.tmp -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAA.tmp -> TrackingCookie.Statcounter : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAC.tmp -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAD.tmp -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAE.tmp -> TrackingCookie.Tacoda : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAF.tmp -> TrackingCookie.Targetnet : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Tracking101 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB4.tmp -> TrackingCookie.Tracking101 : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB5.tmp -> TrackingCookie.Tradedoubler : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB8.tmp -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqED.tmp -> TrackingCookie.Trafficmp : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB9.tmp -> TrackingCookie.Trafic : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqBB.tmp -> TrackingCookie.Tribalfusion : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqDA.tmp -> TrackingCookie.Tribalfusion : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC0.tmp -> TrackingCookie.Valuead : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC1.tmp -> TrackingCookie.Valueclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel [email protected][1].txt -> TrackingCookie.Valueclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
D:\Documents and Settings\Anabel Dominguez\Cookies\anabel dominguez@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC5.tmp -> TrackingCookie.Web-stat : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC6.tmp -> TrackingCookie.Web-stat : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC8.tmp -> TrackingCookie.Webtrends : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqC7.tmp -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Luis Dominguez\Cookies\luis dominguez@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1D.tmp -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD6.tmp -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD1.tmp -> TrackingCookie.Zedo : Cleaned.
C:\Program Files\Yahoo!\YPSR\Quarantine\ppqD2.tmp -> TrackingCookie.Zedo : Cleaned.
C:\QooBox\Quarantine\C\WINDOWS\retadpu2000373.exe.vir -> Trojan.Small : Cleaned.
C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034609.exe -> Trojan.Small : Cleaned.


::Report end
  • 0

#7
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Now the Fresh HijackThis Log:

Logfile of HijackThis v1.99.1
Scan saved at 6:05:32 PM, on 7/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\HijackThis.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmpA.tmp.dll (file missing)
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AutoRun] "E:\AUTORUN\AutoRun.exe" "/12"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [EvidenceEraser] C:\Program Files\EvidenceEraser\EvidenceEraser.exe -boot
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://edits.mywebse...US_ZNxmk502DJUS
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: c:\windows\system32\gebcccd.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE
  • 0

#8
Stamper19

Stamper19

    Expert

  • Expert
  • 1,992 posts
Hi lebana,

No worries about the delay. Hopefully your computer will be more stable shortly, if it isnt already showing some signs of improvement.

We knocked out quite a few of the bad guys in that last round of fixes. Time to get the rest now :whistling:

You should print out, or save these instructions to a notepad file, as you will not have acces to this thread when in safe mode.

----------------------------------------------------------------

Please download the OTMoveIt by OldTimer.
  • Save it to your desktop
  • We will run the program later.
----------------------------------------------------------------

Please submit the following files for analysis.

Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • E:\AUTORUN\AutoRun.exe
  • Click on the submit button
  • Please post the results in your next reply.
Please note that if you are submitting more than one file they will have to be entered one at a time.

----------------------------------------------------------------

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmpA.tmp.dll (file missing)
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe <<Optional - see below for details
O8 - Extra context menu item: &Search - http://edits.mywebse...US_ZNxmk502DJUS
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
O20 - AppInit_DLLs: c:\windows\system32\gebcccd.dll


Optionals: Although LimeWire is not malware itself, the files downloaded with it are often a major source of infection, and it is likely the source of your current ailments. Hence, I strongly advise that it removed. The choice to do so is yours, but keeping it will greatly increase your likelihood of being infected again in the future.

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis. Reboot into safe mode.

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

----------------------------------------------------------------
Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

LimeWire 4.12.6 <<If removed in previous step
My Web Search (My Fun Cards)
OIN
Viewpoint Media Player



Please note any other programs that you dont recognize in that list in your next response

----------------------------------------------------------------

Using Windows Explorer (to get there right-click your Start button and go to "Explore"), please delete these FOLDERS (if present):

C:\Program Files\LimeWire <<If removed in previous step

----------------------------------------------------------------

Lets delete some ill mannered files.
  • Please double-click OTMoveIt.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    C:\WINDOWS\geeffc.dll
    C:\WINDOWS\jkjhig.dll
    C:\WINDOWS\iihebx.dll
    C:\WINDOWS\yaayxu.dll
    C:\WINDOWS\byvutt.dll
    C:\WINDOWS\iihggf.dll
    C:\WINDOWS\khiiif.dll
    C:\WINDOWStj232zg.exe
    C:\WINDOWS\system32\kbdjpn.dll
    C:\WINDOWS\system32\kbdkor.dll
    C:\WINDOWS\system32\kbd106.dll
    C:\WINDOWS\system32\kbd101c.dll
    C:\WINDOWS\system32\kbd101b.dll
    C:\WINDOWS\system32\kbd103.dll
    c:\windows\system32\gebcccd.dll


  • Return to OTMoveIt, right click on the "Paste List of Files/Folders to be moved" window and choose Paste.
  • Click the red Moveit! button.
  • Close OTMoveIt
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please "Copy" the results from the "Results" window (to the right) and then "Paste" them into your next reply on the forum. Reboot into Normal Mode.

----------------------------------------------------------------

Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
----------------------------------------------------------------

Please download Deckard's System Scanner (DSS) to your Desktop.
  • Close all applications and windows.
  • Double-click on DSS.exe to run it, and follow the prompts.
  • The scan may take a minute. When the scan is complete, two text files will open - Main.txt and Extra.txt
Extra Note: When running DSS, some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so. Also, it may happen that your Antivirus flags DSS as suspicious. Please allow the Deckard's System Scanner to run and don't let your Antivirus delete it. (In this case, it may be better to temporary disable your Antivirus)

Post the main.txt and extra.txt from the C:\Deckard\System Scanner folder into your next reply.

----------------------------------------------------------------

Information to include in your next post:
  • Jotti File Report
  • OTMoveIt Report
  • Kapersky Scan Log
  • Main.txt and Extra.txt from DSS
  • Let me know how the computer is running.

  • 0

#9
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
When I went to Jottie's malware scan and submitted the file path it would go on a page that said that a firewall or some kind of malware was prohibiting me from uploading the file. Then I tried it again and it kept saying the same thing. However the third time I tried it the status kept saying that the server was busy and it kept retrying for a very long time. Finally the the status turn to ready for scan, but once again it wouldn't let me upload the file.
  • 0

#10
Stamper19

Stamper19

    Expert

  • Expert
  • 1,992 posts
Please skip that step for now and proceed with the remainder of the fix.
  • 0

Advertisements


#11
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi, here are the report you told me to get with the exception of the Jotti File Report.

OTMoveIt Report

File/Folder · C:\WINDOWS\geeffc.dll not found.
DllUnregisterServer procedure not found in C:\WINDOWS\jkjhig.dll
C:\WINDOWS\jkjhig.dll NOT unregistered.
C:\WINDOWS\jkjhig.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\iihebx.dll
C:\WINDOWS\iihebx.dll NOT unregistered.
C:\WINDOWS\iihebx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\yaayxu.dll
C:\WINDOWS\yaayxu.dll NOT unregistered.
C:\WINDOWS\yaayxu.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\byvutt.dll
C:\WINDOWS\byvutt.dll NOT unregistered.
C:\WINDOWS\byvutt.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\iihggf.dll
C:\WINDOWS\iihggf.dll NOT unregistered.
C:\WINDOWS\iihggf.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\khiiif.dll
C:\WINDOWS\khiiif.dll NOT unregistered.
C:\WINDOWS\khiiif.dll moved successfully.
File/Folder C:\WINDOWStj232zg.exe not found.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbdjpn.dll
C:\WINDOWS\system32\kbdjpn.dll NOT unregistered.
C:\WINDOWS\system32\kbdjpn.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbdkor.dll
C:\WINDOWS\system32\kbdkor.dll NOT unregistered.
C:\WINDOWS\system32\kbdkor.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbd106.dll
C:\WINDOWS\system32\kbd106.dll NOT unregistered.
C:\WINDOWS\system32\kbd106.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbd101c.dll
C:\WINDOWS\system32\kbd101c.dll NOT unregistered.
C:\WINDOWS\system32\kbd101c.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbd101b.dll
C:\WINDOWS\system32\kbd101b.dll NOT unregistered.
C:\WINDOWS\system32\kbd101b.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kbd103.dll
C:\WINDOWS\system32\kbd103.dll NOT unregistered.
C:\WINDOWS\system32\kbd103.dll moved successfully.
File/Folder c:\windows\system32\gebcccd.dll not found.

Created on 08/01/2007 23:41:18
  • 0

#12
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
KASPERSKY ONLINE SCANNER REPORT
Thursday, August 02, 2007 10:37:55 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 3/08/2007
Kaspersky Anti-Virus database records: 371369


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 95381
Number of viruses found 22
Number of infected objects 84 / 0
Number of suspicious objects 2
Duration of the scan process 02:32:16

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\History\History.IE5\MSHist012007080220070803\index.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temp\Perflib_Perfdata_b3c.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temp\~DF57E6.tmp Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5DU7KXYJ\UserStatusChange[2].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\C5MVCHYN\UserStatusChange[5].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\C5MVCHYN\UserStatusChange[6].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\C5MVCHYN\UserStatusChange[7].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\GH6VW9MZ\UserStatusChange[1].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\O5AVG9UR\UserStatusChange[3].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\W16F0XQ7\UserStatusChange[3].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\W56Z8X6B\UserStatusChange[4].html Object is locked skipped

C:\Documents and Settings\Luis Dominguez\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Luis Dominguez\NTUSER.DAT.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Program Files\SBC Self Support Tool\SmartBridge\AlertFilter.log Object is locked skipped

C:\Program Files\SBC Self Support Tool\SmartBridge\log\httpclient.log Object is locked skipped

C:\Program Files\SBC Self Support Tool\SmartBridge\SmartBridge.log Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\billing_Luis Dominguez.log Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\client_Luis Dominguez.log Object is locked skipped

C:\Program Files\Yahoo!\Messenger\logs\network_Luis Dominguez.log Object is locked skipped

C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7.tmp Suspicious: Packed.Win32.Morphine.a skipped

C:\Program Files\Yahoo!\YPSR\Quarantine\ppqB.tmp Suspicious: Packed.Win32.Morphine.a skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp12.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp1B.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp24.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp33.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp3C.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp4A.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp54.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp7.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmp8.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\DOCUME~1\LUISDO~1\APPLIC~1\tmpB.tmp.exe.vir Infected: Trojan.Win32.Agent.aoy skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.al skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.v skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir Infected: not-a-virus:AdWare.Win32.MyWebSearch.w skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped

C:\QooBox\Quarantine\C\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped

C:\QooBox\Quarantine\C\Program Files\WinPop\UnInstall.exe.vir Infected: Trojan.Win32.Small.oa skipped

C:\QooBox\Quarantine\C\Program Files\WinPop\winpop.exe.vir Infected: not-a-virus:AdWare.Win32.Rond.c skipped

C:\QooBox\Quarantine\C\WINDOWS\b122.exe.vir Infected: not-a-virus:AdWare.Win32.Rond.c skipped

C:\QooBox\Quarantine\C\WINDOWS\system32\f3PSSavr.scr.vir Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\QooBox\Quarantine\C\WINDOWS\system32\ltimntz.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ke skipped

C:\QooBox\Quarantine\C\WINDOWS\tutqpo.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP403\A0034507.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP403\A0034541.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP404\A0034560.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP404\A0034597.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034611.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034614.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034617.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034620.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034623.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034627.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034630.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034632.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034633.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034636.exe Infected: Trojan.Win32.Agent.aoy skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034648.exe Infected: not-a-virus:AdWare.Win32.Rond.c skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034653.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.al skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034654.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034655.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034656.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034658.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034659.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034660.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.v skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034661.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034662.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034663.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034664.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034665.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034667.DLL Infected: not-a-virus:AdWare.Win32.MyWebSearch.w skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034668.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034670.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034671.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034672.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034674.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034675.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034676.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ab skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034677.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034678.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034679.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034680.exe Infected: Trojan.Win32.Small.oa skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034681.exe Infected: not-a-virus:AdWare.Win32.Rond.c skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034682.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034683.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ar skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034687.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ke skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP405\A0034779.exe Infected: Trojan-Downloader.Win32.Tiny.fl skipped

C:\System Volume Information\_restore{68C7C69F-5E5E-4284-89AA-7167727E890B}\RP407\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\ServicePackFiles\i386\installutil.exe Infected: Virus.Win32.Sality.o skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.
  • 0

#13
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Main.txt from DSS

Deckard's System Scanner v20070729.57
Run by Luis Dominguez on 2007-08-02 at 23:13:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
8: 2007-08-03 04:13:33 UTC - RP409 - Deckard's System Scanner Restore Point
7: 2007-08-03 03:04:55 UTC - RP408 - Installed Overture 3.02 Mini
6: 2007-08-02 02:20:40 UTC - RP407 - System Checkpoint
5: 2007-08-01 00:17:00 UTC - RP406 - System Checkpoint
4: 2007-07-29 21:04:20 UTC - RP405 - System Checkpoint


-- First Restore Point --
1: 2007-07-24 03:12:16 UTC - RP402 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Luis Dominguez.exe) --------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:14:29 PM, on 8/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Yahoo!\Antivirus\ISafe.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Yahoo!\Antivirus\CAVTray.exe
C:\Program Files\Yahoo!\Antivirus\CAVRID.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\Yahoo!\browser\YBrowser.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe
C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
C:\Documents and Settings\Luis Dominguez\Local Settings\Temporary Internet Files\Content.IE5\SXI7C9AN\dss[1].exe
C:\PROGRA~1\HIJACK~1\Luis Dominguez.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AutoRun] "E:\AUTORUN\AutoRun.exe" "/12"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\Yahoo!\Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\Yahoo!\Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [EvidenceEraser] C:\Program Files\EvidenceEraser\EvidenceEraser.exe -boot
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay10...es/MsnPUpld.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE


-- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) --------------------

backup-20070801-230046-128 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
backup-20070801-230046-219 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...tup1.0.0.15.cab
backup-20070801-230046-427 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
backup-20070801-230046-555 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
backup-20070801-230046-595 O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmpA.tmp.dll (file missing)
backup-20070801-230046-695 O8 - Extra context menu item: &Search - http://edits.mywebse...US_ZNxmk502DJUS
backup-20070801-230046-773 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
backup-20070801-230046-984 O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 VETFDDNT (VET Floppy Boot Sector Monitor) - c:\windows\system32\drivers\vetfddnt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VET-FILT (VET File System Filter) - c:\windows\system32\drivers\vet-filt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VETMONNT (VET File Monitor) - c:\windows\system32\drivers\vetmonnt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
R1 VET-REC (VET File System Recognizer) - c:\windows\system32\drivers\vet-rec.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>

S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys (file missing)
S3 catchme - c:\docume~1\luisdo~1\locals~1\temp\catchme.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>


-- Scheduled Tasks -------------------------------------------------------------

2007-07-31 19:41:04 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2006-07-03 23:24:10 360 --a------ C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1136940440.job


-- Files created between 2007-07-02 and 2007-08-02 -----------------------------

2007-08-02 20:03:33 0 d-------- C:\Program Files\NoteWorthy Composer
2007-08-02 19:55:32 0 d-------- C:\Program Files\NoteWorthy Player
2007-08-02 19:38:39 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-08-02 19:38:35 0 d-------- C:\WINDOWS\LastGood
2007-07-30 22:13:26 0 d-------- C:\WINDOWS\CAVTemp
2007-07-29 18:09:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-29 13:02:13 131787 --a------ C:\WINDOWS\geeffc.dll
2007-07-23 16:35:35 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\Corel
2007-07-22 12:46:24 0 d-------- C:\Documents and Settings\All Users\Application Data\CA
2007-07-22 12:46:23 26787 --a------ C:\WINDOWS\system32\drivers\vetmonnt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
2007-07-22 12:45:40 15478 --a------ C:\WINDOWS\system32\drivers\Vet-Rec.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
2007-07-22 12:45:40 21031 --a------ C:\WINDOWS\system32\drivers\Vet-Filt.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
2007-07-22 12:45:40 15735 --a------ C:\WINDOWS\system32\drivers\VetFDDNT.sys <Not Verified; Computer Associates International, Inc.; Computer Associates Antivirus>
2007-07-22 12:45:17 0 d-------- C:\Program Files\Common Files\Scanner
2007-07-22 12:45:02 86016 --a------ C:\WINDOWS\system32\YPcservice.exe <Not Verified; Yahoo! Inc.; YPCService Module>
2007-07-22 12:45:02 131072 --a------ C:\WINDOWS\system32\ypclsp.dll <Not Verified; Yahoo! Inc.; Yahoo! YPCLSP>
2007-07-20 23:07:28 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\Nokia Multimedia Player
2007-07-20 15:07:51 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\EvidenceEraser
2007-07-20 14:42:59 0 d-------- C:\Program Files\LimeWire Turbo Accelerator
2007-07-20 14:42:58 0 d-------- C:\Program Files\Common Files\Download Manager
2007-07-03 17:15:50 0 d-------- C:\Program Files\Common Files\PCSuite
2007-07-03 17:15:38 0 d-------- C:\Program Files\Common Files\Nokia
2007-07-02 20:33:54 0 d-------- C:\Program Files\AV Music Morpher Gold
2007-07-02 17:44:21 0 d-------- C:\Program Files\iPod
2007-07-02 17:40:54 0 d-------- C:\Program Files\Common Files\Apple
2007-07-02 17:40:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple


-- Find3M Report ---------------------------------------------------------------

2007-08-02 22:05:02 0 d-------- C:\Program Files\GenieSoft
2007-07-29 17:38:22 0 d-------- C:\Program Files\Common Files
2007-07-22 12:45:33 0 d-------- C:\Program Files\Yahoo!
2007-07-20 19:33:04 0 d-------- C:\Program Files\Windows NT
2007-07-13 23:51:06 2852310 --a------ C:\Documents and Settings\Luis Dominguez\Application Data\NMM-MetaData.db
2007-07-03 17:15:37 0 d-------- C:\Program Files\Nokia
2007-07-02 17:44:48 0 d-------- C:\Program Files\iTunes
2007-07-01 15:02:59 0 d-------- C:\Program Files\Overture 4.0 ?????
2007-07-01 11:39:19 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\Adobe
2007-07-01 11:23:33 0 d-------- C:\Program Files\Common Files\Adobe
2007-07-01 11:02:39 0 d-------- C:\Program Files\MySpace
2007-06-27 23:48:58 0 d-------- C:\Program Files\MSXML 4.0
2007-06-26 21:48:30 0 d-------- C:\Program Files\VSTPlugins
2007-06-26 21:48:30 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\GenieSoft
2007-06-26 17:58:47 0 d-------- C:\Program Files\Common Files\Corel
2007-06-26 17:57:34 0 d-------- C:\Program Files\Corel
2007-06-26 17:15:17 2552319 --a------ C:\Program Files\e456m_patch.dmg
2007-06-24 17:24:25 0 d-------- C:\Program Files\Encore DEMO
2007-06-22 17:21:13 0 d-------- C:\Documents and Settings\Luis Dominguez\Application Data\WinRAR


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [03/21/2003 12:26 PM C:\WINDOWS\mHotkey.exe]
"AutoRun"="E:\AUTORUN\AutoRun.exe" []
"SoundMan"="SOUNDMAN.EXE" [07/01/2004 05:23 AM C:\WINDOWS\SOUNDMAN.EXE]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [09/10/2002 10:26 PM]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [12/09/2003 03:02 PM]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [12/10/2003 05:52 AM]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [11/02/2004 08:24 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" [07/26/2006 04:03 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/27/2007 09:41 AM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 11:09 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/28/2007 09:14 AM]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [03/23/2007 01:20 PM]
"CaAvTray"="C:\Program Files\Yahoo!\Antivirus\CAVTray.exe" [07/22/2007 12:45 PM]
"CAVRID"="C:\Program Files\Yahoo!\Antivirus\CAVRID.exe" [07/22/2007 12:45 PM]
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [07/21/2006 10:43 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [07/29/2007 06:04 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [03/27/2007 03:22 PM]
"EvidenceEraser"="C:\Program Files\EvidenceEraser\EvidenceEraser.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [4/9/2003 7:21:38 PM]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [4/9/2003 7:11:12 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1/21/2000 3:15:54 AM]
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [1/5/2006 8:45:04 PM]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [4/11/2007 11:10:00 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"




-- End of Deckard's System Scanner: finished at 2007-08-02 at 23:16:27 ---------



Extra.txt from DSS

Deckard's System Scanner v20070729.57
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® CPU 2.60GHz
Percentage of Memory in Use: 70%
Physical Memory (total/avail): 479.48 MiB / 140.86 MiB
Pagefile Memory (total/avail): 1121.42 MiB / 725.15 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1966.45 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 66.68 GiB total, 40.99 GiB free.
D: is Fixed (NTFS) - 74.53 GiB total, 66.29 GiB free.
E: is CDROM (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: Anti-Virus - SBC Yahoo! Online Protection v7.0.7.4 (Computer Associates)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Luis Dominguez\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_08\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LUIS
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Luis Dominguez
LOGONSERVER=\\LUIS
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_08\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\LUISDO~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\LUISDO~1\LOCALS~1\Temp
USERDOMAIN=LUIS
USERNAME=Luis Dominguez
USERPROFILE=C:\Documents and Settings\Luis Dominguez
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Luis Dominguez (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\SBC Yahoo!\umuninst.exe" /S
--> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
56Kbps Internal Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Apple Mobile Device Support --> MsiExec.exe /I{8FC46258-0843-4D79-B7F0-F2B82FE6173B}
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\common\uninstall.exe
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
AV Music Morpher Gold --> C:\Program Files\AV Music Morpher Gold\uninstall.exe
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
Corel Paint Shop Pro Photo XI --> MsiExec.exe /X{93A1B09E-BAFA-4628-A5B6-921CB026955A}
Encore 4.5.5 DEMO --> C:\WINDOWS\unvise32.exe C:\Program Files\Encore DEMO\uninstal.log
getPlus®_ocx --> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\inf\GETPLUSo.INF, DefaultUninstall
Hijackthis 1.99.1 --> "C:\Program Files\Hijackthis\unins000.exe"
HijackThis 1.99.1 --> C:\Program Files\Hijackthis\HijackThis.exe /uninstall
hp instant support --> C:\PROGRA~1\HEWLET~1\hpis\Uninstall.exe /s CeS
HP Photo and Imaging 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - All-in-One Drivers --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - hp psc 1200 series --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> MsiExec.exe /I{85B90D8C-70F3-4E84-BD31-5E9489C0F9FB}
J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Kaspersky Online Scanner --> C:\WINDOWS\system32\KASPER~1\KASPER~1\kavuninstall.exe
Microsoft Office 2000 SR-1 Premium --> MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Move Networks Media Player for Internet Explorer --> C:\Documents and Settings\Luis Dominguez\Application Data\Move Networks\ie_bin\Uninst.exe
Move Networks Player for Internet Explorer --> "C:\Documents and Settings\Luis Dominguez\Application Data\Move Networks\ie_bin\unins000.exe"
MSN Messenger 7.5 --> MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
MSN Toolbar --> C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\mtbs.exe c
Multimedia Keyboard Driver Ver1.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe" -l0x9
My Web Search (My Fun Cards) --> rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O
Nokia Connectivity Cable Driver --> MsiExec.exe /X{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}
Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_eng_us_web[1].exe /LANG="1033"
Nokia PC Suite --> MsiExec.exe /I{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}
NoteWorthy Composer --> C:\PROGRA~1\NOTEWO~2\UNINSTAL.EXE C:\PROGRA~1\NOTEWO~2\INSTALL.LOG
NoteWorthy Player --> C:\PROGRA~1\NOTEWO~1\UNINSTAL.EXE C:\PROGRA~1\NOTEWO~1\INSTALL.LOG
Overture 3.02 Mini --> MsiExec.exe /I{5713A0A6-1756-41E8-912F-FCE7DA78E351}
Overture 3.6 Demo --> C:\WINDOWS\unvise32.exe C:\Program Files\GenieSoft\Overture 3.6 Demo\uninstal.log
Overture 4.0 ????? --> MsiExec.exe /I{64C3D5BE-47B3-4085-B6D5-585D2677145A}
Overture 4.0 Demo --> C:\WINDOWS\unvise32.exe C:\Program Files\GenieSoft\Overture 4.0 Demo\uninstal.log
PC Connectivity Solution --> MsiExec.exe /I{066D65EA-ED53-44E4-A96A-F81B6E409D2E}
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime --> MsiExec.exe /I{08094E03-AFE4-4853-9D31-6D0743DF5328}
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\Setup.exe" -l0x9 REMOVE
SBC Self Support Tool --> C:\WINDOWS\Motive\SBC\MCCUninst.exe
Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccswpddri_039E7E24575DBAE6A389611AF28F4EB97729D33E\pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_4EFFAAE27A08EDFDE145390033D8EF099DA65567\nokbtmdm.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S


-- End of Deckard's System Scanner: finished at 2007-08-02 at 23:16:27 ---------
  • 0

#14
Stamper19

Stamper19

    Expert

  • Expert
  • 1,992 posts
Hi lebana,

Things are looking much better. We are almost there. Few things to do still.

----------------------------------------------------------------

Make sure you can view hidden files.

Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
[red]**[/color] These files are hidden to stop you accidentally removing something important.
It is advisable to hide them again after fixing your computer. [red]**[/color]

----------------------------------------------------------------

Please submit the following files for analysis again. If it does not work, please try disabling any firewalls you have running while uploading the file, and re-enabling the firewall once the upload is complete

Jotti File Submission:
  • Please go to Jotti's malware scan
  • Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
    • C:\WINDOWS\ServicePackFiles\i386\installutil.exe
      E:\AUTORUN\AutoRun.exe
  • Click on the submit button
  • Please post the results in your next reply.
Please note that if you are submitting more than one file they will have to be entered one at a time.

----------------------------------------------------------------

Using the Windows Search tool (to get there right-click your Start button and go to "Search"), please search for and delete these FILES (if present):

Please be sure that you are logged on to the computer as Administrator.

C:\WINDOWS\geeffc.dll

----------------------------------------------------------------

Your Java is out of date. This can provide an open door for infection. Lets get that fixed

Updating Java and Clearing Cache
  • Go to Start > Control Panel double-click on the Java Icon (coffee cup) in the Control Panel.
  • It will say "Java Plug-in" under the icon.
    Please find the update button or tab in the Java Control Panel. Update your Java then reboot.
  • If you are unable to update you can manually update by going here:
  • After the reboot, go back into the Control Panel and double-click the Java Icon.
  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 CheckedDownloaded Applets
    Downloaded Applications
    Other Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Java Control Panel.
----------------------------------------------------------------

Now, lets remove the old versions of Java on your system.

Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

J2SE Runtime Environment 5.0 Update 8

----------------------------------------------------------------

Information to include in your next post:
  • Jotti File Report for both files
  • Let me know how the computer is running.

  • 0

#15
lebana

lebana

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Hi! For the Jotti's malware scan theonly the first file path worked. When I try the second one it keep doing the same thing as before. I turned off the firewall but it still didn't upload. My computer is running a whole lot better now. There really arent anymore pop-ups. Here's the first file path.

I did it twice. They're the same except for the last part:


Service load: 0% 100%

File: installutil.exe
Status: INFECTED/MALWARE
MD5: 7576aba7e837bbf1d46ae830c0f0d81b
Packers detected: -
Bit9 reports: File not found

Scanner results
Scan taken on 03 Aug 2007 19:34:46 (GMT)
A-Squared Found nothing
AntiVir Found W32/Sality.o
ArcaVir Found nothing
Avast Found Win32:Sality-S
AVG Antivirus Found Win32/Sality
BitDefender Found Win32.Sality.I
ClamAV Found W32.Sality.O
CPsecure Found W32.Sality.O
Dr.Web Found Win32.Sector.20480
F-Prot Antivirus Found W32/Sality.AB
F-Secure Anti-Virus Found Virus.Win32.Sality.o
Fortinet Found W32/Sality.O
Kaspersky Anti-Virus Found Virus.Win32.Sality.o
NOD32 Found nothing
Norman Virus Control Found W32/Sality.U
Panda Antivirus Found W32/Sality.S
Rising Antivirus Found nothing
Sophos Antivirus Found W32/Sality-U
VirusBuster Found Win32.Sality.U
VBA32 Found nothing


Statistics
Last file scanned at least one scanner reported something about: auction_auto_bidder_v6_1_552_LinksTree.com_.rar (MD5: d7ab711d362a115c3708ca4c7dbb4fbb, size: 3190904 bytes), detected by:Scanner Malware name
A-Squared Heuristic.ArchiveBomb
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV X
CPsecure X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet X
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 X


2nd time last part:

Statistics
Last file scanned at least one scanner reported something about: sacredundertrn.zip (MD5: d09eb52f4a77cb451923e5cadf9ca594, size: 61547 bytes), detected by:Scanner Malware name
A-Squared X
AntiVir X
ArcaVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV X
CPsecure X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet PossibleThreat
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus X
Sophos Antivirus Mal/Packer
VirusBuster Packed/MEW
VBA32 X
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP