Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

The Deathly Slows part II


  • Please log in to reply

#1
BoB 1951

BoB 1951

    Member

  • Member
  • PipPip
  • 14 posts
You guys are great and helped me disinfect my daughter's computer, but now I need help with mine. I was directed here from the OS forum as my helper there figured I might have a virus . I've got McAfee running and ran the set of tools that you recommend. Panda found one virus that the other tools didn't, Trj/PayClicker.EC, and also reported some potential "Hacker tools or rootkits." A Rootkit might well explain why I have no cycles left!

My computer is a four year old Dell 8250, 2.66 GHz with 512MB RAM. It may just be that I need more memory, or as someone else suggested, I've just got too much stuff, but my laptop which also has 512MB RAM is much snappier.

I'm posting the following logs:
1) HJT
2) HJT Uninstall
3) Panda active scan.

Any help you can offer will be much appreciated.
===
1) HJT
Logfile of HijackThis v1.99.1
Scan saved at 5:06:19 PM, on 8/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE
C:\WINDOWS\vVX1000.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6066\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
O2 - BHO: (no name) -  - (no file)
O2 - BHO: (no name) - @=¬FD14D-132B-48FC-8861-0048AE113215} - (no file)
O2 - BHO: (no name) - orer - (no file)
O2 - BHO: (no name) - p=¬8C1F5-230E-4DC9-9A0D-F3159A5E77 - (no file)
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD7 - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74 - (no file)
O2 - BHO: (no name) - °?¬J - (no file)
O2 - BHO: (no name) - Ŕ=¬497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [REGSHAVE] "C:\Program Files\REGSHAVE\REGSHAVE.EXE" /AUTORUN
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6066\SiteAdv.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX6400] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE" /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.comcastsu...asp/tgctlsr.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcaf...ed/MGBrwFld.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} (iNotes Class) - https://20.6.41.66/iNotes.cab
O16 - DPF: {2C52AF58-B9B1-11D5-9DF6-00508B755B44} (AXClientUtil2 Control) - http://www.smartforc...XClientUtil.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://amer-ml20.am...om/iNotes6W.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish...fishActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.co...83/mcinsctl.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - https://www.webiqonl...Q/bin/WebIQ.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1125706981946
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.c...es/PROFILER.CAB
O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://stowphoto.lif...PUploader41.cab
O16 - DPF: {BCBC9371-595D-11D4-A96D-00105A1CEF6C} (View22RTE Class) - http://hgtv2.view22....p/view22rte.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.co...,20/mcgdmgr.cab
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe

---
2) HJT Uninstall

3D Bungalow Aquarium Screensaver 1.1
3ivx D4 4.5.1 (remove only)
Ad-Aware SE Personal
Adobe Flash Player ActiveX
Adobe Reader 8.1.0
American Greetings CreataCard
American Idol ® Digital Camcorder
AOL Uninstaller (Choose which Products to Remove)
Apple Software Update
ArcSoft PhotoImpression
ArcSoft Software Suite
Australia's Great Barrier Reef Screen Saver
BCM V.92 56K Modem
Bink and Smacker
Bonjour
CCScore
ClueFinders 4th Grade Adventures
ClueFinders Math Adventures
ClueFinders Mystery Mansion Arcade
ClueFinders The Incredible Toy Store Adventure!
Collie Screensaver
ComcastSUPPORT
Cost Xpert 3.3
Dell Modem-On-Hold
Dell Picture Studio - Dell Image Expert
Dell Solution Center
DellSupport
Digital Line Detect
Diner Dash (remove only)
DivX
DivX Player
DivX Web Player
Dogz 5
DVDSentry
Ease Audio Converter 3.00
Easy CD and DVD Cover Creator 4.11
Easy CD Creator 5 Basic
EPSON CardMonitor
EPSON Copy Utility
EPSON EIC
EPSON ES CX6400 Manual
EPSON Photo Print
EPSON PhotoStarter3.0
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
essvcpt
Express Dictate Uninstall
FinePixViewer Ver.3.2
FUJIFILM USB Driver
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Harry Potter
Harry Potter and the Goblet of Fire™
Harry Potter and the Prisoner of Azkaban™
Harry Potter II
HijackThis 1.99.1
HLPPDOCK
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
ImageMixer VCD for FinePix
Intel® PRO Ethernet Adapter and Software
Intel® PROSet II
iPod for Windows 2005-03-23
iPod for Windows 2006-01-10
iPod for Windows 2006-03-23
iTunes
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_04
Java 2 Runtime Environment, SE v1.4.2_06
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kid Pix Deluxe 3
Kodak EasyShare software
KSU
Lernout & Hauspie TruVoice American English TTS Engine
Logitech iTouch Software
MathPlayer
McAfee SecurityCenter
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Data Access Components KB870669
Microsoft Interactive Training
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2003
Microsoft Office XP Media Content
Microsoft Office XP Professional
Microsoft Office XP Small Business
Microsoft PowerPoint Viewer 97
Microsoft Web Publishing Wizard 1.52
MicroStaff WINASPI
Modem Helper
MouseWare 9.41 .3
Movie Converter V2 (remove only)
Mozilla Firefox (2.0.0.4)
MSN Music Assistant
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MusicBridge
Nancy Drew: Message in a Haunted Mansion
Network Play System (Patching)
Notifier
NuParadigm RSS Screensaver
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI
Opera 9.01
OTtBP
OTtBPSDK
Outlook Express Backup Wizard
Owl and Mouse Europe Map Puzzle
Paint Shop Pro 7
Palm
Panda ActiveScan
PDF Append 1.0.9
Pdf995
Picasa 2
PM FASTrack®
PowerDVD
Puppies Screen Saver
Puppy Luv (remove only)
QuickTime
RealPlayer
Registry Mechanic 6.0
ScanToWeb
SecondLife (remove only)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
SFR
SHASTA
SKIN0001
SKINXSDK
Starship Titanic
staticcr
SUPERAntiSpyware Free Edition
System Security Suite 1.04
TaxCut 2003
TaxCut 2004
TaxCut Deluxe 2005
TaxCut Premium 2006
The Polar Express Screen Saver
The Sims 2
The Sims Makin' Magic
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB900930)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB936357)
Viewpoint Media Player
VPRINTOL
WebEx
WebIQ Client Software
Where in the World is Carmen Sandiego for schools
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885523
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WIRELESS
World Book 2004 (Deluxe)
Yahoo! Photos Easy Upload Tool
Zoombinis Logical Journey™

---
3) Panda


Incident Status Location

Potentially unwanted tool:application/mywebsearch Not disinfected c:\windows\system32\f3PSSavr.scr
Spyware:spyware/betterinet Not disinfected c:\windows\inf\biini.inf
Potentially unwanted tool:application/funweb Not disinfected c:\program files\FunWebProducts
Adware:adware/sidesearch Not disinfected c:\program files\Lycos
Adware:adware/iedriver Not disinfected Windows Registry
Spyware:spyware/commonname Not disinfected Windows Registry
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\l04vxxfi.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Bob\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Bob\Cookies\[email protected][2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Bob\Cookies\[email protected][1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Bob\Cookies\[email protected][1].txt
Virus:Trj/PayClicker.EC Not disinfected C:\Documents and Settings\Bob\Local Settings\Application Data\Sunbelt Software\CounterSpy\Quarantine493DB9E-F2C6-4319-8E4D-37E4B7\CAB635CE-CA81-4D83-B4B6-5B7F6B[˛íÇ]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\Bob\Local Settings\Application Data\Sunbelt Software\CounterSpy\Quarantine\4CEB9D52-7338-4B55-B86D-687B56\D82CCA58-A775-491E-AC6A-DBA291
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\Bob\Local Settings\Application Data\Sunbelt Software\CounterSpy\Quarantine\93CA6C43-FF86-4CEC-9030-55814E\1ACE6F46-C7FA-4474-9678-42BC5F
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][2].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Maureen\Cookies\[email protected][1].txt
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR[contents.rdf]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR[menu.xul]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR[toolbarembed.html]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\WebIQ\WebIQClientLib.dll
Virus:Generic Malware Disinfected C:\WINDOWS\Downloaded Program Files\screload-mamma.exe
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP