Thanks RatHat,
I have deleted Azureus folder from Program Files.
Now for the other machines; firstly the notebook running vista business.
I scanned with AVG, couldn't generate a log, but it did find 13 tracking cookies, 17 traces.
No vista support for Panda.
Scan log for SUPERAntiSpyware:
SUPERAntiSpyware Scan Log
Generated 02/05/2008 at 07:57 PM
Application Version : 3.6.1000
Core Rules Database Version : 3395
Trace Rules Database Version: 1387
Scan type : Complete Scan
Total Scan Time : 01:33:29
Memory items scanned : 711
Memory threats detected : 0
Registry items scanned : 6926
Registry threats detected : 0
File items scanned : 97786
File threats detected : 27
Adware.Tracking Cookie
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@dhdmedia[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@imrworldwide[2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\
[email protected][2].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@mediaonenetwork[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@pornsgates[1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\user@dhdmedia[2].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\user@imrworldwide[2].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\
[email protected][2].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\user@mediaonenetwork[1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\user@pornsgates[1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\Application Data\Microsoft\Windows\Cookies\Low\
[email protected][1].txt
C:\Users\User\Cookies\Low\user@dhdmedia[2].txt
C:\Users\User\Cookies\Low\
[email protected][1].txt
C:\Users\User\Cookies\Low\user@imrworldwide[2].txt
C:\Users\User\Cookies\Low\
[email protected][2].txt
C:\Users\User\Cookies\Low\user@mediaonenetwork[1].txt
C:\Users\User\Cookies\Low\user@pornsgates[1].txt
C:\Users\User\Cookies\Low\
[email protected][1].txt
C:\Users\User\Cookies\Low\
[email protected][1].txt
C:\Users\User\Cookies\Low\
[email protected][1].txt
Hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:30:41 PM, on 5/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.smh.com.au/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.asus.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Windows\system32\IfxPsdSv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 7688 bytes
Uninstall list:
Adobe Flash Player ActiveX
Adobe Reader 8
Apple Mobile Device Support
Apple Software Update
ASUS InstantFun
ASUS Security Protect Manager
ASUS Splendid Video Enhancement Technology
Asus_Camera_ScreenSaver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Attansic Ethernet Utility
Attansic L1 Gigabit Ethernet Driver
AuthenTec Fingerprint Sensor Minimum Install
AVG Anti-Spyware 7.5
Bonjour
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
HijackThis 2.0.2
Infineon TPM Professional Package
Intel® Graphics Media Accelerator Driver
iTunes
LifeFrame2
Microsoft Office Standard Edition 2003
Motorola SM56 Speakerphone Modem
MSVC80_x86
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
NB Probe
Nero 7 Essentials
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
P4P
PC Connectivity Solution
Power4Gear eXtreme
QuickTime
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
SUPERAntiSpyware Free Edition
Synaptics Pointing Device Driver
Trend Micro PC-cillin Internet Security 2007
Trend Micro PC-cillin Internet Security 2007
USB 2.0 1.3M UVC WebCam
VistaFeaturePack
Windows Driver Package - Nokia Modem (08/03/2007 6.84.0.2)
Windows Driver Package - Nokia Modem (10/12/2007 3.6)
WinFlash
Wireless Console 2
Seems to run well, but is very new and I am not very familiar with it yet. I will post logs for other pc tomorrow, I haven't run the scans yet.
Thanks for your ongoing support.
Kind Regards,
Peter.