http://www.superantispyware.com
Generated 04/17/2008 at 08:17 PM
Application Version : 4.0.1154
Core Rules Database Version : 3440
Trace Rules Database Version: 1432
Scan type : Complete Scan
Total Scan Time : 00:18:42
Memory items scanned : 406
Memory threats detected : 5
Registry items scanned : 4156
Registry threats detected : 25
File items scanned : 16035
File threats detected : 97
Trojan.Vundo-Variant/F
C:\WINDOWS\SYSTEM32\OPNONNKL.DLL
C:\WINDOWS\SYSTEM32\OPNONNKL.DLL
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\opnonnkl
C:\WINDOWS\SYSTEM32\MLJHFCYW.DLL
C:\WINDOWS\SYSTEM32\NNNOPNNK.DLL
C:\WINDOWS\SYSTEM32\EFCABYYX.DLL
C:\WINDOWS\SYSTEM32\XXYXWWTT.DLL
C:\WINDOWS\SYSTEM32\AWTTRQNO.DLL
C:\WINDOWS\SYSTEM32\VTURSQOL.DLL
C:\WINDOWS\SYSTEM32\HGGHEFGG.DLL
Adware.Vundo Variant/Resident
C:\WINDOWS\SYSTEM32\SSQPQPPN.DLL
C:\WINDOWS\SYSTEM32\SSQPQPPN.DLL
Trojan.Downloader-Gen/MROFIN
C:\WINDOWS\MROFINU572.EXE
C:\WINDOWS\MROFINU572.EXE
[runner1] C:\WINDOWS\MROFINU572.EXE
C:\WINDOWS\MROFINU572.EXE.TMP
Trojan.Downloader-NewJuan/VM
C:\WINDOWS\SYSTEM32\CUMUYQMX.DLL
C:\WINDOWS\SYSTEM32\CUMUYQMX.DLL
Adware.ClickSpring/Resident
C:\WINDOWS\SYSTEM32\DUKDY.DLL
C:\WINDOWS\SYSTEM32\DUKDY.DLL
Adware.Vundo-Variant/Small-A
HKLM\Software\Classes\CLSID\{003121cf-9c4b-405b-8292-761a0103fbe5}
HKCR\CLSID\{003121CF-9C4B-405B-8292-761A0103FBE5}
HKCR\CLSID\{003121CF-9C4B-405B-8292-761A0103FBE5}\InprocServer32
HKCR\CLSID\{003121CF-9C4B-405B-8292-761A0103FBE5}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{003121cf-9c4b-405b-8292-761a0103fbe5}
C:\WINDOWS\SYSTEM32\IBOOKHOT.DLL
Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}
HKCR\CLSID\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}
HKCR\CLSID\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}\InprocServer32
HKCR\CLSID\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}
HKCR\CLSID\{FB422E7B-3D5E-4D9B-84C2-91B6C888CDE2}
Adware.Vundo-Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C6AA778-3C24-4AEA-B98D-C20F841C1B9E}
HKCR\CLSID\{9C6AA778-3C24-4AEA-B98D-C20F841C1B9E}
HKCR\CLSID\{9C6AA778-3C24-4AEA-B98D-C20F841C1B9E}\InprocServer32
HKCR\CLSID\{9C6AA778-3C24-4AEA-B98D-C20F841C1B9E}\InprocServer32#ThreadingModel
Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtech[1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adbrite[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@288_[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ex=5_[2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@avsystemcare[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ex=0_[2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@antispywaresuite[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trustedantivirus[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@gomyhit[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@systemerrorfixer[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@zedo[1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@antispywaremaster[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adnetserver[1].txt
C:\Documents and Settings\Administrator\Cookies\[email protected][1].txt
Adware.ClickSpring
HKLM\Software\ClickSpring
HKLM\Software\ClickSpring#UBWKR
C:\PROGRAM FILES\SSEMBL~1\FAST.EXE
Trojan.Unknown Origin
HKLM\Software\xpre
HKLM\Software\xpre#execount
Trojan.DNSChanger-Codec
HKLM\Software\MRSoft
HKLM\Software\MRSoft\P
Trojan.Downloader-Gen/RetAd
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#runner1 [ C:\WINDOWS\mrofinu572.exe 61A847B5BBF728173599284503996897C881250221C8670836AC4FA7C8833201749139 ]
Rogue.AntiSpywareMaster
C:\Program Files\AntiSpywareMaster
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\WINVSNET.EXE
Adware.ClickSpring/Yazzle
C:\WINDOWS\PREFETCH\YAZZLE1281OINADMIN.EXE-2D8F7800.PF
C:\WINDOWS\PREFETCH\YAZZLE1281OINUNINSTALLER.EXE-2B4D86B8.PF
Trojan.Unclassified/17PHolmes-A
C:\WINDOWS\17PHOLMES572.EXE
Trojan.Downloader-Gen/SnapSNet
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\SNAPSNET.EXE
C:\WINDOWS\Prefetch\SNAPSNET.EXE-05D5830D.pf
Adware.Yazzle-Installer
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\YAZZSNET.EXE
C:\WINDOWS\Prefetch\YAZZSNET.EXE-048747F2.pf
Adware.OuterInfo-Installer
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CWS4GAOL\OIUNINSTALLER[1].EXE
Trace.Known Threat Sources
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\i53b_icon1[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\i53b_btn-download[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NL7RIK9O\index[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C9QB052X\close[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\checkinput_2[1].js
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\genpass[1].js
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\sm_er[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\crypt[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C7YRSN47\i53b_btn-overview[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\style_f[1].css
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\box_742[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\ajax[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2ZC7OBUR\errorhandler[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\errorhandler[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NL7RIK9O\i53b_btn-features[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\sm_ok[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\functions_2[1].js
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\trust[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\arrow_left[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0B17MEVH\1x1[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C9QB052X\i53b_t1[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0B17MEVH\i53b_line2[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0B17MEVH\i606_main[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\managers[1].htm
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C7YRSN47\stats[1].jpg
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5N9JDIVL\err[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C9QB052X\CA0LIHFO.php
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\2ZC7OBUR\i53b_bg1[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C9QB052X\i53b_btn-home[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OHYR45QN\box[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\i53b_boton2[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\secure[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\0B17MEVH\stats[1].jpg
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XMWUV9H0\i53b_btn-purchase[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\JMDV6EJZ\i53b_btn-updates[1].gif
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\NL7RIK9O\background[1].gif