Malwarebytes' Anti-Malware 1.11
Database version: 699
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 114613
Time elapsed: 1 hour(s), 10 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 05/03/2008 at 10:16 AM
Application Version : 4.0.1154
Core Rules Database Version : 3450
Trace Rules Database Version: 1442
Scan type : Complete Scan
Total Scan Time : 01:11:11
Memory items scanned : 480
Memory threats detected : 0
Registry items scanned : 4705
Registry threats detected : 0
File items scanned : 81338
File threats detected : 49
Adware.Tracking Cookie
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@nextag[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@casalemedia[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@serving-sys[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adultfriendfinder[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@burstnet[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tribalfusion[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@revsci[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@advertising[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@tacoda[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adultadworld[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@clicktorrent[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@roiservice[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@doubleclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@bluestreak[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][3].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@trafficmp[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@imrworldwide[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@apmebf[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@partner2profit[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@2o7[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@atdmt[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@fastclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@adrevolver[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@zedo[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@specificclick[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@collective-media[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@247realmedia[1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@realmedia[2].txt
C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][1].txt
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-03 11:19:15
PROTECTIONS: 1
MALWARE: 3
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
AVG Internet Security 8.0 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@mediaplex[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\[email protected][2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Compaq_Administrator\Cookies\compaq_administrator@questionmarket[1].txt
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location zu
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description zu
;===============================================================================
=================================================================================
===================
182048 HIGH MS07-069 zu
176382 HIGH MS07-057 zu
170907 HIGH MS07-046 zu
170906 HIGH MS07-045 zu
170904 HIGH MS07-043 zu
164913 HIGH MS07-033 zu
160623 HIGH MS07-027 zu
150253 HIGH MS07-016 zu
108742 MEDIUM MS06-006 zu
;===============================================================================
=================================================================================
===================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:19 AM, on 5/3/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Program Files\DISC\DiscGui.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...a...&pf=desktop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdateMgr.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [eligmini] C:\Program Files\Fisher-Price\Easy-Link internet launch pad\Easy-Link internet launch pad.exe 0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1209514737046
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
--
End of file - 8315 bytes