Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malwares on Win 2003 server

Started by kirgan , May 05 2008 08:11 AM

  • Please log in to reply

#1
kirgan
Posted 05 May 2008 - 08:11 AM

kirgan

    New Member

  • Member
  • Pip
  • 1 posts
I updated this thread with all the required information. I still leave my first message down here

Hi there.

Im brand new on Geeks to go. You can imagine that if I post here on the first day of my inscription, its that I'm in a bad situation.
I noticed some days ago that I had troubles on our operating server running win 2003. Its a dell poweredge 2800, and we have a web server and a mail server on it, as well as Acitve Directory (users profiles).

Following the instructions of a "friend", I installed ad-aware to check out what was wrong, and I "repaired" my computer.
What a bad idea :/ Now I have problems with my mail and web servers (which are, as I said, in production :) ).

Anyway, it looks like the advices posted here are really good, and I was wondering if you can help me, even though Im running windows server. As I'm typing my message, Superantispyware is checking my whole server.
If you tell me that you can at least try to help me, I'll keep on with the step-by-step-before-posting guide, and post a Hijack This log asap.

No need to explain more right now, I just need to know if I should keep up, or just give up and look somewhere else for help!


So I ran a superantispyware. I did a Panda check (it found 3 threads in 200+ files, then cleaned them).
And finally a HiJackThis (logs can be found at the bottom).

The symptoms now are :
- when the server starts, it takes at least 3 minutes for the databases to be accessible (used to be instant);
- whenever I restart the server, the taskbar disappear (you know, the automatic hiding of that thing);
- when I go to Start Menu, most of the time, the menu will close before I can reach the program I'd like to launch.

Panda Log (it didnt look great in quotes, I tried "code"):
;***********************************************************************************************************************************************************************************ANALYSIS: 2008-05-06 15:50:42PROTECTIONS: 0MALWARE: 39SUSPECTS: 0;***********************************************************************************************************************************************************************************PROTECTIONSDescription                                  Version                       Active    Updated;===================================================================================================================================================================================;===================================================================================================================================================================================MALWAREId        Description                        Type                Active    Severity  Disinfectable  Disinfected Location;===================================================================================================================================================================================00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.casalemedia.com/]00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.casalemedia.com/]00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.casalemedia.com/]00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.casalemedia.com/]00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.casalemedia.com/]00139060  Cookie/Casalemedia                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.casalemedia.com/]00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.doubleclick.net/]00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.doubleclick.net/]00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.doubleclick.net/]00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.doubleclick.net/]00139061  Cookie/Doubleclick                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.doubleclick.net/]00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.atdmt.com/]00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.atdmt.com/]00139064  Cookie/Atlas DMT                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.atdmt.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.tradedoubler.com/]00145393  Cookie/Tradedoubler                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.tradedoubler.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.247realmedia.com/]00145405  Cookie/RealMedia                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.247realmedia.com/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.fastclick.net/]00145457  Cookie/FastClick                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.fastclick.net/]00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.tribalfusion.com/]00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tribalfusion.com/]00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tribalfusion.com/]00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tribalfusion.com/]00145731  Cookie/Tribalfusion                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.tribalfusion.com/]00145738  Cookie/Mediaplex                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.mediaplex.com/]00145738  Cookie/Mediaplex                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.mediaplex.com/]00167642  Cookie/Com.com                     TrackingCookie      No        0         Yes            No           C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\qjwuj5ug.default\cookies.txt[.com.com/]00167642  Cookie/Com.com                     TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.com.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.xiti.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.xiti.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.xiti.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.xiti.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\qjwuj5ug.default\cookies.txt[.xiti.com/]00167704  Cookie/Xiti                        TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.xiti.com/]00167709  Cookie/fe.lea.lycos                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[fe.lea.lycos.fr/]00167749  Cookie/Toplist                     TrackingCookie      No        0         Yes            No           C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\qjwuj5ug.default\cookies.txt[.toplist.cz/]00167749  Cookie/Toplist                     TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.toplist.cz/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.statcounter.com/]00167753  Cookie/Statcounter                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.statcounter.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[ad.yieldmanager.com/]00168056  Cookie/YieldManager                TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[ad.yieldmanager.com/]00168061  Cookie/Apmebf                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.apmebf.com/]00168061  Cookie/Apmebf                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.apmebf.com/]00168076  Cookie/BurstNet                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.burstnet.com/]00168076  Cookie/BurstNet                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.burstnet.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0001DD88.base00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00005D74.base00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.serving-sys.com/]00168090  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.serving-sys.com/]00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.bs.serving-sys.com/]00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.bs.serving-sys.com/]00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.bs.serving-sys.com/]00168093  Cookie/Serving-sys                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.bs.serving-sys.com/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.weborama.fr/]00168106  Cookie/Weborama                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.weborama.fr/]00168109  Cookie/Adtech                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adtech.de/]00168109  Cookie/Adtech                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.adtech.de/]00168109  Cookie/Adtech                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.adtech.de/]00168109  Cookie/Adtech                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adtech.de/]00168110  Cookie/Server.iad.Liveperson       TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[server.iad.liveperson.net/hc/24995978]00168110  Cookie/Server.iad.Liveperson       TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[server.iad.liveperson.net/]00168114  Cookie/onestat.com                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[stat.onestat.com/]00168114  Cookie/onestat.com                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[stat.onestat.com/]00168114  Cookie/onestat.com                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[stat.onestat.com/]00168114  Cookie/onestat.com                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[stat.onestat.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[fl01.ct2.comclick.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[fl01.ct2.comclick.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[fl01.ct2.comclick.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[fl01.ct2.comclick.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[fl01.ct2.comclick.com/]00168116  Cookie/Comclick                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[fl01.ct2.comclick.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.advertising.com/]00169190  Cookie/Advertising                 TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.advertising.com/]00170304  Cookie/WebtrendsLive               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[statse.webtrendslive.com/]00170304  Cookie/WebtrendsLive               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[statse.webtrendslive.com/]00170304  Cookie/WebtrendsLive               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.statse.webtrendslive.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.ads.pointroll.com/]00170495  Cookie/PointRoll                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.pointroll.com/]00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.overture.com/]00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.overture.com/]00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.overture.com/]00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.overture.com/]00170554  Cookie/Overture                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.overture.com/]00171982  Cookie/QuestionMarket              TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.questionmarket.com/]00171982  Cookie/QuestionMarket              TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.questionmarket.com/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.metriweb.be/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.metriweb.be/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.metriweb.be/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.metriweb.be/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.metriweb.be/]00172449  Cookie/MetriWeb                    TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.metriweb.be/]00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.bluestreak.com/]00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.bluestreak.com/]00173520  Cookie/Bluestreak                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.bluestreak.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adrevolver.com/]00184846  Cookie/Adrevolver                  TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.adrevolver.com/]00207936  Cookie/Adviva                      TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.adviva.net/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\00007DFB.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000FED7.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0000C0A9.base[.smartadserver.com/]00273339  Cookie/Smartadserver               TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\0002403D.base[.smartadserver.com/]00293517  Cookie/AdDynamix                   TrackingCookie      No        0         Yes            No           C:\Program Files\TSM Backup\cache\000060A4.base[.ads.addynamix.com/]02887813  Trj/Autorun.JN                     Virus/Trojan        No        0         Yes            Yes          C:\autorun.inf02900677  W32/Winko.Z.worm                   Virus/Worm          No        0         Yes            Yes          C:\WINDOWS\system32\433275EC.DLL02913543  Adware/Alexa                       Adware              No        0         Yes            No           C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\J1TSJEHK\f2b4657b5568d072[1].exe02913543  Adware/Alexa                       Adware              No        0         Yes            No           C:\auto.exe02913543  Adware/Alexa                       Adware              No        0         Yes            No           C:\WINDOWS\system32\992B0674.EXE02913621  W32/Lineage.HXI.worm               Virus/Worm          No        1         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp3C.tmp02913621  W32/Lineage.HXI.worm               Virus/Worm          No        1         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp36.tmp02913621  W32/Lineage.HXI.worm               Virus/Worm          No        1         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp42.tmp02913621  W32/Lineage.HXI.worm               Virus/Worm          No        1         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\tmp4D.tmp02917814  Trj/WoW.HV                         Virus/Trojan        No        0         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\k120876960819ow.dll02917814  Trj/WoW.HV                         Virus/Trojan        No        0         Yes            Yes          C:\Documents and Settings\Administrateur\Local Settings\Temp\k120886730719ow.dll;===================================================================================================================================================================================SUSPECTSSent      Location                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              X@L3Z;===================================================================================================================================================================================;===================================================================================================================================================================================VULNERABILITIESId        Severity   Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                X@L3Z;===================================================================================================================================================================================;===================================================================================================================================================================================

HiJackThis Log :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:03, on 6/05/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Perl\bin\perl.exe
D:\Program Files\Windows Resource Kits\Tools\srvany.exe
C:\Program Files\clamAV\clamd.exe
D:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
D:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\ismserv.exe
C:\Program Files\MGE\PersonalSolutionPac\RunSC.exe
C:\Program Files\MGE\PersonalSolutionPac\PCtl.exe
D:\Program Files\Dell\SysMgt\sm\mr2kserv.exe
D:\bin\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
C:\WINDOWS\system32\ntfrs.exe
D:\Program Files\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
C:\Program Files\MGE\PersonalSolutionPac\BIL.EXE
D:\Program Files\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TSM Backup\dsmcsvc.exe
C:\Program Files\MGE\PersonalSolutionPac\CILUSB.EXE
C:\WINDOWS\system32\tcpsvcs.exe
D:\bin\hMailServer\Bin\hMailServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\slrundll.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\system32\hpnra.exe
C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\tmp\rainmeter\Rainmeter.exe
D:\bin\ABBYYF~1.0CO\HOTFOL~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
D:\administrateurs\antivirus\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://lesoir.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [PRONoMgrWired] c:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [HP Network Registry Agent] C:\WINDOWS\system32\hpnra.exe
O4 - HKLM\..\Run: [HP Proxy Server] C:\Program Files\Hewlett-Packard\ProxyService\ProxyService.lnk
O4 - HKLM\..\Run: [pspNetSystray] C:\Program Files\MGE\PersonalSolutionPac\mgenetsystray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ShutdownEventCheck] %systemroot%\system32\dumprep 0 -s
O4 - HKLM\..\Run: [WINSvr32] C:\WINDOWS\WINSvr32.exE
O4 - HKLM\..\Run: [bzwqvrqv] C:\WINDOWS\zqrvolpe.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Raccourci vers Rainmeter.lnk = C:\tmp\rainmeter\Rainmeter.exe
O15 - ESC Trusted Zone: http://mysql.easynet.be
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://be.php.net
O15 - ESC Trusted Zone: http://www.portal-to-web.de
O15 - ESC Trusted Zone: http://www.secuser.com
O15 - ESC Trusted Zone: http://mozilla.mirrors.tds.net
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer....bitdefender.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = educasante.local
O17 - HKLM\Software\..\Telephony: DomainName = educasante.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{17BD19A0-88DF-4ABC-B806-C5312B6D83DA}: NameServer = 212.68.193.32,212.68.193.30
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AC6C69D-31A2-4E72-B4F7-F289D45C106F}: Domain = educasante.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AC6C69D-31A2-4E72-B4F7-F289D45C106F}: NameServer = 192.168.0.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = educasante.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{17BD19A0-88DF-4ABC-B806-C5312B6D83DA}: NameServer = 212.68.193.32,212.68.193.30
O20 - AppInit_DLLs: msosdohs00.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: 107F9BBF - Unknown owner - C:\WINDOWS\system32\992B0674.EXE
O23 - Service: Anti-Spam Smtp Proxy (ASSPSMTP) - ActiveState Tool Corp. - C:\Perl\bin\perl.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ClamAV - Unknown owner - D:\Program Files\Windows Resource Kits\Tools\srvany.exe
O23 - Service: DSM SA Event Manager (dcevt32) - Dell Inc. - D:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_eventmgr32.exe
O23 - Service: DSM SA Data Manager (dcstor32) - Dell Inc. - D:\Program Files\Dell\SysMgt\dataeng\bin\dsm_sa_datamgr32.exe
O23 - Service: hMailServer - hMailServer - D:\bin\hMailServer\Bin\hMailServer.exe
O23 - Service: MGE Service module - Unknown owner - C:\Program Files\MGE\PersonalSolutionPac\RunSC.exe
O23 - Service: mr2kserv - LSI Logic Corporation - D:\Program Files\Dell\SysMgt\sm\mr2kserv.exe
O23 - Service: MySQL - Unknown owner - D:\bin\MySQL\MySQL.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: DSM SA Shared Services (omsad) - Dell Inc. - D:\Program Files\Dell\SysMgt\oma\bin\dsm_om_shrsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: DSM SA Connection Service (Server Administrator) - Unknown owner - D:\Program Files\Dell\SysMgt\iws\bin\win32\dsm_om_connsvc32.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TSM Central Scheduler Service - IBM Corporation - C:\Program Files\TSM Backup\dsmcsvc.exe
O23 - Service: Onduleur (UPS) - Unknown owner - C:\WINDOWS\System32\ups2.exe (file missing)

--
End of file - 7949 bytes


Edited by kirgan, 06 May 2008 - 08:09 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP