Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

antiSPYwareMaster after a zlob trojan


  • Please log in to reply

#1
mamavonnie

mamavonnie

    New Member

  • Member
  • Pip
  • 3 posts
just got rid a of zlob trojan and now i i have this antispyware master it has taken over my desktop.here is my hijackthis log:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:59:57 PM, on 5/13/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Rhapsody\rhaphlpr.exe
C:\Program Files\Expert Software\Bicycle® Solitaire\BSOL32.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.adamsonme...hotos/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windows\System32\userinit.exe,
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: {84288062-aea9-eeeb-1b14-f67b87fd2128} - {8212df78-b76f-41b1-beee-9aea26088248} - C:\WINDOWS\System32\vrmciofk.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: QXK Rhythm - {E71878D1-E549-489A-92BA-C16F9048E249} - C:\WINDOWS\fvowketqpag.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn8\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: pvnsmfor - {C1F49C47-813A-479D-BDCF-4B9BF8B0B48E} - C:\WINDOWS\pvnsmfor.dll
O4 - HKLM\..\Run: [142fc9f5] rundll32.exe "C:\WINDOWS\System32\wmgvpyqv.dll",b
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestat....cab?v=1,0,0,37
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E711827-7D0D-4684-8222-74AF6B72390F}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CCS\Services\Tcpip\..\{2615A2F8-DF8A-4F67-927D-9875D86EF860}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CCS\Services\Tcpip\..\{D31B05EA-FD7B-4F0D-8A4B-BE73AC512C95}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.171 85.255.112.179
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E711827-7D0D-4684-8222-74AF6B72390F}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.171 85.255.112.179
O20 - Winlogon Notify: ssqnoLfE - ssqnoLfE.dll (file missing)
O21 - SSODL: mpfanvqg - {50C047C1-B9F7-49AC-AC9A-F7F2253BAFA4} - C:\WINDOWS\mpfanvqg.dll
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O24 - Desktop Component 0: (no name) - http://a712.g.akamai.../50361721_z.jpg
O24 - Desktop Component 1: (no name) - http://www.imagestat...fd/ee9b0a23.jpg
O24 - Desktop Component 2: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm

--
End of file - 7511 bytes
help :) :) :)
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello mamavonnie

Welcome to G2Go. :)
=====================
Because you have no Antivirus software installed.

The first thing I will need you to do is to Download ONE of these anti-virus programs and install it.
These are free.
Avast
or
AVG free 8.0
Note this is free antispyware protection and Antivirus protection.
or
Antivir

as long as you only install one.
Install it only do not scan with anything yet.
=======================
Then::
Please download FixWareout from here:
http://downloads.sub.../Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. If your firewall gives an alert, (because this tool will download an additional file from the internet), please don't let your firewall block it, but allow it instead.
Then you will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Once the desktop loads please post the text that will open (report.txt).
===================
Then::
Download SDFix and save it to your Desktop.

Double click SDFix.exe and choose Install to extract it to its own folder on the Desktop. Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt.
  • Finally copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log

  • 0

#3
mamavonnie

mamavonnie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
here also is my panda scan

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-13 19:05:39
PROTECTIONS: 0
MALWARE: 156
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00005760 spyware/tooncom Spyware No 1 Yes No c:\documents and settings\dell user\local settings\temp\loader.exe
00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\urlsidebar
00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\spidersidebar
00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\ronsidebar
00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\mirrorunder
00024383 spyware/clearsearch Spyware No 1 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\contextsidebar
00029007 adware/tvmedia Adware No 0 Yes No c:\documents and settings\dell user\application data\tvmdmns.dll
00029434 spyware/virtumonde Spyware No 1 Yes No HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}
00029459 spyware/betterinet Spyware No 1 Yes No c:\windows\inf\satmat.inf
00040415 adware/wintools Adware No 0 Yes No hkey_local_machine\system\controlset001\enum\root\legacy_wintoolssvc
00040415 adware/wintools Adware No 0 Yes No hkey_local_machine\system\controlset001\enum\root\legacy_tbpssvc
00040415 adware/wintools Adware No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\aui
00041904 adware/sidesearch Adware No 0 Yes No c:\documents and settings\dell user\application data\lycos
00047863 adware/ieplugin Adware No 0 Yes No c:\windows\kwv2.dat
00049499 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-1d069761.zip[Dummy.class]
00096718 adware/twain-tech Adware No 0 Yes No c:\windows\satmat.ini
00098897 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-1d069761.zip[InsecureClassLoader.class]
00098898 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-1d069761.zip[Installer.class]
00098899 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-11faa9ed-1d069761.zip[GetAccess.class]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15CC.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15AE.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5E.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5F.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq60.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq61.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq62.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq63.tmp
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA2.tmp
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq67.tmp
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9E.tmp
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq7.tmp
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq9A.tmp
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B1.tmp
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq69.tmp
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6B.tmp
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA7.tmp
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15CA.tmp
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA5.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C6.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C5.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C7.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C3.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C2.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C8.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C0.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BF.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BE.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BD.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BC.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BB.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15BA.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B9.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C1.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B8.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15C4.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B2.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B3.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B4.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B5.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B6.tmp
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15B7.tmp
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA0.tmp
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15AF.tmp
00149104 Cookie/Date TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00149104 Cookie/Date TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00167730 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA3.tmp
00167733 Cookie/Adserver TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqAB.tmp
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA6.tmp
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][4].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][3].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][4].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][5].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][6].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][8].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][7].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4B.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4C.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4D.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4E.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq4F.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq50.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq51.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq52.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq53.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq54.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq55.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq56.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq57.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq58.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq59.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5A.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5B.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5C.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq5D.tmp
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6.tmp
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppqA9.tmp
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15CB.tmp
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6D.tmp
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq6C.tmp
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Program Files\Yahoo!\YPSR\Quarantine\ppq15CD.tmp
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00289693 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP208\A0037089.exe
00289693 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0039931.exe
00289921 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP208\A0037090.exe
00289921 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0039932.exe
00290756 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP215\A0039930.dll
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
00328085 Adware/SaveNow Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP231\A0042831.exe
00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][2].txt
00522961 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms03011.jar-37872fe-51b6cacf.zip[MagicApplet.class]
00522968 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\dell user\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ms03011.jar-37872fe-51b6cacf.zip[OwnClassLoader.class]
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
02300712 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP261\A0056307.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054802.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054806.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054801.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054803.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054799.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054798.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054807.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054805.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054809.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054808.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054800.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054804.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054786.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054787.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054788.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054789.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054790.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054791.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054792.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054793.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054794.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054795.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054796.dll
02378188 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054797.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054888.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054887.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054810.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054844.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054812.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054811.dll
02634827 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054889.dll
02670431 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\bbeorfip.dll
02688352 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\fnvheims.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054897.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054895.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054894.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054898.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055887.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055888.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055889.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055890.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055891.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054896.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054890.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054891.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054892.dll
02733260 Spyware/Vundo Spyware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP252\A0054893.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\bwutqiey.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\alolrvtt.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ypaxcsrm.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xuqttemt.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xltoujmy.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\sdnievmc.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xjukmclr.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\sendsvpg.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\tmpnjkwf.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\wlutgnev.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\unxatyog.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\uqrsrtir.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\vkqeifqb.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\cheupqab.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\rvssubls.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\hbnwbrwe.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\rajbsdxs.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\jlcgcvbx.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\kbrtkfox.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\qhgmojcf.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\djudifnh.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ptfdyqds.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\pfdhrrgm.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\oqdpbyuw.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\spbthiwv.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\okdlymqy.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ecskhtch.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ialcxrra.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\lmhfjgul.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\gbuqunpk.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\lgjiuawm.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\kqhcqcoa.dll
02763667 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\wkvxshan.dll
02812099 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xaqfbfgu.dll
02812099 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ijfjdsma.dll
02812101 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xlfyukhp.dll
02812103 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\ocsagrmq.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056465.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056466.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056467.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056468.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056469.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056470.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056471.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056464.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056473.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056474.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP261\A0056308.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056272.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056271.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056270.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP261\A0056310.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056268.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056472.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056267.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056265.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP258\A0056008.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP258\A0056007.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP254\A0055938.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP254\A0055927.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP254\A0055925.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055897.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055896.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055895.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055894.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055893.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP253\A0055892.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP261\A0056312.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056269.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP261\A0056309.dll
02812177 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP260\A0056266.dll
02870222 Adware/Zango Adware No 0 No No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP254\A0055926.exe[SRInstaller.exe][²ÜÇ\Install.dll]
02882168 Adware/MalwareAlarm Adware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP264\A0057675.exe
02882933 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\isnrsrup.dll
02884602 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\nssamtof.dll
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
02887534 Cookie/PrivacyGuard TrackingCookie No 0 Yes No C:\Documents and Settings\dell user\Cookies\dell [email protected][1].txt
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\hdyponkk.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\arkbubwg.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\rhowehco.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\sdjhyash.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\xfkpbyvb.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\topaqoqh.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ivabeivc.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\bcunwwsu.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\koiueopq.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ysxudnnl.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\gbexrntu.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\gdlpcfxw.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\edpkniha.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ltlawnqu.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\lntotjhr.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ehkglkyk.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ifeshall.dll
02887917 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\lmtdblty.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\lnryetvq.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\gispuanl.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\kydtublf.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\kxokdxle.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\dstiegam.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\djwvmefj.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\phldjaau.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ewsqdhml.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\pjpmrciq.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\fckomsph.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ddtvjwfx.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\brahrqat.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ahifmsmd.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\akggwwlh.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\gsjeitax.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\rqynebmb.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ilxpswpl.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\xhgkmkmd.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\ugaasnlk.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\tfryetfq.dll
02888927 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\subnxrjp.dll
02889999 Adware/LiveAntispy Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP266\A0060107.exe
02889999 Adware/LiveAntispy Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP265\A0058983.exe
02889999 Adware/LiveAntispy Adware No 0 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP271\A0063524.exe
02892061 Adware/Zango Adware No 0 No No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP254\A0055926.exe[²ìÇ]
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056490.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056489.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056488.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056487.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056486.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056484.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056491.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056482.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056481.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056480.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056479.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056478.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056477.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056476.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056475.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056483.dll
02893077 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056485.dll
02897477 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP263\A0056522.dll
02897728 Spyware/Vundo Spyware No 0 Yes No C:\WINDOWS\SYSTEM32\xaxqpsai.dll
02898503 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\SYSTEM32\thuywuem.dll
02898504 Spyware/Virtumonde Spyware No
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok thanks can you please run those tools that I posted before and post the logs please thanks.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP