Here is the latest Combofix log...
ComboFix 08-06-30.2 - Mikeo 2008-07-01 20:18:39.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.638 [GMT -4:00]
Running from: C:\Documents and Settings\Mikeo\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mikeo\Desktop\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\ctcoinst.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CDRMKAUN
-------\Service_cdrmkaun
((((((((((((((((((((((((( Files Created from 2008-06-02 to 2008-07-02 )))))))))))))))))))))))))))))))
.
2008-07-01 20:13 . 2008-07-01 20:13 <DIR> d-------- C:\ATFCleaner
2008-06-30 21:09 . 2008-06-30 21:09 8,192 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-06-30 19:23 . 2008-06-30 19:23 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-06-30 19:23 . 2008-06-30 19:23 <DIR> d-------- C:\Documents and Settings\Mikeo\Application Data\SUPERAntiSpyware.com
2008-06-30 19:23 . 2008-06-30 19:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-30 19:22 . 2008-06-30 19:22 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-30 19:20 . 2008-06-30 19:20 <DIR> d-------- C:\SuperAntiSpyware
2008-06-30 08:32 . 2008-06-30 08:32 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-30 08:32 . 2008-06-30 08:32 <DIR> d-------- C:\Malware Bytes
2008-06-30 08:32 . 2008-06-30 08:32 <DIR> d-------- C:\Documents and Settings\Mikeo\Application Data\Malwarebytes
2008-06-30 08:32 . 2008-06-30 08:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-30 08:32 . 2008-06-28 14:16 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-30 08:32 . 2008-06-28 14:16 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-30 00:54 . 2008-06-30 00:54 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-30 00:54 . 2008-06-30 00:54 <DIR> d-------- C:\HiJackThis
2008-06-29 23:34 . 2008-06-29 23:34 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
2008-06-29 23:34 . 2008-06-29 23:34 0 --a------ C:\WINDOWS\system32\SBRC.dat
2008-06-29 23:34 . 2008-06-29 23:34 0 --a------ C:\WINDOWS\system32\SBFC.dat
2008-06-29 23:28 . 2008-06-29 23:28 <DIR> d-------- C:\Program Files\Sunbelt Software
2008-06-29 23:28 . 2008-06-29 23:28 <DIR> d-------- C:\Documents and Settings\Mikeo\Application Data\Sunbelt Software
2008-06-29 23:28 . 2008-06-29 23:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt Software
2008-06-29 23:23 . 2008-06-29 23:27 <DIR> d-------- C:\CounterSpy
2008-06-29 00:17 . 2008-06-29 00:17 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-29 00:17 . 2008-06-29 00:17 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-10 19:24 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-26 14:38 --------- d-----w C:\Documents and Settings\Mikeo\Application Data\uTorrent
2008-06-26 05:14 --------- d-----w C:\Documents and Settings\Mikeo\Application Data\WeatherBug
2008-06-21 22:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania United
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-05-30 23:07 --------- d-----w C:\Documents and Settings\Mikeo\Application Data\Netscape
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2005-12-14 05:52 17,920 ----a-w C:\Documents and Settings\Mikeo\Application Data\GDIPFONTCACHEV1.DAT
.
((((((((((((((((((((((((((((( snapshot@2008-06-30_21.39.17.71 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-01 01:13:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-02 00:24:07 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2005-10-21 00:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Weather"="C:\Program Files\AWS\WeatherBug\Weather.exe" [2004-11-08 18:13 1597440]
"IE New Window Maximizer"="C:\Program Files\IE New Window Maximizer\iemaximizer.exe" [2003-01-24 13:21 348160]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-02-24 08:32 5537792]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-02-24 08:32 86016]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-04-24 13:29 98304]
"NAV Agent"="C:\PROGRA~1\NORTON~1\navapw32.exe" [2001-08-16 18:52 74832]
"SBCSTray"="C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe" [2007-08-27 12:09 698864]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE]
"nwiz"="nwiz.exe" [2005-02-24 08:32 1495040 C:\WINDOWS\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2006-08-11 14:56 17920 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 14:56 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.jxvd"= JetMPVx.dll
"vidc.X264"= x264vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CoreCenter.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\CoreCenter.lnk
backup=C:\WINDOWS\pss\CoreCenter.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DigiCell.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DigiCell.lnk
backup=C:\WINDOWS\pss\DigiCell.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2004-04-17 12:41 196608 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2004-04-13 06:07 69632 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2005-04-24 13:29 98304 C:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
--a------ 2004-11-11 00:15 111816 C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\AIM\\aim.exe"=
"C:\\Program Files\\EA SPORTS\\NASCAR SimRacing\\NASCAR SimRacing.exe"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"C:\\Program Files\\palmOne\\HOTSYNC.EXE"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"=
"D:\\UTorrent\\utorrent.exe"=
"C:\\StubInstaller.exe"=
"D:\\Limewire\\LimeWire.exe"=
"C:\\Documents and Settings\\Mikeo\\Application Data\\SopCast\\adv\\SopAdver.exe"=
"D:\\Sopcast\\Sopcast\\SopCast.exe"=
"D:\\Medal of Honor Pacific Assault\\mohpa.exe"=
"C:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"=
"C:\\Program Files\\TrackMania United\\TmUnited.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"D:\\Links 2003\\LinksMMIII.exe"=
"D:\\CalRipkenRealBaseball\\patcher\\fc.exe"=
"D:\\CalRipkenRealBaseball\\game\\RealBaseball.exe"=
"C:\\Documents and Settings\\Mikeo\\Local Settings\\Application Data\\Abacast\\Abaclient.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21:TCP"= 21:TCP:ServU
.
Contents of the 'Scheduled Tasks' folder
"2008-03-15 05:29:58 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
"2008-07-02 00:29:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-CloneCDElbyCDFL - C:\Program Files\CloneCD\ElbyCheck.exe
MSConfigStartUp-UserFaultCheck - C:\WINDOWS\system32\dumprep 0 -u
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-07-01 20:25:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\Navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
.
**************************************************************************
.
Completion time: 2008-07-01 20:30:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-02 00:30:08
ComboFix2.txt 2008-07-01 01:39:47
Pre-Run: 14,778,662,912 bytes free
Post-Run: 14,742,781,952 bytes free
172 --- E O F --- 2008-06-20 05:09:20
-----------
Here is the Panda ActiveScan log...
;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-07-01 21:36:34
PROTECTIONS: 1
MALWARE: 41
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Norton AntiVirus 2002 Yes Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00000431 adware/ist.istbar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42b8-B3F7-832E75EDD959}
00034463 adware/wupd Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
00047863 adware/ieplugin Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{886DDE35-E585-11D0-A707-000000521958}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.trafficmp.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Cookies\mikeo@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.atdmt.com/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.tribalfusion.com/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.mediaplex.com/]
00148019 Application/FamilyKeylogger HackTools No 0 No No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082501.exe[ctfmon.dll]
00148021 Application/FamilyKeylogger HackTools No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082513.exe
00149645 Application/Keylogger-Pro HackTools No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082512.Dll
00157347 Application/ServUBased.A HackTools No 0 No No C:\SERVU\serv-u.rar[Serv-U32.exe]
00157347 Application/ServUBased.A HackTools No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082515.exe
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.xiti.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[ad.yieldmanager.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.burstnet.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.bs.serving-sys.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[www.burstbeacon.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.advertising.com/]
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.ads.pointroll.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.zedo.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adrevolver.com/]
00188737 Application/GoldenKeyLog HackTools No 0 No No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082501.exe[ctfs.dll]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.adultfriendfinder.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Cookies\mikeo@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.go.com/]
00211481 Application/FamilyKeylogger HackTools No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082514.exe
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Mikeo\Application Data\Mozilla\Profiles\default\a9m1l0so.slt\cookies.txt[.atwola.com/]
00271403 Application/FamilyKeylogger HackTools No 0 No No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082501.exe[ctfmon.exe]
00387960 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082501.exe
01048936 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
01139232 Generic Malware Virus/Trojan No 0 Yes No C:\Morpheus\Windows XP Pro SP1 Crack.exe
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1041\A0082803.EXE
02034333 Trj/Downloader.QFY Virus/Trojan No 1 Yes No D:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082542.exe
02034333 Trj/Downloader.QFY Virus/Trojan No 1 Yes No D:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1037\A0082499.exe
02034333 Trj/Downloader.QFY Virus/Trojan No 1 Yes No D:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082534.exe
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1041\A0082791.sys
03173390 Bck/Agent.JBM Virus/Trojan No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\b6hVzd.syz.vir
03173391 Bck/Agent.JBM Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{5E55DABB-6B44-46DB-A1A0-C8F7FD9A9560}\RP1038\A0082516.exe
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location p
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description p
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================