Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan Generic18.AFDX - Trojan BackDoor.Generic12.CHFE

Started by Fitter88 , Nov 16 2010 07:57 AM

  • This topic is locked This topic is locked

#1
Fitter88
Posted 16 November 2010 - 07:57 AM

Fitter88

    New Member

  • Member
  • Pip
  • 4 posts
Hello,

it's some months I'm experiencing a very annoying malfunction. In detatil, it happens that when I click on the + symbol in the left panel of the Windows Explorer to browse through folders, it stays hanging for nearly 20 seconds before reacting. Besides, when I click on a folder, it takes a lot of time to show in the right panel the files in it. Finally, sometimes the system looks jammed for dozens of seconds: I switch from the browser to Explorer and I got on the screen a mix of the two windows till it turns ok.
My PC is part of a corporate LAN.
Corporate antivirus sw (Symantec) didn't show malware at the scan.
I installed AVG too (I can't switch off Symantec) and it prompted to me two malwares:

A028911.EXE <> Trojan Generic18.AFDX
A028910.EXE <> Trojan BackDoor.Generic12.CHFE

Here is the OTL log:

OTL logfile created on: 16/11/2010 14:25:05 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\_Utility\OS-Antivirus & Repair
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italy | Language: ITA | Date Format: dd/MM/yyyy

1.007,00 Mb Total Physical Memory | 152,00 Mb Available Physical Memory | 15,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 78,96 Gb Free Space | 52,97% Space Free | Partition Type: NTFS

Computer Name: WKNT2006137201 | User Name: 37341395 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/11 11:57:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\_Utility\OS-Antivirus & Repair\OTL.exe
PRC - [2010/11/01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/10/25 07:16:12 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/10/25 07:16:04 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/10/25 07:16:04 | 001,459,528 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/10/25 07:16:03 | 000,349,512 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
PRC - [2010/10/25 07:16:02 | 001,831,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/10/11 12:58:12 | 000,725,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/10/06 17:24:38 | 000,652,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/10/06 17:24:36 | 001,065,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/10/06 17:24:08 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/06 17:24:08 | 000,647,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/09/15 05:29:10 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/07 03:50:52 | 001,675,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcmgr.exe
PRC - [2010/09/07 03:50:22 | 001,047,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
PRC - [2004/12/01 09:07:20 | 000,139,264 | ---- | M] (OTi) -- C:\WINDOWS\system32\UStorSrv.exe
PRC - [2004/05/21 18:11:22 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [1999/11/30 11:06:00 | 000,042,256 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\37341395\Start Menu\Programs\Startup\CLOCK.EXE
PRC - [1999/03/24 15:57:10 | 000,043,520 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe


========== Modules (SafeList) ==========

MOD - [2010/11/11 11:57:48 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\_Utility\OS-Antivirus & Repair\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/10/25 07:16:13 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/10/25 07:16:04 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/10/25 07:16:03 | 000,349,512 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/10/25 07:16:02 | 001,831,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/10/11 12:58:12 | 006,104,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/09/10 01:45:22 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/02/17 09:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007/04/13 02:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/12/01 09:07:20 | 000,139,264 | ---- | M] (OTi) [Auto | Running] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\EAPPkt.sys -- (EAPPkt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/10/25 07:21:18 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/10/25 07:16:15 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/10/25 07:16:15 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/10/25 07:16:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/10/25 07:15:58 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/09/28 09:00:00 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101115.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 09:00:00 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20101115.048\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/13 16:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:49:00 | 000,298,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:54 | 000,249,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 21:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/07/30 09:51:32 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/30 09:51:32 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/05/12 23:40:04 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/12/10 15:40:16 | 000,142,992 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 21:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/04/13 12:33:34 | 000,254,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2007/04/13 02:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2007/01/13 10:33:18 | 005,672,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2006/12/06 11:12:56 | 000,044,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2006/11/07 03:32:00 | 000,046,976 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HPKBCCID.sys -- (HPKBCCID)
DRV - [2006/10/12 08:52:04 | 004,387,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/06/27 17:09:24 | 000,140,800 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2005/05/31 15:40:20 | 000,020,480 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2005/05/31 09:42:28 | 000,023,000 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2005/04/30 14:50:20 | 000,011,860 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005/04/30 14:50:10 | 000,028,271 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2005/04/30 14:48:58 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2005/03/25 17:18:48 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004/12/16 16:32:54 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004/11/19 17:46:46 | 000,367,488 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2004/10/24 23:04:00 | 000,007,796 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Stc2Dfu.sys -- (STC2DFU)
DRV - [2004/10/19 13:37:38 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004/05/27 14:47:18 | 000,019,968 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/05/21 18:16:50 | 000,245,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrL20.sys -- (PhilCam8116_XP) Logitech QuickCam Pro 3000(PID_08B1)
DRV - [1999/02/19 13:14:18 | 000,018,432 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CxUSB.sys -- (CxUSB)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [String data over 1000 bytes]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = grfpra001rm001.griffon.local:8080

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.it/"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20090123.1
FF - prefs.js..network.proxy.backup.ftp: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "10.*,*.local,*.pv.telecomitalia.it,*.rete.telecomitalia.it,*.dre,*.dg.telecomitalia.it,*.cww.*,*.legacy.telecomitalia.it,151.10.*,*.pirelli.telecomitalia.it,*.wifiarea.it,*.cb.telecomitalia.it,im.telecomitalia.it,it-fo*,noiportal.*,*.noiportal.*,documentale.telecomitalia.it,betadocumentale.telecomitalia.it,webmail.telecomitalia.it,home.tessweb.it,soa404.telecomitalia.it,*tils.*,*.cnd.it,griffon.*,*.intranet.tim.it,kpitrattative.telecomitalia.it,*.pd.tim.it,*.privati.telecomitalia.it,portale.crmbusiness.telecomitalia.it,*open.telecomitalia.it,incasna.*,incasnd.*,163.162.*,*.cselt.it,*.tilab.com,ditimese01.rm.tim.it,*.tim.it*,ssc*,mail.telecomitalia.it,sans-cs.telecomitalia.it,localhost,127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "GRFPRA001RM001.griffon.local"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 1

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2010/11/09 10:13:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/17 13:46:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/08 07:18:58 | 000,000,000 | ---D | M]

[2009/07/15 15:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\37341395\Application Data\Mozilla\Extensions
[2009/09/14 13:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\37341395\Application Data\Mozilla\Firefox\Profiles\rg5urqu6.default\extensions
[2009/08/17 16:55:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\37341395\Application Data\Mozilla\Firefox\Profiles\rg5urqu6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/04/20 12:08:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/20 12:08:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/20 12:08:14 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/06/24 12:57:45 | 000,001,412 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\demauro.xml
[2009/06/24 12:57:45 | 000,000,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-it.xml
[2009/06/24 12:57:45 | 000,001,182 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-it.xml
[2009/06/24 12:57:45 | 000,000,649 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2010/11/10 12:45:57 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\CLOCK.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk = C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
O4 - Startup: C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Windows Explorer.lnk = C:\WINDOWS\explorer.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 4.0\Distillr\AcroTray.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Ranges: Range1 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range11 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range12 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range13 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range14 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range14 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range15 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range16 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range17 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range6 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range7 ([https] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range8 ([http] in Trusted sites)
O15 - HKLM\..Trusted Ranges: Range9 ([http] in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1185452941359 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} http://f008.mail.lyc...ileUploader.cab (Lycos File Upload Component)
O16 - DPF: {CAFECAFE-0013-0001-0013-ABCDEFABCDEF} http://checksuite.re...iator/jinit.exe (JInitiator 1.3.1.13)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = telecomitalia.local
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - C:\Program Files\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\_Documenti\Immagini\Moto\Kawa.bmp
O24 - Desktop BackupWallPaper: C:\_Documenti\Immagini\Moto\Kawa.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/24 23:02:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/11 11:18:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/11/10 12:29:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/11/10 12:29:59 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/11/10 12:29:59 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/11/10 12:29:59 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/11/10 12:29:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/11/10 12:27:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/11/09 13:29:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/11/09 13:27:25 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010/11/09 13:20:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010/11/09 11:28:20 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/11/09 10:16:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\37341395\Application Data\AVG10
[2010/11/09 10:15:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/11/09 10:13:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/11/09 10:13:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2010/11/09 10:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/11/09 10:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/11/09 09:56:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\37341395\Application Data\QuickScan
[2010/10/25 07:16:15 | 000,320,944 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspl.sys
[2010/10/25 07:16:15 | 000,107,848 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\SymVPN.dll
[2010/10/25 07:16:15 | 000,087,368 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\FwsVpn.dll
[2010/10/25 07:16:15 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspx.sys
[2010/10/25 07:16:14 | 000,283,184 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtsp.sys
[2007/07/25 22:36:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2007/07/25 22:36:45 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2007/07/25 22:36:45 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/16 13:33:01 | 000,001,240 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1801674531-682003330-215219UA.job
[2010/11/16 10:54:11 | 000,000,428 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C09FFEE6-D4BF-4C02-AE5F-DBEB334FDAC9}.job
[2010/11/16 08:46:09 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\37341395\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
[2010/11/16 08:34:12 | 099,259,165 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/16 08:30:09 | 000,000,467 | ---- | M] () -- C:\WINDOWS\SMSCFG.ini
[2010/11/16 08:28:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/15 14:33:03 | 000,001,188 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1801674531-682003330-215219Core.job
[2010/11/15 11:54:05 | 000,290,816 | ---- | M] () -- C:\Daily Monitor MACRO.xls
[2010/11/15 08:35:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/10 12:51:06 | 000,443,386 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/10 12:51:06 | 000,072,884 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/10 12:45:57 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/11/09 14:21:07 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\37341395\Application Data\Microsoft\Internet Explorer\Quick Launch\Avvia Microsoft Office Outlook.lnk
[2010/11/09 13:28:39 | 000,001,809 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/11/09 09:48:38 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\housecall.guid.cache
[2010/11/08 01:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe
[2010/10/29 13:33:54 | 000,025,600 | ---- | M] () -- C:\Documents and Settings\37341395\Desktop\New Microsoft Word Document.doc
[2010/10/29 08:30:14 | 000,290,816 | ---- | M] () -- C:\Daily Monitor MACRO old.xls
[2010/10/25 07:21:18 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/10/25 07:21:18 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/10/25 07:21:18 | 000,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/10/25 07:21:18 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/10/25 07:16:15 | 000,320,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspl.sys
[2010/10/25 07:16:15 | 000,107,848 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\SymVPN.dll
[2010/10/25 07:16:15 | 000,087,368 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\FwsVpn.dll
[2010/10/25 07:16:15 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtspx.sys
[2010/10/25 07:16:15 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspx.cat
[2010/10/25 07:16:15 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspl.cat
[2010/10/25 07:16:15 | 000,001,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspl.inf
[2010/10/25 07:16:15 | 000,001,421 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtspx.inf
[2010/10/25 07:16:14 | 000,283,184 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\srtsp.sys
[2010/10/25 07:16:14 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtsp.cat
[2010/10/25 07:16:14 | 000,001,415 | ---- | M] () -- C:\WINDOWS\System32\drivers\srtsp.inf
[2010/10/18 07:08:27 | 000,000,014 | ---- | M] () -- C:\WINDOWS\hpmssnpjt.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/16 08:34:12 | 099,259,165 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2010/11/10 12:29:59 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/11/10 12:29:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/11/10 12:29:59 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/11/10 12:29:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/11/10 12:29:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/11/09 13:19:32 | 000,001,809 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010/11/09 09:48:38 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\housecall.guid.cache
[2010/10/25 07:16:15 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspx.cat
[2010/10/25 07:16:15 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspl.cat
[2010/10/25 07:16:15 | 000,001,430 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspl.inf
[2010/10/25 07:16:15 | 000,001,421 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtspx.inf
[2010/10/25 07:16:14 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtsp.cat
[2010/10/25 07:16:14 | 000,001,415 | ---- | C] () -- C:\WINDOWS\System32\drivers\srtsp.inf
[2010/03/04 09:32:40 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2009/08/27 13:15:40 | 000,000,014 | ---- | C] () -- C:\WINDOWS\hpmssnpjt.ini
[2009/08/26 16:16:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2009/08/26 16:16:56 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PdfPorts.dll
[2009/07/14 12:50:22 | 000,000,321 | ---- | C] () -- C:\WINDOWS\httpweazel.ini
[2008/12/17 17:23:48 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2008/12/17 17:23:48 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2008/12/11 15:29:05 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/12/11 15:29:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008/12/11 14:53:02 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\37341395\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/20 16:58:03 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2008/11/20 16:57:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPMProp.INI
[2008/11/04 13:35:31 | 003,203,072 | ---- | C] () -- C:\WINDOWS\System32\lcppn201.dll
[2008/11/04 13:35:31 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\nlsxdsgn.dll
[2008/11/04 13:33:49 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2008/11/04 13:33:49 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2008/11/04 13:33:49 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2008/11/04 13:33:49 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2008/11/04 13:33:49 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2008/11/03 09:32:03 | 000,017,016 | ---- | C] () -- C:\WINDOWS\System32\SS32DVR.DLL
[2007/07/26 14:19:17 | 000,160,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2007/07/26 13:34:18 | 000,013,735 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2007/07/25 22:39:19 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVUSBSta.sys
[2007/07/25 22:39:19 | 000,005,993 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/07/25 22:39:13 | 000,000,272 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2007/07/25 22:36:49 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2007/07/25 22:36:49 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2007/07/25 22:36:47 | 000,367,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2007/07/25 21:12:06 | 000,650,608 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/07/25 21:12:06 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2007/07/25 00:54:49 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/07/24 23:42:47 | 001,228,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550u.dll
[2007/07/24 23:42:47 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550o.dll
[2007/07/24 23:42:47 | 000,003,646 | ---- | C] () -- C:\WINDOWS\System32\drivers\ml2550u.ini
[2007/07/24 23:27:47 | 000,000,467 | ---- | C] () -- C:\WINDOWS\SMSCFG.ini
[2007/07/24 23:25:28 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/24 23:22:15 | 000,019,838 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2007/07/24 23:21:05 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2007/07/24 23:15:16 | 000,002,004 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

< End of report >

While waiting for any suggestion, I thank you so much for your help.
  • 0

Advertisements

#2
m0le
Posted 25 November 2010 - 06:44 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
Hi,

Welcome to Geeks To Go. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Forum Options box to the top right of and then selecting Subscribe to this forum.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
Once I receive a reply then I will return with your first instructions.

Thanks :D
  • 0

#3
m0le
Posted 30 November 2010 - 06:32 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#4
m0le
Posted 02 December 2010 - 01:07 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
I'm not too sure about the malware that AVG found so please run the following tools

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


And

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

  • 0

#5
Fitter88
Posted 04 December 2010 - 07:46 AM

Fitter88

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I knew Anti-Malware (1.46 Versione database: 5176) and I perfomed a full scan before opening this thread. Result was no malware.
__________________________________________________________

Here's the SUPERAntiSpyware's log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/03/2010 at 06:07 PM

Application Version : 4.46.1000

Core Rules Database Version : 5947
Trace Rules Database Version: 3759

Scan type : Complete Scan
Total Scan Time : 01:18:51

Memory items scanned : 588
Memory threats detected : 0
Registry items scanned : 9285
Registry threats detected : 0
File items scanned : 45397
File threats detected : 300

Adware.Tracking Cookie
C:\Documents and Settings\37341395\Cookies\[email protected][2].txt
C:\Documents and Settings\37341395\Cookies\[email protected][1].txt
C:\Documents and Settings\37341395\Cookies\37341395@zanox[1].txt
C:\Documents and Settings\37341395\Cookies\37341395@smartadserver[2].txt
C:\Documents and Settings\37341395\Cookies\[email protected][3].txt
C:\Documents and Settings\37341395\Cookies\[email protected][1].txt
broadcast.piximedia.fr [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
ia.media-imdb.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
media.adrcdn.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
media.scanscout.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
media.socialvibe.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
secure-it.imrworldwide.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
secure-us.imrworldwide.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
www.99counters.com [ C:\Documents and Settings\37341395\Application Data\Macromedia\Flash Player\#SharedObjects\36LRNSBR ]
.imrworldwide.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
neocounter.neoworx-blog-tools.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.edmaster.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s5.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hotelscom.122.2o7.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s1.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
stat.onestat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
stat.onestat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.edmaster.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.hwupgrade.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.hwupgrade.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
optimizedby.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.vistoepreso.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sdabocconi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sdabocconi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sdabocconi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.sdabocconi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.teletu.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.teletu.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.teletu.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.teletu.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s2.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s9.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s4.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
stat.onestat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
volantino.mediaworld.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fl01.ct2.comclick.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.zanox.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bdsm.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adultfriendfinder.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
metroleap.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
metroleap.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
metroleap.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.videoegg.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.intelia.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
zbox.zanox.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.edmaster.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadx.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.estat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.spaindemoaccount.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.spaindemoaccount.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.spaindemoaccount.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.spaindemoaccount.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.smartadx.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.rambler.ru [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rts.pgmediaserve.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.partypoker.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adv.arubamediamarketing.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fl01.ct2.comclick.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fl01.ct2.comclick.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
it.sitestat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.mapmyfitness.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.mapmyfitness.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adcentriconline.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s5.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
d.jambomedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
eas.apm.emediate.eu [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s14.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.quartermedia.de [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.quartermedia.de [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adinterax.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.77tracking.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.77tracking.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.77tracking.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.77tracking.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ultimedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ultimedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ultimedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
counter.search.bg [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bestwestern.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bestwestern.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bestwestern.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bestwestern.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.photobucket.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
srv.clickfuse.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.adreactor.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
shop.zanox.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.toplist.eu [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s9.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.addfreestats.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s4.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lastminuteclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.lastminuteclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.lastminuteclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lastminuteclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lastminuteclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.mediaworld.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
track.affiliationzone.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.ticketsnow.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s06.flagcounter.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
2.s06.flagcounter.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.payclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s7.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.himedia.individuad.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.himedia.individuad.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fl01.ct2.comclick.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tgcom.mediaset.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.chitika.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s1.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.causes.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zanox.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
trafficantevolpino.blogspot.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s12.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findomesticit.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findomesticit.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findomesticit.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findomesticit.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s7.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s8.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
eas4.emediate.eu [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
eas4.emediate.eu [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.arcus.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.arcus.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
eas4.emediate.eu [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pianomedia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pianomedia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pianomedia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pianomedia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s1.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.natuzzi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.natuzzi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.natuzzi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.natuzzi.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weboramaitalia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weboramaitalia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weboramaitalia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.weboramaitalia.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
count.vivistats.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.w3counter.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.vdwp.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.vdwp.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.vdwp.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.vdwp.solution.weborama.fr [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.paypal.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
t.bbtrack.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.multimedia.quotidiano.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.multimedia.quotidiano.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.multimedia.quotidiano.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s4.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
flagcounter.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad1.emediate.dk [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tradefx.advertserve.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www1.addfreestats.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.edmaster.adbureau.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ebay.monclick.it [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
track.adform.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
track.adform.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adform.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s2.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.shinystat.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad1.emediate.dk [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad1.emediate.dk [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\37341395\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
C:\Documents and Settings\37341395\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\37341395\Local Settings\Temp\Cookies\37341395@adinterax[1].txt
C:\Documents and Settings\37341395\Local Settings\Temp\Cookies\[email protected][2].txt
C:\Documents and Settings\37341395\Local Settings\Temp\Cookies\[email protected][3].txt

___________________________________________________________________

I think it found just tracking cookies. Everything worked ok, removal included.

Waiting for a reply.
Thanks.
  • 0

#6
m0le
Posted 04 December 2010 - 04:29 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
All we have is that AVG has found these two files

A028911.EXE <> Trojan Generic18.AFDX
A028910.EXE <> Trojan BackDoor.Generic12.CHFE


What we don't know is where they were found. If you have been running other tools and programs then it's possible that these files have been quarantined and AVG is flagging the quarantine folder. The A*****.EXE files are also good at hiding is System Restore so let's first set a new point and see if AVG stops its whining.

Now you should Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then go to Start > Run and type: Cleanmgr
  • Click "OK".
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

If not, then empty all your programs quarantine folders and then see if it's flagged.
  • 0

#7
m0le
Posted 08 December 2010 - 07:28 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
Hi,

I have not had a reply from you for 5 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,

m0le
  • 0

#8
m0le
Posted 09 December 2010 - 07:20 PM

m0le

    Visiting Staff

  • Visiting Consultant
  • 341 posts
Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP