4SG,
Tried everyting step by step. Desktop error message is gone. Thanks for your help. Please let me know whether my system is clean. Here are the logs. I was not able to get Panda's log. Application closes after scanning i guess. I also notized it found 3 infections within 30 mins.
Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 6:46:44 AM, on 7/22/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINNTPA\System32\smss.exe
D:\WINNTPA\system32\winlogon.exe
D:\WINNTPA\system32\services.exe
D:\WINNTPA\system32\lsass.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\System32\WBEM\WinMgmt.exe
D:\WINNTPA\Explorer.EXE
D:\WINNTPA\system32\NOTEPAD.EXE
C:\HJT\HijackThis.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) -
http://us.dl1.yimg.c...ropper1_6us.cabO23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - D:\WINNTPA\System32\dmadmin.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - D:\WINNTPA\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Send All Qualified App (Service1) - Unknown owner - D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
Smitfiles:
Pre-run Files Present
~~~ Program Files ~~~
~~~ Shortcuts ~~~
PSGuard.com
~~~ Favorites ~~~
~~~ system32 folder ~~~
wp.bmp
logfiles
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Post-run Files Present
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Wininet.dll ~~~
CLEAN!
Ad-Aware:
Ad-Aware SE Build 1.06r1
Logfile Created on:Friday, July 22, 2005 7:00:02 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):21 total references
Tracking Cookie(TAC index:3):28 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R51 21.06.2005
Internal build : 59
File location : D:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 483435 Bytes
Total size : 1461660 Bytes
Signature data size : 1429955 Bytes
Reference data size : 31193 Bytes
Signatures total : 40756
CSI Fingerprints total : 906
CSI data size : 31253 Bytes
Target categories : 15
Target families : 694
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:76 %
Total physical memory:523760 kb
Available physical memory:395632 kb
Total page file size:1277844 kb
Available on page file:1200268 kb
Total virtual memory:2097024 kb
Available virtual memory:2044848 kb
OS:Microsoft Windows 2000 Professional Service Pack 4 (Build 2195)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
7-22-2005 7:00:02 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : D:\Documents and Settings\Administrator\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : D:\Documents and Settings\Administrator\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\terminal server client\default
Description : list of recent systems connected to using remote desktop / terminal services
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-1993962763-1078145449-1801674531-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 144
ThreadCreationTime : 7-22-2005 10:40:53 AM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\D:\WINNTPA\system32\csrss.exe
Command Line : D:\WINNTPA\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 172
ThreadCreationTime : 7-22-2005 10:41:36 AM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\D:\WINNTPA\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 192
ThreadCreationTime : 7-22-2005 10:41:38 AM
BasePriority : High
#:4 [services.exe]
ModuleName : D:\WINNTPA\system32\services.exe
Command Line : D:\WINNTPA\system32\services.exe
ProcessID : 220
ThreadCreationTime : 7-22-2005 10:41:40 AM
BasePriority : Normal
FileVersion : 5.00.2195.7035
ProductVersion : 5.00.2195.7035
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : D:\WINNTPA\system32\lsass.exe
Command Line : D:\WINNTPA\system32\lsass.exe
ProcessID : 232
ThreadCreationTime : 7-22-2005 10:41:41 AM
BasePriority : Normal
FileVersion : 5.00.2195.7011
ProductVersion : 5.00.2195.7011
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
ModuleName : D:\WINNTPA\system32\svchost.exe
Command Line : D:\WINNTPA\system32\svchost -k rpcss
ProcessID : 380
ThreadCreationTime : 7-22-2005 10:41:46 AM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:7 [winmgmt.exe]
ModuleName : D:\WINNTPA\System32\WBEM\WinMgmt.exe
Command Line : D:\WINNTPA\System32\WBEM\WinMgmt.exe
ProcessID : 408
ThreadCreationTime : 7-22-2005 10:41:47 AM
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Windows Management Instrumentation
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
LegalCopyright : Copyright © Microsoft Corp. 1995-1999
#:8 [explorer.exe]
ModuleName : D:\WINNTPA\Explorer.EXE
Command Line : D:\WINNTPA\Explorer.EXE
ProcessID : 428
ThreadCreationTime : 7-22-2005 10:43:51 AM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:9 [notepad.exe]
ModuleName : D:\WINNTPA\system32\NOTEPAD.EXE
Command Line : D:\WINNTPA\system32\NOTEPAD.EXE D:\Documents and Settings\Administrator\Desktop\zxc.txt
ProcessID : 268
ThreadCreationTime : 7-22-2005 10:52:32 AM
BasePriority : Normal
FileVersion : 5.00.2140.1
ProductVersion : 5.00.2140.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : NOTEPAD.EXE
#:10 [ad-aware.exe]
ModuleName : D:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "D:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 488
ThreadCreationTime : 7-22-2005 10:58:56 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@tickle[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:
[email protected]/
Expires : 7-7-2007 6:59:04 AM
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 12-31-2006 7:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@maxserving[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:
[email protected]/
Expires : 7-9-2015 8:02:38 PM
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:
[email protected]/
Expires : 7-21-2005 6:37:28 PM
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:38
Value : Cookie:
[email protected]/
Expires : 7-16-2015 2:31:38 PM
LastSync : Hits:38
UseCount : 0
Hits : 38
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:105
Value : Cookie:
[email protected]/
Expires : 7-21-2006 7:15:34 PM
LastSync : Hits:105
UseCount : 0
Hits : 105
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@bravenet[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:
[email protected]/
Expires : 12-31-2010 7:12:40 PM
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@centrport[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:
[email protected]/
Expires : 12-31-2029 8:00:00 PM
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:
[email protected]/
Expires : 7-9-2006 4:59:04 PM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:63
Value : Cookie:
[email protected]/adrevolver/
Expires : 4-15-2008 10:40:42 PM
LastSync : Hits:63
UseCount : 0
Hits : 63
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:132
Value : Cookie:
[email protected]/
Expires : 7-19-2010 6:28:12 AM
LastSync : Hits:132
UseCount : 0
Hits : 132
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:
[email protected]/
Expires : 12-31-2037 8:00:00 PM
LastSync : Hits:15
UseCount : 0
Hits : 15
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:47
Value : Cookie:
[email protected]/
Expires : 7-4-2006
LastSync : Hits:47
UseCount : 0
Hits : 47
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:71
Value : Cookie:
[email protected]/
Expires : 7-20-2006 7:52:54 PM
LastSync : Hits:71
UseCount : 0
Hits : 71
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:51
Value : Cookie:
[email protected]/
Expires : 7-21-2006 11:30:58 PM
LastSync : Hits:51
UseCount : 0
Hits : 51
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:
[email protected]/
Expires : 7-16-2015 7:59:10 PM
LastSync : Hits:15
UseCount : 0
Hits : 15
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:
[email protected]/cgi-bin
Expires : 7-7-2015 8:22:44 AM
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:55
Value : Cookie:
[email protected]/
Expires : 7-22-2005 7:38:34 AM
LastSync : Hits:55
UseCount : 0
Hits : 55
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@revenue[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:
[email protected]/
Expires : 6-10-2022 1:05:42 AM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 9-10-2006 11:28:08 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1309
Value : Cookie:
[email protected]/
Expires : 6-30-2006 7:19:08 AM
LastSync : Hits:1309
UseCount : 0
Hits : 1309
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 7-9-2010 8:54:18 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 9-6-2014 7:50:08 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:304
Value : Cookie:
[email protected]/
Expires : 7-19-2006 6:17:34 PM
LastSync : Hits:304
UseCount : 0
Hits : 304
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:117
Value : Cookie:
[email protected]/
Expires : 12-31-2009 8:00:00 PM
LastSync : Hits:117
UseCount : 0
Hits : 117
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:34
Value : Cookie:
[email protected]/
Expires : 6-29-2015 6:08:36 AM
LastSync : Hits:34
UseCount : 0
Hits : 34
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:42
Value : Cookie:
[email protected]/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:42
UseCount : 0
Hits : 42
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:77
Value : Cookie:
[email protected]/
Expires : 7-3-2006 3:10:48 PM
LastSync : Hits:77
UseCount : 0
Hits : 77
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 28
Objects found so far: 49
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
Scanning Hosts file......
Hosts file location:"D:\WINNTPA\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 49
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
7:12:48 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:45.610
Objects scanned:113302
Objects identified:28
Objects ignored:0
New critical objects:28
Ewido security suite - Scan report:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 7:08:36 PM, 7/22/2005
+ Report-Checksum: BC306036
+ Date of database: 7/4/2005
+ Version of scan engine: v3.0
+ Duration: 53 min
+ Scanned Files: 56555
+ Speed: 17.49 Files/Second
+ Infected files: 8
+ Removed files: 8
+ Files put in quarantine: 8
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: No
+ Scanned items:
D:\WINNTPA\system32\wininet.dll
C:\
D:\
E:\
+ Scan result:
D:\Documents and Settings\Administrator\Cookies\administrator@696219[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\
[email protected][2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\administrator@adknowledge[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\
[email protected][1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\administrator@burstnet[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
D:\Documents and Settings\Administrator\Cookies\administrator@network[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
::Report End