Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

pop ups and antivirus probs


  • Please log in to reply

#1
Boswell

Boswell

    New Member

  • Member
  • Pip
  • 2 posts
Hi,

I stumbled onto your site and read some of the topics, but still am having problems. As a student at the University of Minnesota we get free virus protection program (symantec) with free updates etc. The problem is that the people at the U can't really help out when it comes to real issues

My Symantec stopped working about a month ago (wouldn't scan etc) so I attempted to remove it and re-install it. I can get the instillation wizard 99% done, and then the bar goes backward and says it was interrupted and to try again later. Since all this has happed, the ABI network aurora crap has infested my PC.

I followed the steps to posting my hijackthis file, and here it is:

Logfile of HijackThis v1.99.1
Scan saved at 7:50:48 PM, on 7/18/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Ahead\InCD\InCD.exe
c:\windows\system32\cenrvf.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\WINDOWS\system32\winupdt.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\sf\sf.exe
C:\WINDOWS\boeline.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\NaviSearch\bin\nls.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wintask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\VBouncer\VIRTUA~1.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\rona\huli.exe
C:\Documents and Settings\Andy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchforit.com/searchbar
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {0007522A-2297-43C1-8EB1-C90B0FF20DA5} - C:\WINDOWS\enhtb.dll
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\cfgmgr52.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O2 - BHO: Replace Search Ctl - {832BEBED-C3DA-4534-A2C2-B2FFF220C820} - C:\WINDOWS\system32\replaceSearch.dll
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\system32\nvms.dll
O2 - BHO: Cas - {B5F3970B-745E-46AC-B890-E08F69777D80} - C:\WINDOWS\system32\ca2.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\system32\msbe.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: searchforit - {C109664B-CEB1-420b-B353-D55A561536DD} - C:\WINDOWS\system32\sfi2.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Enh Win Updt] C:\WINDOWS\enhupdt.exe
O4 - HKLM\..\Run: [LyraHD2TrayApp] "C:\Program Files\Thomson\Lyra Jukebox\LyraHDTrayApp\LYRAHD2TrayApp.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [winupdtl] C:\WINDOWS\system32\winupdt.exe
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun
O4 - HKLM\..\Run: [jquzmd] c:\windows\system32\cenrvf.exe r
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe
O4 - HKLM\..\Run: [exp.exe] C:\WINDOWS\system32\exp.exe
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS\system32\wintask.exe
O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBouncer\VirtualBouncer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sf] C:\Program Files\sf\sf.exe
O4 - HKCU\..\Run: [boeline] C:\WINDOWS\boeline.exe
O4 - HKCU\..\Run: [Twou] C:\Program Files\rona\huli.exe
O4 - Startup: AdDestroyer.lnk = C:\Program Files\AdDestroyer\AdDestroyer.exe
O4 - Startup: Tao Quote.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\ua_lsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: ChatSpace JavaLight Client - http://64.85.20.108:.../Java/cslt4.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivil...ve/makeover.cab
O16 - DPF: {23912BB0-CC9F-4C69-83D4-19C2B183BA91} (CRadioX Object) - http://ns-radio.nets...cabs/radiox.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots....SDownloader.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1094088895296
O16 - DPF: {6F74F92E-8DD8-4DDE-8FB8-CBB882A68048} (Microsoft Office XP Professional Step by Step Interactive) - file://C:\Program Files\Microsoft Interactive Training\O10C\mitm0026.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/kdx.cab
O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\wwn32spl.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DefWatch - Unknown owner - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe (file missing)
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINDOWS\System32\IomegaAccess.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Unknown owner - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\winvnc.exe" -service (file missing)
O23 - Service: ZipToA - Iomega Corporation - C:\WINDOWS\System32\ZipToA.exe

I'm looking to find out why my antivirus will not install and how to eliminate the pop-ups. Thank you for your help.

boswell
  • 0

Advertisements


#2
Boswell

Boswell

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I just ran housecall and this is what I got:

Results:
We have detected 13 infected file(s) with 13 virus(es) on your computer:
- 0 virus(es) passed, 13 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 0 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected File Associated Virus Name Action Taken
C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\7BX7FT0K\aun_0036[1].exe TROJ_DLOADER.KM
No action available
C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\E7EJ29AF\install[1] TROJ_DLDR.CJ
No action available
C:\Documents and Settings\Andy\Local Settings\Temporary Internet Files\Content.IE5\E7EJ29AF\winupdt[1].exe TROJ_AGENT.LR
No action available
C:\RECYCLER\S-1-5-21-1220945662-1123561945-725345543-1004\Dc6.exe TROJ_BUDDY.F
No action available
C:\WINDOWS\system32\AUNPS2.dll TROJ_CLICKER.AD
No action available
C:\WINDOWS\system32\iucirbg.exe TROJ_AGENT.PZ
No action available
C:\WINDOWS\system32\Poller.exe TROJ_AGENT.SO
No action available
C:\WINDOWS\system32\wintask.exe TROJ_SMALL.AAL
No action available
C:\WINDOWS\system32\wintask.exe_tobedeleted TROJ_SMALL.AAL
No action available
C:\WINDOWS\system32\winupdt.exe TROJ_AGENT.LR
No action available
C:\WINDOWS\Temp\Del90.tmp TROJ_AGENT.RS
No action available
C:\WINDOWS\Nail.exe TROJ_NAIL.B
No action available
C:\WINDOWS\svcproc.exe TROJ_STERVIS.C
No action available



What we checked:
Malicious activity by a Trojan horse program. Although a Trojan seems like a harmless program, it contains malicious code and once installed can cause damage to your computer.
Results:
We have detected 3 Trojan horse program(s) and worm(s) on your computer:
- 0 worm(s)/Trojan(s) passed, 3 worm(s)/Trojan(s) no action available
- 0 Worm(s)/Trojan(s) deleted, 0 worm(s)/Trojan(s) undeletable
Trojan/Worm Name Trojan/Worm Type Action Taken
TROJ_SMALL.AAL
Trojan No action available
TROJ_DLOADER.KM
Trojan No action available
TROJ_NAIL.B
Trojan No action available

And ewido:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 12:35:41 AM, 7/19/2005
+ Report-Checksum: F00A0896

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{0007522A-2297-43C1-8EB1-C90B0FF20DA5} -> Spyware.ShopNav : Ignored
HKLM\SOFTWARE\Classes\CLSID\{01F44A8A-8C97-4325-A378-76E68DC4AB2E} -> Spyware.IEPlugin : Ignored
HKLM\SOFTWARE\Classes\CLSID\{82315A18-6CFB-44a7-BDFD-90E36537C252} -> Spyware.NewDotNet : Ignored
HKLM\SOFTWARE\Classes\CLSID\{832BEBED-C3DA-4534-A2C2-B2FFF220C820} -> Spyware.Hijacker.Generic : Ignored
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Spyware.WinAd : Ignored
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Spyware.WinAd : Ignored
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Spyware.WinAd : Ignored
HKLM\SOFTWARE\Classes\Wbho.Band -> Spyware.IEPlugin : Ignored
HKLM\SOFTWARE\Classes\Wbho.Band\CLSID -> Spyware.IEPlugin : Ignored
HKLM\SOFTWARE\Classes\Wbho.Band\CurVer -> Spyware.IEPlugin : Ignored
HKLM\SOFTWARE\ClickSpring -> Spyware.PurityScan : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0007522A-2297-43C1-8EB1-C90B0FF20DA5} -> Spyware.ShopNav : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01F44A8A-8C97-4325-A378-76E68DC4AB2E} -> Spyware.IEPlugin : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82315A18-6CFB-44a7-BDFD-90E36537C252} -> Spyware.NewDotNet : Ignored
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{832BEBED-C3DA-4534-A2C2-B2FFF220C820} -> Spyware.Hijacker.Generic : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\intexp -> Spyware.IEPlugin : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\intexp\Config -> Spyware.IEPlugin : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\intexp\MyFileSystem2 -> Spyware.IEPlugin : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Internet Explorer\Extensions\{6685509E-B47B-4f47-8E16-9A5F3A62F683} -> Spyware.MoneyMaker : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0007522A-2297-43C1-8EB1-C90B0FF20DA5} -> Spyware.ShopNav : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0019C3E2-DD48-4A6D-ABCD-8D32436323D9} -> Spyware.BookedSpace : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01F44A8A-8C97-4325-A378-76E68DC4AB2E} -> Spyware.IEPlugin : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6685509E-B47B-4F47-8E16-9A5F3A62F683} -> Spyware.MoneyMaker : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82315A18-6CFB-44A7-BDFD-90E36537C252} -> Spyware.NewDotNet : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{832BEBED-C3DA-4534-A2C2-B2FFF220C820} -> Spyware.Hijacker.Generic : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} -> Spyware.BargainBuddy : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C109664B-CEB1-420B-B353-D55A561536DD} -> Spyware.AdShooter : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE188402-6EE7-4022-8868-AB25173A3E14} -> Spyware.BargainBuddy : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} -> Spyware.BargainBuddy : Ignored
HKU\S-1-5-21-1220945662-1123561945-725345543-1004\Software\WinUpdt -> Spyware.SecondThought : Ignored
C:\WINDOWS\boeline.exe -> Spyware.Hijacker.Generic : Ignored
C:\WINDOWS\cfgmgr52.dll -> Spyware.BookedSpace : Ignored
C:\WINDOWS\enhtb.dll -> Spyware.NoName : Ignored
C:\WINDOWS\enhtb.exe -> Trojan.Imiserv.c : Ignored
C:\WINDOWS\enhuninstall.exe -> Spyware.NoName : Ignored
C:\WINDOWS\enhupdt.exe -> TrojanDownloader.Intexp.c : Ignored
C:\WINDOWS\hjjzfotr.exe -> Spyware.BookedSpace : Ignored
C:\WINDOWS\icont.exe -> Spyware.AdURL : Ignored
C:\WINDOWS\NDNuninstall6_38.exe -> Spyware.NewDotNet : Ignored
C:\WINDOWS\ru.exe -> Spyware.PurityScan : Ignored
C:\WINDOWS\system32\AUNPS2.dll -> Spyware.Hijacker.Generic : Ignored
C:\WINDOWS\system32\ca2.dll -> Spyware.SearchIt : Ignored
C:\WINDOWS\system32\cache\Installer.exe -> Spyware.Look2Me : Ignored
C:\WINDOWS\system32\cache\ven_d1.exe -> TrojanDownloader.IstBar : Ignored
C:\WINDOWS\system32\ivsutil.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\system32\nqtui2.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\system32\objafti.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\system32\Poller.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\system32\replaceSearch.dll -> Spyware.ReSearch : Ignored
C:\WINDOWS\system32\sfi2.dll -> Spyware.SearchIt : Ignored
C:\WINDOWS\system32\stayerxp.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\system32\svmpapi.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\system32\wintask.exe -> TrojanDownloader.Small.abd : Ignored
C:\WINDOWS\system32\winupdt.exe -> TrojanDownloader.Agent.jq : Ignored
C:\WINDOWS\system32\wwn32spl.dll -> Spyware.Look2Me : Ignored
C:\WINDOWS\tdtb.exe -> Trojan.Imiserv.c : Ignored
C:\WINDOWS\Temp\!update.exe -> Spyware.Look2Me : Ignored
C:\WINDOWS\Temp\180sainstallersca.exe/clientax.dll -> Spyware.180Solutions : Ignored
C:\WINDOWS\Temp\b.com -> TrojanDropper.Agent.pb : Ignored
C:\WINDOWS\Temp\Cookies\andy@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Ignored
C:\WINDOWS\Temp\Cookies\andy@fastclick[2].txt -> Spyware.Cookie.Fastclick : Ignored
C:\WINDOWS\Temp\Cookies\andy@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Ignored
C:\WINDOWS\Temp\MediaAccessInstPack.exe -> Spyware.WinAD : Ignored
C:\WINDOWS\Temp\upd208.exe -> Spyware.Look2Me : Ignored
C:\Documents and Settings\Andy\Cookies\andy@112.2o7[1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Andy\Cookies\andy@2o7[1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Andy\Cookies\andy@ad-logics[1].txt -> Spyware.Cookie.Ad-logics : Ignored
C:\Documents and Settings\Andy\Cookies\andy@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Ignored
C:\Documents and Settings\Andy\Cookies\andy@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Ignored
C:\Documents and Settings\Andy\Cookies\andy@overture[2].txt -> Spyware.Cookie.Overture : Ignored
C:\Documents and Settings\Andy\Cookies\andy@perf.overture[1].txt -> Spyware.Cookie.Overture : Ignored
C:\Documents and Settings\Andy\Cookies\andy@qksrv[1].txt -> Spyware.Cookie.Qksrv : Ignored
C:\Documents and Settings\Andy\Cookies\andy@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Ignored
C:\Documents and Settings\Andy\Cookies\andy@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Ignored
C:\Documents and Settings\Andy\Cookies\andy@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Ignored
C:\Documents and Settings\Andy\Cookies\andy@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Ignored


::Report End

Edited by Boswell, 18 July 2005 - 11:45 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP