Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

My cable Internet is running very slow [CLOSED]

Started by pakslap , Aug 21 2005 03:27 PM

This topic is locked

#1
pakslap

Posted 21 August 2005 - 03:27 PM

New Member

Member
5 posts

hi
ive had a bunch of spyware/adware on my computer.. i got rid of most of it with spyware doctor. everything was fine then suddenly my internet started running way too slow, it takes too long to load the pages. also, ive been having an error on my internet explorer and i just couldnt fix it, and this was before i had spyware on my computer.. so i started using firefox, but the error messages still keep popping up on the internet explorer.. i dont know if that has anything to do with it. anyway, heres my log from hijackthis.. thanks

Logfile of HijackThis v1.99.1
Scan saved at 2:18:48 PM, on 8/21/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\explorer.exe
C:\WINDOWS\System32\msdtc.exe
C:\windows\sp2update.exe
C:\WINDOWS\System32\AIMToday.exe
C:\WINDOWS\System32\winusers.exe
C:\WINDOWS\System32\msuexe.exe
C:\WINDOWS\System32\up2dat5.exe
C:\WINDOWS\etb\pokapoka63.exe
C:\Program Files\DIGStream\digstream.exe
C:\WINDOWS\System32\msvss.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\tbkwrzdd.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\PROGRA~1\AIM95\aim.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\d?xplore.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\stut\cptr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\DOCUMENTS AND SETTINGS\DAVID1\DESKTOP\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://public.windup...m/pop_under.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.../7_2/home.html"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\DOCUME~1\David1\LOCALS~1\Temp\hoo52.tmp
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINDOWS\System32\sfg.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [REGRUN32] C:\explorer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [msresearch] C:\WINDOWS\msresearch.exe
O4 - HKLM\..\Run: [sp2update] C:\windows\sp2update.exe
O4 - HKLM\..\Run: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\Run: [Iwgwcvsk] C:\Program Files\Kothb\Kzng.exe
O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\Run: [REGRUN] C:\freexxx.exe
O4 - HKLM\..\Run: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\Run: [bti7u5n2] C:\WINDOWS\System32\bti7u5n2.exe
O4 - HKLM\..\Run: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\Run: [System service63] C:\WINDOWS\etb\pokapoka63.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [msvss] msvss.exe
O4 - HKLM\..\Run: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKLM\..\RunServices: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\RunServices: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\RunServices: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\RunServices: [msvss] msvss.exe
O4 - HKLM\..\RunServices: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msvss] msvss.exe
O4 - HKCU\..\Run: [Goti] C:\WINDOWS\System32\d?xplore.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Csra] C:\Program Files\stut\cptr.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O23 - Service: Acrobat Reader Update - Unknown owner - C:\WINDOWS\acrobat32.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

#2
miekiemoes

Posted 22 August 2005 - 05:51 AM

Malware Expert

Member
5,503 posts

Hello,

Nice collection you have here, so we need to perform this in different steps:

Download next: http://users.pandora...atchy/LQfix.exe and place it on your desktop.
Doubleclick LQfix.exe and click install.
This will create a new folder called LQfix on your desktop.
Open the folder and doubleclick ClickThis.bat
Follow the prompts on the screen.
Your system will reboot afterwards.
Please be patient after reboot, because there is a script running in the background and that's why it can take a while.

When done, reinstall your AVG again because it seems like you deleted it.
Update your AVG and let it perform a full scan and delete everything it is finding, because your system is full of worms, trojans and viruses.

Reboot and post a new hijackthislog.

#3
pakslap

Posted 22 August 2005 - 12:37 PM

New Member

Topic Starter
Member
5 posts

hi
i followed ure instructions, and avg found one trojan and fixed it. here goes the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 11:34:21 AM, on 8/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\explorer.exe
C:\WINDOWS\System32\AIMToday.exe
C:\WINDOWS\System32\winusers.exe
C:\WINDOWS\System32\msuexe.exe
C:\WINDOWS\System32\up2dat5.exe
C:\WINDOWS\System32\msvss.exe
C:\WINDOWS\System32\tbkwrzdd.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\windows\sp2update.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\WINDOWS\System32\devldr32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\WINDOWS\System32\wintrust.exe
C:\WINDOWS\System32\winproc.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\d?xplore.exe
C:\Program Files\stut\cptr.exe
C:\Program Files\ATI Multimedia\main\ATISched.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\msdtc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cmd.exe
C:\PROGRA~1\MOZILL~1\firefox.exe
C:\Documents and Settings\David1\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://public.windup...m/pop_under.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.../7_2/home.html"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\DOCUME~1\David1\LOCALS~1\Temp\hoo52.tmp
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINDOWS\System32\sfg.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [REGRUN32] C:\explorer.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [msresearch] C:\WINDOWS\msresearch.exe
O4 - HKLM\..\Run: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\Run: [Iwgwcvsk] C:\Program Files\Kothb\Kzng.exe
O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\Run: [REGRUN] C:\freexxx.exe
O4 - HKLM\..\Run: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\Run: [bti7u5n2] C:\WINDOWS\System32\bti7u5n2.exe
O4 - HKLM\..\Run: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\Run: [msvss] msvss.exe
O4 - HKLM\..\Run: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [wiesrh] C:\WINDOWS\System32\nzrpql.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [Wast] C:\WINDOWS\Wast2.exe 2
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [taskmngr] C:\progra~1\common~1\Updates\msnve.exe C:\progra~1\common~1\Updates\task.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [sp2update] C:\windows\sp2update.exe
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg.dll"
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [20d6889dbeb6] C:\WINDOWS\System32\wintrust.exe
O4 - HKLM\..\Run: [Windows Process Manager] winproc.exe
O4 - HKLM\..\RunServices: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\RunServices: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\RunServices: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\RunServices: [msvss] msvss.exe
O4 - HKLM\..\RunServices: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKLM\..\RunServices: [Windows Process Manager] winproc.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msvss] msvss.exe
O4 - HKCU\..\Run: [Goti] C:\WINDOWS\System32\d?xplore.exe
O4 - HKCU\..\Run: [Csra] C:\Program Files\stut\cptr.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\main\ATISched.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg.dll"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O23 - Service: Acrobat Reader Update - Unknown owner - C:\WINDOWS\acrobat32.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

#4
miekiemoes

Posted 22 August 2005 - 12:54 PM

Malware Expert

Member
5,503 posts

Hello,

Hmm, odd that AVG only found one item... Did you update it before the scan? Anyway, we'll try an onlinescanner afterwards.

It's better to print out the next instructions or save it in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.
It is also important you don't miss a step and perform everything in the right order!!

* Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/

Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

* Download and install CCleaner
Do not use it yet.

* Please set your system to show all files; please see here if you're unsure how to do this.

Place a shortcut to Panda ActiveScan on your desktop.

If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!

* Reboot into Safe Mode`: ( without networking support !)
°To get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://public.windup...m/pop_under.php
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\DOCUME~1\David1\LOCALS~1\Temp\hoo52.tmp
O2 - BHO: SafeGuard Protect PCShield - {564FFB73-9EEF-4969-92FA-5FC4A92E2C2A} - C:\WINDOWS\System32\sfg.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [msresearch] C:\WINDOWS\msresearch.exe
O4 - HKLM\..\Run: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\Run: [Iwgwcvsk] C:\Program Files\Kothb\Kzng.exe
O4 - HKLM\..\Run: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\Run: [REGRUN] C:\freexxx.exe
O4 - HKLM\..\Run: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\Run: [bti7u5n2] C:\WINDOWS\System32\bti7u5n2.exe
O4 - HKLM\..\Run: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\Run: [msvss] msvss.exe
O4 - HKLM\..\Run: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKLM\..\Run: [wiesrh] C:\WINDOWS\System32\nzrpql.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [Wast] C:\WINDOWS\Wast2.exe 2
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [taskmngr] C:\progra~1\common~1\Updates\msnve.exe C:\progra~1\common~1\Updates\task.exe
O4 - HKLM\..\Run: [sp2update] C:\windows\sp2update.exe
O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg.dll"
O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.EXE
O4 - HKLM\..\Run: [20d6889dbeb6] C:\WINDOWS\System32\wintrust.exe
O4 - HKLM\..\Run: [Windows Process Manager] winproc.exe
O4 - HKLM\..\RunServices: [AOL Instant Messenger Today] AIMToday.exe
O4 - HKLM\..\RunServices: [Microsoft Update Loaders 2005] winusers.exe
O4 - HKLM\..\RunServices: [Microsoft Update Executer] msuexe.exe
O4 - HKLM\..\RunServices: [Microsoft Update] up2dat5.exe
O4 - HKLM\..\RunServices: [msvss] msvss.exe
O4 - HKLM\..\RunServices: [Winddows XP Patch] tbkwrzdd.exe
O4 - HKLM\..\RunServices: [Windows Process Manager] winproc.exe
O4 - HKCU\..\Run: [msvss] msvss.exe
O4 - HKCU\..\Run: [Goti] C:\WINDOWS\System32\d?xplore.exe
O4 - HKCU\..\Run: [Csra] C:\Program Files\stut\cptr.exe
O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg.dll"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O23 - Service: Acrobat Reader Update - Unknown owner - C:\WINDOWS\acrobat32.exe

* Click on Fix Checked when finished and exit HijackThis.

* Using Windows Explorer, locate the following files/folders, and delete them if still present:

C:\explorer.exe <== DON'T try to delete explorer.exe present in your Windows-folder!!
C:\WINDOWS\System32\AIMToday.exe
C:\WINDOWS\System32\winusers.exe
C:\WINDOWS\System32\msuexe.exe
C:\WINDOWS\System32\up2dat5.exe
C:\WINDOWS\System32\msvss.exe
C:\WINDOWS\System32\tbkwrzdd.exe
C:\windows\sp2update.exe
C:\WINDOWS\System32\wintrust.exe
C:\WINDOWS\System32\winproc.exe
C:\Program Files\stut <== folder
C:\WINDOWS\msresearch.exe
C:\Program Files\Kothb <== folder
C:\freexxx.exe
C:\WINDOWS\System32\nzrpql.exe
C:\PROGRAM FILES\Save <== folder
C:\WINDOWS\Wast2.exe
C:\WINDOWS\System32\sfg.dll
C:\Program Files\AUTOUPDATE <== folder
C:\Program Files\ezula <== folder
C:\WINDOWS\acrobat32.exe

* Still in safe mode Start Ccleaner
click "Options", click the "Advanced" tab
Uncheck: "Only delete files older than 48 hrs.", click Ok
Click "Cleaner" and click Run Cleaner (bottom right)

* Open Ad-aware and do a full scan. Remove all it finds.

Now open Ewido Security Suite
Click on scanner

* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop

Close Ewido

Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan.
Save the scan log and post it along with a new HijackThis Log, and the Ewido Log by using Add Reply.
Let us know if any problems persist.

#5
pakslap

Posted 22 August 2005 - 11:14 PM

New Member

Topic Starter
Member
5 posts

thank u very much, all my problems are fixed =) u guys are great, keep up the good work! here go the logs:

Logfile of HijackThis v1.99.1
Scan saved at 10:12:32 PM, on 8/22/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\mqsvc.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\DIGStream\digstream.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
C:\Program Files\AIM95\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ATI Multimedia\main\ATISched.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\David1\Desktop\HijackThis.exe

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.../7_2/home.html"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\David1\Application Data\Mozilla\Profiles\default\00jpagxz.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [REGRUN32] C:\explorer.exe
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Repair Registry Pro] C:\Program Files\Repair Registry Pro\RepairRegistryPro.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DIGStream] C:\Program Files\DIGStream\digstream.exe
O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\main\ATISched.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft...free/asinst.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

Ad-Aware SE Build 1.06r1
Logfile Created on:Monday, August 22, 2005 7:01:16 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R62 17.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):3 total references
Ebates MoneyMaker(TAC index:4):3 total references
MRU List(TAC index:0):29 total references
SahAgent(TAC index:9):10 total references
Tracking Cookie(TAC index:3):69 total references
Windows(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

8-22-2005 7:01:16 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\David1\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office

MRU List Object Recognized!
Location: : C:\Documents and Settings\David1\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\clipart gallery\2.0\mrudescription
Description : most recently used description in microsoft clipart gallery

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\office\9.0\common\open find\microsoft powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\office\9.0\powerpoint\recentfolderlist
Description : list of recent folders used by microsoft powerpoint

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer

MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox

MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 144
ThreadCreationTime : 8-23-2005 1:46:13 AM
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 196
ThreadCreationTime : 8-23-2005 1:46:22 AM
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 220
ThreadCreationTime : 8-23-2005 1:46:23 AM
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 264
ThreadCreationTime : 8-23-2005 1:46:26 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 276
ThreadCreationTime : 8-23-2005 1:46:26 AM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 428
ThreadCreationTime : 8-23-2005 1:46:28 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 452
ThreadCreationTime : 8-23-2005 1:46:28 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 688
ThreadCreationTime : 8-23-2005 1:46:35 AM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:9 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1132
ThreadCreationTime : 8-23-2005 1:57:16 AM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE

#:10 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1288
ThreadCreationTime : 8-23-2005 2:00:58 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ebateswebsavingsdr0.xml

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ebateswebsavingsdr0.xml
Value : DisplayName

Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ebateswebsavingsdr0.xml
Value : UninstallString

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1292428093-1592454029-839522115-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Windows Object Recognized!
Type : RegData
Data : "regedit.exe" "%1"
TAC Rating : 3
Category : Vulnerability
Comment : Possible virus infection, REG file extension compromised
Rootkey : HKEY_CLASSES_ROOT
Object : regfile\shell\open\command
Value :
Data : "regedit.exe" "%1"

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 36

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 36

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@cgi-bin[11].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@cgi-bin[11].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@questionmarket[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@questionmarket[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@247realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@excite[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@excite[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@serving-sys[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@serving-sys[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@statcounter[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@statcounter[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@centrport[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@centrport[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@mediaplex[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@mediaplex[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@findwhat[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@findwhat[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@overture[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@overture[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@xxxcounter[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@xxxcounter[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@casalemedia[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@casalemedia[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@revenue[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@revenue[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@realmedia[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@realmedia[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@paycounter[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@paycounter[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@clickagents[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@clickagents[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@tickle[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@tickle[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@cgi-bin[12].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@cgi-bin[12].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@adrevolver[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@trafficmp[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@trafficmp[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@xxxtoolbar[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@xxxtoolbar[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@apmebf[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@real[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@0[8].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@0[8].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@date[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@date[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@tribalfusion[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@tribalfusion[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@pro-market[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@pro-market[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@specificclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@specificclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@fastclick[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@fastclick[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@bluemountain[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@bluemountain[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@zedo[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@zedo[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@advertising[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@advertising[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@gator[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@gator[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@sexlist[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@sexlist[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@cgi-bin[13].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@cgi-bin[13].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@2o7[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@2o7[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : david1@2o7[5].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\david1@2o7[5].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\David1\Cookies\[email protected][4].txt

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 69
Objects found so far: 105

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SahAgent Object Recognized!
Type : File
Data : 6be086oa.dll
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 4, 0, 3, 0
ProductVersion : 4, 0, 3, 0

SahAgent Object Recognized!
Type : File
Data : 0f8uekdh.exe
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\
FileVersion : 4, 1, 0, 0
ProductVersion : 4, 1, 0, 0

SahAgent Object Recognized!
Type : File
Data : lh9d9e5q.exe
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\
FileVersion : 4, 1, 0, 0
ProductVersion : 4, 1, 0, 0

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 108

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 108

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SahAgent Object Recognized!
Type : Folder
TAC Rating : 9
Category : Data Miner
Comment : SahAgent
Object : C:\WINDOWS\System32\SahImages

SahAgent Object Recognized!
Type : File
Data : gr_reg_header.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

SahAgent Object Recognized!
Type : File
Data : gr_sahs_logo.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

SahAgent Object Recognized!
Type : File
Data : gr_1reg.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

SahAgent Object Recognized!
Type : File
Data : gr_2shop.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

SahAgent Object Recognized!
Type : File
Data : gr_3cash.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

SahAgent Object Recognized!
Type : File
Data : submit_pop.gif
TAC Rating : 9
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\sahimages\

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 115

7:12:52 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:35.391
Objects scanned:121309
Objects identified:86
Objects ignored:0
New critical objects:86

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:54:38 PM, 8/22/2005
+ Report-Checksum: F03F5912

+ Scan result:

HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Dsi -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\MaxSpeed -> Spyware.Maxspeed : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75} -> Spyware.NetNucleus : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\david1@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-2.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-2.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-3.txt -> Spyware.Cookie.Sexcounter : Cleaned with

#6
pakslap

Posted 22 August 2005 - 11:17 PM

New Member

Topic Starter
Member
5 posts

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 9:54:38 PM, 8/22/2005
+ Report-Checksum: F03F5912

+ Scan result:

HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Dsi -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\MaxSpeed -> Spyware.Maxspeed : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Spyware.WebRebates : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75} -> Spyware.NetNucleus : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Porntrack : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\Cookies\david1@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\David1\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-13.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-6.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-5.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-1.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-2.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-2.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-3.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-3.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-4.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-4.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-4.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-4.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-7.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-7.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-8.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-8.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-10.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-10.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-11.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-11.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-11.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-11.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.6:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-12.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.7:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-12.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-12.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.9:C:\Documents and Settings\David1\Application Data\Mozilla\Firefox\Profiles\3cin4j4y.;lksdf\cookies-12.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\David1\ss.exe -> Trojan.LowZones.d : Cleaned with backup
C:\Program Files\Common Files\Updates\task.bat -> Backdoor.Bronc.a : Cleaned with backup
C:\Program Files\Common Files\Updates\updater.dll -> Backdoor.Bronc.a : Cleaned with backup
C:\Program Files\CD to WAV and MP3 Ripper\VVSN_MTHR0504Inst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\CD to WAV and MP3 Ripper\NH20040517.4a.EE.exe/NHInstall.exe -> Spyware.NavExcel : Cleaned with backup
C:\Program Files\MP3 to WAV Decoder\VVSN_MTHR0504Inst.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\MP3 to WAV Decoder\NH20040517.4a.EE.exe/NHInstall.exe -> Spyware.NavExcel : Cleaned with backup
C:\Program Files\Audiobliss\Free WAV to MP3 Encoder\NH20040517.4a.KK.exe/NHInstall.exe -> Spyware.NavExcel : Cleaned with backup
C:\Program Files\Audiobliss\Free WAV to MP3 Encoder\ezab.exe -> Adware.eZula : Cleaned with backup
C:\smtp32.exe/ss.exe -> Trojan.LowZones.d : Cleaned with backup
C:\openlib.exe/ss.exe -> Trojan.LowZones.d : Cleaned with backup
:mozilla.6:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.7:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.8:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.17:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.19:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.20:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.21:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.22:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.23:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.24:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.25:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.26:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.27:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.28:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.30:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.31:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.32:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.33:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.36:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.37:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.38:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.39:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.40:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.41:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.42:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.44:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.47:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.48:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.49:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.50:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.51:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.53:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.54:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.55:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.56:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.57:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.58:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.59:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.60:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.61:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.62:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.63:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.64:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.65:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.66:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.69:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.70:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.71:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.72:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.73:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.74:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.75:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.76:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.79:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.80:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.81:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.82:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.83:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.84:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.85:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.86:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.87:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.88:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.89:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.90:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.91:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.92:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.93:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.94:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.95:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.96:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.97:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.98:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.100:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.110:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.118:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.119:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.120:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.121:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.122:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.125:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.126:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.127:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.128:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.129:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.130:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.131:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.132:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.133:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.134:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.135:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.136:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.137:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.138:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.139:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.140:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.141:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.142:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.143:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.144:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.145:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.146:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.147:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.148:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.149:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.150:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.151:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.152:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.153:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.154:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.155:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.156:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.157:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.158:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.159:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.160:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.161:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.162:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.163:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.164:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.165:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.166:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.167:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.168:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.169:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.170:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.171:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.172:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.173:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.174:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.175:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.177:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.182:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.184:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.187:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.188:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.189:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.190:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.196:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.199:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.211:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.216:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.227:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.231:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.232:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.233:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.235:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.240:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.241:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.242:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.243:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.244:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.245:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.246:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.247:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.253:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.254:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.262:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.263:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.264:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.265:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.266:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.267:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.268:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.269:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.270:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.271:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.272:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.273:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.274:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.276:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.277:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.287:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.288:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.299:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.300:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.301:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.302:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.303:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.304:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.310:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.311:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.312:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.313:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.314:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.315:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.316:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.317:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.318:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.319:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.325:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.326:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.327:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.328:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.329:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.330:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.331:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.332:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.334:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.336:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.337:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.381:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.382:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.383:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.384:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.385:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.386:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.387:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.406:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.415:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.416:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.419:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.420:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.421:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.422:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.423:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.424:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.425:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.445:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.446:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.455:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.456:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.472:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.483:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.487:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.488:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.489:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.490:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.522:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.536:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.537:C:\FOUND.119\FILE0009.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\FOUND.128\FILE0000.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0009.CHK -> Spyware.180Solutions : Cleaned with backup
C:\FOUND.128\FILE0017.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0022.CHK -> Spyware.180Solutions : Cleaned with backup
C:\FOUND.128\FILE0023.CHK -> Spyware.180Solutions : Cleaned with backup
C:\FOUND.128\FILE0024.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0025.CHK -> Spyware.PurityScan : Cleaned with backup
C:\FOUND.128\FILE0027.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0028.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0030.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0031.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0033.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0052.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0053.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0054.CHK -> Adware.SaveNow : Cleaned with backup
C:\FOUND.128\FILE0062.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0066.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0081.CHK -> TrojanDownloader.PurityScan.w : Cleaned with backup
C:\FOUND.128\FILE0087.CHK -> Adware.BetterInternet : Cleaned with backup
C:\FOUND.128\FILE0095.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0096.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0097.CHK -> Spyware.180Solutions : Cleaned with backup
C:\FOUND.128\FILE0105.CHK -> Spyware.WebHancer : Cleaned with backup
C:\FOUND.128\FILE0106.CHK -> Spyware.180Solutions : Cleaned with backup
C:\FOUND.034\FILE0009.CHK -> Spyware.P2PNetworking : Cleaned with backup
C:\FOUND.034\FILE0010.CHK -> Spyware.P2PNetworking : Cleaned with backup
C:\FOUND.034\FILE0011.CHK -> Spyware.P2PNetworking : Cleaned with backup
C:\FOUND.034\FILE0019.CHK/asm.exe -> Spyware.Altnet : Cleaned with backup
C:\FOUND.034\FILE0019.CHK/asmps.dll -> Spyware.Altnet : Cleaned with backup
C:\FOUND.034\FILE0020.CHK/asm.exe -> Spyware.Altnet : Cleaned with backup
C:\FOUND.034\FILE0020.CHK/asmps.dll -> Spyware.Altnet : Cleaned with backup
C:\FOUND.034\FILE0022.CHK -> Spyware.Altnet : Cleaned with backup
:mozilla.6:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.13:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.15:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.16:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.17:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.18:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.19:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.20:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.21:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.22:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.23:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.24:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.25:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.26:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.27:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.28:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.29:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.30:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.31:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.32:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.35:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.36:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.37:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.38:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.39:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.40:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.55:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.66:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.67:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.68:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.69:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.70:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.71:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.72:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.78:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.79:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.80:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.81:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.82:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.83:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.84:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.85:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.88:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.89:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.90:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.91:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.92:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.94:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.95:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.96:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.97:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.98:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.99:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.100:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.101:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.102:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.103:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.104:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.105:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.106:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.107:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.108:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.110:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.111:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.113:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.114:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.115:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.116:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.117:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.118:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.119:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.120:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.121:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.122:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.123:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.124:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.125:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.126:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.127:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.128:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.129:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.132:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.142:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.144:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.146:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.147:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.148:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.160:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.167:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.168:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.172:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.173:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.174:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.193:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.194:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.195:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Clickzs : Cleaned with backup
:mozilla.202:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.203:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.204:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.205:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.219:C:\FOUND.046\FILE0012.CHK -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\FOUND.130\FILE0001.CHK -> TrojanDownloader.IstBar : Cleaned with backup
C:\FOUND.130\FILE0028.CHK -> Spyware.WebRebates : Cleaned with backup
:mozilla.9:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.15:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.16:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.17:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.18:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.19:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.20:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.21:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.22:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.23:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.24:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.25:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.26:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.27:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.28:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.29:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.30:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.41:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.44:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.45:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.49:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.50:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.53:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.54:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.55:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.56:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.57:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.58:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.59:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.60:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.61:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.62:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.63:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.64:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.66:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.81:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.105:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.106:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.107:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.108:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.109:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.110:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.111:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.112:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.113:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.114:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Excite : Cleaned with backup
:mozilla.115:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.116:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.130:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.141:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.153:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.154:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.155:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.156:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.157:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.158:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.159:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.160:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.161:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.162:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.163:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.164:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.174:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.175:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Linksynergy : Cleaned with backup
:mozilla.181:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.182:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Shopathomeselect : Cleaned with backup
:mozilla.197:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.198:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.199:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.202:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.206:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.207:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.208:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.209:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.210:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.211:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.212:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.213:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.236:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.237:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.242:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.247:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.260:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.265:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.266:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.267:C:\FOUND.130\FILE0061.CHK -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\FOUND.130\FILE0074.CHK -> Spyware.VX2 : Cleaned with backup
C:\FOUND.130\FILE0076.CHK -> Spyware.WebRebates : Cleaned with backup
:mozilla.7:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.8:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.9:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.10:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.11:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.15:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.16:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.17:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.18:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.19:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.21:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.22:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.28:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.29:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.30:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.31:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.32:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.33:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.34:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.35:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.36:C:\FOUND.132\FILE0000.CHK -> Spyware.Cookie.Advertising : Cleaned with backu

#7
miekiemoes

Posted 22 August 2005 - 11:46 PM

Malware Expert

Member
5,503 posts

Hi, still some leftovers:

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

O4 - HKLM\..\Run: [REGRUN32] C:\explorer.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

* Click on Fix Checked when finished and exit HijackThis.

I want to know what it is, so can you go to next site:
http://virusscan.jotti.org/

On top you'll find: File to upload and scan.
Now browse to the next file:

C:\WINDOWS\system32\netdde.exe

Click submit and let it scan.
Post the results in your next reply.

#8
miekiemoes

Posted 02 September 2005 - 04:40 PM

Malware Expert

Member
5,503 posts

Due to the lack of feedback, this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

#9
miekiemoes

Posted 02 September 2005 - 04:40 PM

Malware Expert

Member
5,503 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.