Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Desktophijack - wininet.dll [CLOSED]

Started by BritLad , Sep 12 2005 09:00 AM

  • This topic is locked This topic is locked

#1
BritLad
Posted 12 September 2005 - 09:00 AM

BritLad

    New Member

  • Member
  • Pip
  • 1 posts
Hello there!!!

I recently have been attacked with Desktophijack in the version of PSGuard - as far as im aware i have stopped it hijacking my system, however NAV keeps popping up with a continual stream telling me:

WINDOWS/System32/Wininit.dll

is infected.

I have tried all NAV things and all ways in your forum about malware and still it persists - grrrr!!!

So i'm hoping that you can hopefully offer me some help in trying to deal with this pesky little critter.

Here is a copy of my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 15:47:47, on 12/09/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\STDSB.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 My Custom Edition\CalCheck.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1082\en-gb\bin\WindowsSearch.exe
C:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1082\en-gb\bin\WindowsSearchIndexer.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\HJT\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\05050b9994d820e7079f0c7c2a7a3e01\update\update.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packar...se=6&key=SEARCH
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btyahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.btyahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\apps\Adobe\Acrobat 5.1\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\System32\STDSB.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C44 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C44 Series" /O6 "USB001" /M "Stylus C44"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: BT Broadband Basic Help.lnk = C:\Program Files\BT Broadband Basic Help\bin\matcli.exe
O4 - Global Startup: Ulead Photo Express Calendar Checker For My Custom Edition.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 My Custom Edition\CalCheck.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0000.1082\en-gb\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\en-gb\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-gb\msntabres.dll/229?54b0d0ef16164d5b8c263ac2b8874ea5
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1110\en-gb\msntabres.dll/230?54b0d0ef16164d5b8c263ac2b8874ea5
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0527.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.s...rl/LSSupCtl.cab
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com...tiveXWebCam.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...rl/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3CCC1ED-D6E8-48B7-8BC8-99D1DF58556E}: NameServer = 194.72.0.98 194.74.65.69
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SpywareCleanerService - Secure Computer, LLC - C:\Program Files\Spyware Cleaner\SCService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

and here is the ewido log as well:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 15:18:39, 12/09/2005
+ Report-Checksum: AA74779E

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{357A87ED-3E5D-437d-B334-DEB7EB4982A3} -> Trojan.Agent.eo : Cleaned with backup
HKU\S-1-5-21-2051619018-1874705054-2612298247-1005\Software\SCom -> Dialer.Generic : Cleaned with backup
[936] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Cleaned with backup
[1084] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[1236] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[1264] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[1452] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[1552] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[1948] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[440] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[108] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[704] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[916] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
[3528] C:\WINDOWS\System32\fastvideoplayer.dll -> TrojanDownloader.Dyfuca.dn : Cleaned with backup
[3636] C:\WINDOWS\System32\OLEEXT.dll -> Trojan.Agent.ff : Error during cleaning
C:\Program Files\Spyware Cleaner\Quarantine\10-8-2005-10-7-20\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\1.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\11.qit -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\17.qit -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\18.qit -> Spyware.Cookie.Realtracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\20.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\21.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\22.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\23.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\24.qit -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\25.qit -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\26.qit -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\27.qit -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\7.qit -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\18-4-2005-14-39-23\8.qit -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\1.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\10.qit -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\14.qit -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\15.qit -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\2.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\4.qit -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\8.qit -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-3-2005-10-1-46\9.qit -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-4-2005-12-5-33\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-4-2005-12-5-33\1.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-4-2005-12-5-33\11.qit -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-4-2005-12-5-33\12.qit -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-4-2005-12-5-33\15.qit -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\1.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\10.qit -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\11.qit -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\12.qit -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\13.qit -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\14.qit -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-5-2005-14-2-38\3.qit -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\10.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\11.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\12.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\2.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\25.qit -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\26.qit -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\6.qit -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\7.qit -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\8.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\22-7-2005-9-43-9\9.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\27-4-2005-13-13-6\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\27-4-2005-20-48-11\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\27-4-2005-20-48-11\4.qit -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\27-4-2005-20-48-11\8.qit -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\28-4-2005-14-14-29\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\28-4-2005-14-14-29\6.qit -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\28-4-2005-14-14-29\7.qit -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\28-4-2005-14-14-29\8.qit -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\30-4-2005-17-20-3\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\30-4-2005-17-20-3\1.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\4-5-2005-0-9-48\0.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\4-5-2005-0-9-48\1.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\4-5-2005-0-9-48\7.qit -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\2.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\22.qit -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\23.qit -> Spyware.Cookie.Overture : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\24.qit -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\26.qit -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\27.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\28.qit -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\29.qit -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\3.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\30.qit -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\31.qit -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\6.qit -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\7.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\8.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\5-8-2005-14-58-17\9.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\13.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\14.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\15.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\16.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\17.qit -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\29.qit -> Spyware.Cookie.Overture : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\30.qit -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\32.qit -> Spyware.Cookie.Realtracker : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\33.qit -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\34.qit -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\35.qit -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\36.qit -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\37.qit -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\38.qit -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\4.qit -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\43.qit -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\45.qit -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\5.qit -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\6.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\6-9-2005-11-34-31\7.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\0.qit -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\1.qit -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\13.qit -> Spyware.Cookie.Overture : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\14.qit -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\15.qit -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\16.qit -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\2.qit -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\3.qit -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\4.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Program Files\Spyware Cleaner\Quarantine\9-8-2005-11-38-18\5.qit -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\WINDOWS\system32\fastvideoplayer.dll -> TrojanDownloader.Dyfuca.dn : Cleaned with backup


::Report End

Helpfully you can help me - many thanks

Andrew
  • 0

Advertisements

#2
loophole
Posted 16 September 2005 - 07:29 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Hello :tazz:

Sorry for the delayed response, it has been very busy lately.

If you still require help please post a new Hijack log in this
thread and I will help you. If your problem has been fixed please
respond and let us know.

Thanks
  • 0

#3
loophole
Posted 03 October 2005 - 11:16 PM

loophole

    Malware Expert

  • Retired Staff
  • 9,798 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP