Alright, sorry, I found the log sheet and I'm sending you the last 3 sweeps I did. One was on Dec. 1st, the next on the 2nd and then the one I just did. It's a lot of info. Sorry. At the end is the new HijackThis log as well. C:\WINDOWS\system32\ddcyy.dll is now deleted from my computer when I used the 'killvundo' program. That was where the virus was originally, but it's obviously still on here since I'm still getting winfixer pop-ups. After Dec. 2nd's log on SpySweeper is when I was able to get rid of the ddcyy.dll file.
********
8:04 PM: |··· Start of Session, Monday, December 05, 2005 ···|
8:04 PM: Spy Sweeper started
8:04 PM: Sweep initiated using definitions version 500
8:04 PM: Starting Memory Sweep
8:06 PM: Memory Sweep Complete, Elapsed Time: 00:01:57
8:06 PM: Starting Registry Sweep
8:06 PM: Registry Sweep Complete, Elapsed Time:00:00:12
8:06 PM: Starting Cookie Sweep
8:06 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
8:06 PM: Starting File Sweep
8:11 PM: File Sweep Complete, Elapsed Time: 00:04:38
8:11 PM: Full Sweep has completed. Elapsed time 00:06:52
8:11 PM: Traces Found: 0
********
9:45 PM: |··· Start of Session, Friday, December 02, 2005 ···|
9:45 PM: Spy Sweeper started
9:45 PM: Sweep initiated using definitions version 500
9:45 PM: Starting Memory Sweep
9:48 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:56 PM: Memory Sweep Complete, Elapsed Time: 00:11:21
9:56 PM: Starting Registry Sweep
9:58 PM: Registry Sweep Complete, Elapsed Time:00:01:21
9:58 PM: Starting Cookie Sweep
9:58 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
9:58 PM: Starting File Sweep
10:16 PM: File Sweep Complete, Elapsed Time: 00:17:35
10:16 PM: Full Sweep has completed. Elapsed time 00:30:35
10:16 PM: Traces Found: 0
10:23 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
10:31 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
10:38 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
10:45 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
10:52 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
11:41 PM: IE Tracking Cookies Shield: Removed banner cookie
11:42 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:42 PM: IE Tracking Cookies Shield: Removed realmedia cookie
11:42 PM: IE Tracking Cookies Shield: Removed tradedoubler cookie
11:43 PM: IE Tracking Cookies Shield: Removed 2o7.net cookie
11:46 PM: IE Tracking Cookies Shield: Removed banner cookie
11:46 PM: IE Tracking Cookies Shield: Removed valuead cookie
11:47 PM: IE Tracking Cookies Shield: Removed falkag cookie
11:47 PM: IE Tracking Cookies Shield: Removed serving-sys cookie
12:02 AM: IE Tracking Cookies Shield: Removed falkag cookie
12:02 AM: IE Tracking Cookies Shield: Removed serving-sys cookie
12:07 AM: IE Tracking Cookies Shield: Removed falkag cookie
12:07 AM: IE Tracking Cookies Shield: Removed serving-sys cookie
1:10 AM: IE Tracking Cookies Shield: Removed banner cookie
1:10 AM: IE Tracking Cookies Shield: Removed ru4 cookie
1:11 AM: IE Tracking Cookies Shield: Removed banner cookie
1:11 AM: IE Tracking Cookies Shield: Removed casalemedia cookie
1:12 AM: IE Tracking Cookies Shield: Removed casalemedia cookie
1:12 AM: IE Tracking Cookies Shield: Removed realmedia cookie
1:22 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
1:22 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
1:23 AM: IE Tracking Cookies Shield: Removed belnk cookie
1:23 AM: IE Tracking Cookies Shield: Removed belnk cookie
1:23 AM: IE Tracking Cookies Shield: Removed belnk cookie
1:23 AM: IE Tracking Cookies Shield: Removed realmedia cookie
10:27 AM: IE Tracking Cookies Shield: Removed banner cookie
10:28 AM: IE Tracking Cookies Shield: Removed casalemedia cookie
10:28 AM: IE Tracking Cookies Shield: Removed realmedia cookie
10:29 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:29 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:29 AM: IE Tracking Cookies Shield: Removed realmedia cookie
10:30 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:30 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:30 AM: IE Tracking Cookies Shield: Removed banner cookie
10:30 AM: IE Tracking Cookies Shield: Removed casalemedia cookie
10:31 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:31 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:31 AM: IE Tracking Cookies Shield: Removed casalemedia cookie
10:32 AM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:32 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:32 AM: IE Tracking Cookies Shield: Removed adrevolver cookie
10:32 AM: IE Tracking Cookies Shield: Removed realmedia cookie
10:38 AM: IE Tracking Cookies Shield: Removed reliablestats cookie
11:06 PM: IE Tracking Cookies Shield: Removed reliablestats cookie
11:09 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:10 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:12 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:13 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:14 PM: IE Tracking Cookies Shield: Removed banner cookie
11:14 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:15 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:15 PM: IE Tracking Cookies Shield: Removed realmedia cookie
11:16 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
11:16 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
11:16 PM: IE Tracking Cookies Shield: Removed realmedia cookie
11:17 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
11:17 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
11:17 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:17 PM: IE Tracking Cookies Shield: Removed realmedia cookie
11:19 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
11:20 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:20 PM: IE Tracking Cookies Shield: Removed realmedia cookie
11:20 PM: IE Tracking Cookies Shield: Removed reliablestats cookie
7:29 PM: IE Tracking Cookies Shield: Removed reliablestats cookie
7:45 PM: Processing Startup Alerts
7:45 PM: Allowed Startup entry: Window Washer
********
6:55 PM: |··· Start of Session, Thursday, December 01, 2005 ···|
6:55 PM: Spy Sweeper started
6:55 PM: Sweep initiated using definitions version 500
6:55 PM: Starting Memory Sweep
6:57 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:06 PM: Memory Sweep Complete, Elapsed Time: 00:11:01
7:06 PM: Starting Registry Sweep
7:07 PM: Registry Sweep Complete, Elapsed Time:00:01:32
7:07 PM: Starting Cookie Sweep
7:07 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
7:07 PM: Starting File Sweep
7:09 PM: File Sweep Complete, Elapsed Time: 00:01:40
7:09 PM: Full Sweep has completed. Elapsed time 00:14:31
7:09 PM: Traces Found: 0
8:47 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
8:47 PM: IE Tracking Cookies Shield: Removed adecn cookie
8:47 PM: IE Tracking Cookies Shield: Removed banner cookie
8:47 PM: IE Tracking Cookies Shield: Removed ru4 cookie
8:47 PM: IE Tracking Cookies Shield: Removed realmedia cookie
8:47 PM: IE Tracking Cookies Shield: Removed trafficmp cookie
8:50 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
8:50 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
8:50 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
8:52 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
8:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
8:55 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
8:55 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
8:55 PM: IE Tracking Cookies Shield: Removed realmedia cookie
2:48 PM: Definitions can not be updated because subscription has expired.
2:50 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
8:56 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:06 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:13 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:20 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:22 PM: IE Tracking Cookies Shield: Removed atlas dmt cookie
9:24 PM: IE Tracking Cookies Shield: Removed banner cookie
9:24 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
9:27 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
9:27 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
9:27 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
9:27 PM: IE Tracking Cookies Shield: Removed realmedia cookie
9:28 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:35 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:43 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
9:45 PM: |··· End of Session, Friday, December 02, 2005 ···|
********
12:11 PM: |··· Start of Session, Wednesday, November 30, 2005 ···|
12:11 PM: Spy Sweeper started
12:11 PM: Sweep initiated using definitions version 500
12:11 PM: Starting Memory Sweep
12:13 PM: Memory Sweep Complete, Elapsed Time: 00:01:34
12:13 PM: Starting Registry Sweep
12:13 PM: Found Adware: navexcel navhelper
12:13 PM: HKU\S-1-5-21-843490698-2675895226-3147047289-1010\software\microsoft\internet explorer\toolbar\webbrowser\ || {5aa06644-bc46-4220-a460-47a6eb47c96d} (ID = 4020076)
12:13 PM: HKU\S-1-5-21-843490698-2675895226-3147047289-1010\software\navexcel ltd\ (14 subtraces) (ID = 4020083)
12:13 PM: Found Adware: 180search assistant
12:13 PM: HKCR\clientax.clientinstaller.1\ (3 subtraces) (ID = 4020145)
12:13 PM: HKCR\clientax.clientinstaller\ (5 subtraces) (ID = 4020146)
12:13 PM: HKCR\clientax.requiredcomponent.1\ (3 subtraces) (ID = 4020147)
12:13 PM: HKCR\clientax.requiredcomponent\ (5 subtraces) (ID = 4020148)
12:13 PM: HKCR\clsid\{0ac49246-419b-4ee0-8917-8818daad6a4e}\ (20 subtraces) (ID = 4020149)
12:13 PM: HKCR\clsid\{99410cde-6f16-42ce-9d49-3807f78f0287}\ (20 subtraces) (ID = 4020152)
12:13 PM: HKLM\software\classes\clientax.clientinstaller.1\ (3 subtraces) (ID = 4020170)
12:13 PM: HKLM\software\classes\clientax.clientinstaller\ (5 subtraces) (ID = 4020171)
12:13 PM: HKLM\software\classes\clientax.requiredcomponent.1\ (3 subtraces) (ID = 4020172)
12:13 PM: HKLM\software\classes\clientax.requiredcomponent\ (5 subtraces) (ID = 4020173)
12:13 PM: HKLM\software\classes\clsid\{0ac49246-419b-4ee0-8917-8818daad6a4e}\ (20 subtraces) (ID = 4020174)
12:13 PM: HKLM\software\classes\clsid\{99410cde-6f16-42ce-9d49-3807f78f0287}\ (20 subtraces) (ID = 4020176)
12:13 PM: Found Adware: zango
12:13 PM: HKLM\software\classes\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\ (9 subtraces) (ID = 4032773)
12:13 PM: HKCR\typelib\{5b6689b5-c2d4-4dc7-bfd1-24ac17e5fcda}\ (9 subtraces) (ID = 4032799)
12:13 PM: Registry Sweep Complete, Elapsed Time:00:00:10
12:13 PM: Starting Cookie Sweep
12:13 PM: Found Cookie: 2o7.net cookie
12:13 PM: klke@2o7[1].txt (ID = 165345)
12:13 PM: Found Cookie: pointroll cookie
12:13 PM:
[email protected][1].txt (ID = 166541)
12:13 PM: Found Cookie: adserver.trb cookie
12:13 PM:
[email protected][1].txt (ID = 165535)
12:13 PM: Found Cookie: advertising cookie
12:13 PM: klke@advertising[1].txt (ID = 165563)
12:13 PM: Found Cookie: apmebf cookie
12:13 PM: klke@apmebf[2].txt (ID = 165617)
12:13 PM: Found Cookie: falkag cookie
12:13 PM:
[email protected][2].txt (ID = 166041)
12:13 PM: Found Cookie: atlas dmt cookie
12:13 PM: klke@atdmt[2].txt (ID = 165643)
12:13 PM: Found Cookie: atwola cookie
12:13 PM: klke@atwola[1].txt (ID = 165645)
12:13 PM: Found Cookie: banner cookie
12:13 PM: klke@banner[1].txt (ID = 165666)
12:13 PM: Found Cookie: doubleclick cookie
12:13 PM: klke@doubleclick[1].txt (ID = 165927)
12:13 PM: Found Cookie: mediaplex cookie
12:13 PM: klke@mediaplex[1].txt (ID = 166366)
12:13 PM: Found Cookie: qksrv cookie
12:13 PM: klke@qksrv[2].txt (ID = 166607)
12:13 PM: Found Cookie: reliablestats cookie
12:13 PM:
[email protected][1].txt (ID = 166649)
12:13 PM: Found Cookie: tradedoubler cookie
12:13 PM: klke@tradedoubler[1].txt (ID = 166973)
12:13 PM: Found Cookie: trb.com cookie
12:13 PM: klke@trb[1].txt (ID = 166985)
12:13 PM: Found Cookie: tribalfusion cookie
12:13 PM: klke@tribalfusion[2].txt (ID = 166987)
12:13 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
12:13 PM: Starting File Sweep
12:13 PM: clientax.inf (ID = 3731867)
12:13 PM: File Sweep Complete, Elapsed Time: 00:00:19
12:13 PM: Full Sweep has completed. Elapsed time 00:02:08
12:13 PM: Traces Found: 177
12:14 PM: Removal process initiated
12:14 PM: Quarantining All Traces: navexcel navhelper
12:14 PM: Quarantining All Traces: 180search assistant
12:14 PM: Quarantining All Traces: 2o7.net cookie
12:14 PM: Quarantining All Traces: pointroll cookie
12:14 PM: Quarantining All Traces: adserver.trb cookie
12:14 PM: Quarantining All Traces: advertising cookie
12:14 PM: Quarantining All Traces: apmebf cookie
12:14 PM: Quarantining All Traces: falkag cookie
12:14 PM: Quarantining All Traces: atlas dmt cookie
12:14 PM: Quarantining All Traces: atwola cookie
12:14 PM: Quarantining All Traces: banner cookie
12:14 PM: Quarantining All Traces: doubleclick cookie
12:14 PM: Quarantining All Traces: mediaplex cookie
12:14 PM: Quarantining All Traces: qksrv cookie
12:14 PM: Quarantining All Traces: reliablestats cookie
12:14 PM: Quarantining All Traces: tradedoubler cookie
12:14 PM: Quarantining All Traces: trb.com cookie
12:14 PM: Quarantining All Traces: tribalfusion cookie
12:14 PM: Quarantining All Traces: zango
12:14 PM: Removal process completed. Elapsed time 00:00:05
12:20 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:20 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:27 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:27 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:34 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:34 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:47 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:54 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:01 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:08 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:15 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:22 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:29 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:37 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:44 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:52 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:00 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:07 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:14 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:21 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:28 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:35 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:42 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:49 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:56 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:03 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:10 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:16 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:23 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:30 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:37 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:44 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:51 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
7:58 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
8:05 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
8:13 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:07 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:14 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:21 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:28 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:35 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:42 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:49 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:56 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:02 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:22 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:39 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:48 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:57 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:05 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:13 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:20 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:26 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:33 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:40 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:47 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:54 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:01 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:08 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:15 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:25 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:33 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:41 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:49 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:56 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:03 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:11 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:20 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:27 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:33 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:40 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:47 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:53 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:00 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:07 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:14 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:21 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:27 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:34 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:41 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:48 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:54 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:01 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:08 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:15 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:21 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:28 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:35 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:50 AM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
12:04 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:34 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:42 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:50 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
1:57 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:05 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:12 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:19 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:26 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:34 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:41 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:48 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
2:55 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:02 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:09 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:16 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:23 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:30 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:37 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:44 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:50 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
3:57 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:04 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:11 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:18 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:25 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:32 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:39 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:46 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
4:53 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:00 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:06 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:13 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:28 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:35 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:43 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:50 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
5:58 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:05 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:11 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:18 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:25 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:32 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:39 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:46 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:53 PM: Deletion from quarantine initiated
6:53 PM: Processing: mediaplex cookie
6:53 PM: Processing: advertising cookie
6:53 PM: Processing: apmebf cookie
6:53 PM: Processing: adserver.trb cookie
6:53 PM: Processing: atwola cookie
6:53 PM: Processing: banner cookie
6:53 PM: Processing: pointroll cookie
6:53 PM: Processing: navexcel navhelper
6:53 PM: Processing: qksrv cookie
6:53 PM: Processing: falkag cookie
6:53 PM: Processing: doubleclick cookie
6:53 PM: Processing: 180search assistant
6:53 PM: Processing: tribalfusion cookie
6:53 PM: Processing: 2o7.net cookie
6:53 PM: Processing: reliablestats cookie
6:53 PM: Processing: atlas dmt cookie
6:53 PM: Processing: trb.com cookie
6:53 PM: Processing: tradedoubler cookie
6:53 PM: Processing: zango
6:53 PM: Deletion from quarantine completed. Elapsed time 00:00:00
6:53 PM: Warning: Failed to check file "C:\WINDOWS\system32\ddcyy.dll". Cannot open file "C:\WINDOWS\system32\ddcyy.dll". Access is denied
6:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
6:54 PM: IE Tracking Cookies Shield: Removed adecn cookie
6:54 PM: IE Tracking Cookies Shield: Removed adknowledge cookie
6:54 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
6:54 PM: IE Tracking Cookies Shield: Removed adrevolver cookie
6:54 PM: IE Tracking Cookies Shield: Removed advertising cookie
6:54 PM: IE Tracking Cookies Shield: Removed atlas dmt cookie
6:54 PM: IE Tracking Cookies Shield: Removed banner cookie
6:54 PM: IE Tracking Cookies Shield: Removed casalemedia cookie
6:54 PM: IE Tracking Cookies Shield: Removed centrport net cookie
6:54 PM: IE Tracking Cookies Shield: Removed doubleclick cookie
6:54 PM: IE Tracking Cookies Shield: Removed fastclick cookie
6:54 PM: IE Tracking Cookies Shield: Removed mediaplex cookie
6:54 PM: IE Tracking Cookies Shield: Removed realmedia cookie
6:54 PM: IE Tracking Cookies Shield: Removed tradedoubler cookie
6:54 PM: IE Tracking Cookies Shield: Removed trafficmp cookie
6:54 PM: IE Tracking Cookies Shield: Removed tribalfusion cookie
6:54 PM: IE Tracking Cookies Shield: Removed valueclick cookie
6:54 PM: IE Tracking Cookies Shield: Removed adserver cookie
6:55 PM: Only Sweep Folders Where Threats Are Known to Reside
6:55 PM: |··· End of Session, Thursday, December 01, 2005 ···|
********
Logfile of HijackThis v1.99.1
Scan saved at 8:26:11 PM, on 12/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...ario&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://ie.redirect.h...ario&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://ie.redirect.h...ario&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://ie.redirect.h...ario&pf=desktopR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...ario&pf=desktopO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ATLDistrib Object - {3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} - C:\WINDOWS\system32\ddcyw.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSEvents Object - {B313D637-F405-4052-AC37-E2119AB3C8F8} - C:\WINDOWS\system32\ddcyy.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe
O8 - Extra context menu item: Add To Compaq Organize... - C:\PROGRA~1\HEWLET~1\COMPAQ~1\bin\core.hp.main\SendTo.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) -
http://www.costcopho...ostcoUpload.cabO16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) -
http://photo.walmart...ploadClient.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
http://h30043.www3.h.../qdiagh.cab?326O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) -
http://cdn.digitalci...illama/ampx.cabO20 - Winlogon Notify: ddcyw - C:\WINDOWS\system32\ddcyw.dll
O20 - Winlogon Notify: ddcyy - C:\WINDOWS\system32\ddcyy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
This topic is locked
Sign In
Create Account
