Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Hijackthis log, just to be sure

Started by Tranceplant , Feb 11 2006 05:33 PM

  • Please log in to reply

#1
Tranceplant
Posted 11 February 2006 - 05:33 PM

Tranceplant

    Member

  • Member
  • PipPip
  • 24 posts
I just want to be sure everything is clean in my PC.

Here's my log.

Thanks!


Logfile of HijackThis v1.99.1
Scan saved at 18:27:30, on 2006-02-11
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://muser.musicmi.../Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_2.1.0.69.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1107788872201
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenu...yerAX_Win32.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
  • 0

Advertisements

#2
skate_punk_21
Posted 16 February 2006 - 03:14 PM

skate_punk_21

    Malware Removal Expert

  • Retired Staff
  • 1,049 posts
everything there looks good but if you are up for it we can take a deeper look...
Further Scanning
Please run a Scan at the Following site
Panda ActiveScan

Make sure that you choose the "fix" or "clean" option when available
at the end of this scan you will be given then option to VIEW and then SAVE a log from the scan -SAVE THAT LOG- and post it here.

Please post a fresh HijackThis log & the Log from Panda so that we can check if your system is clean.

Edited by skate_punk_21, 16 February 2006 - 03:15 PM.

  • 0

#3
Tranceplant
Posted 16 February 2006 - 11:42 PM

Tranceplant

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Okay!

Here's a fresh new HijackThis log...


Logfile of HijackThis v1.99.1
Scan saved at 00:39:23, on 2006-02-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://muser.musicmi.../Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_2.1.0.69.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1107788872201
O16 - DPF: {68A2C3BD-7809-11D3-8ACF-0050046F2F9A} (AXELPlayer Class) - http://www.mindavenu...yerAX_Win32.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

----------------

And here's the panda activescan log...


Incident Status Location

Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@247realmedia[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@2o7[2].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@adtech[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@adultfriendfinder[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@ask[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@banner[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@belnk[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@bluestreak[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@bravenet[1].txt
Spyware:Cookie/Bs.serving-sys Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@burstnet[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@casalemedia[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@com[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@go[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Mp3search Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@mp3search[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@serving-sys[1].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@statcounter[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@target[1].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tickle[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@toplist[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tribalfusion[1].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tucows[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@weborama[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@xiti[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@zedo[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.adopt.hbmediapro.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.adtech.de/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.as-us.falkag.net/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.belnk.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Casinotropez Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.casinotropez.com/*/nopop/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.com.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.cs.sexcounter.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.spylog.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.yadro.ru/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.z1.adserver.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[.zedo.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[stat.onestat.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\pcbox\Application Data\Mozilla\Firefox\Profiles\9xc7d87u.default\cookies.txt[]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@247realmedia[1].txt
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@2o7[2].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@adtech[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@adultfriendfinder[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@ask[1].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@banner[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@belnk[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@bluestreak[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@bravenet[1].txt
Spyware:Cookie/Bs.serving-sys Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@burstnet[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@casalemedia[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@com[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@go[2].txt
Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Mp3search Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@mp3search[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@serving-sys[1].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@statcounter[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@target[1].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tickle[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@toplist[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tribalfusion[1].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@tucows[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@weborama[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@xiti[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\pcbox\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\pcbox\Cookies\pcbox@zedo[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\pcbox\Local Settings\Temp\Cookies\[email protected][1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Local Settings\Temp\Cookies\pcbox@belnk[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\pcbox\Local Settings\Temp\Cookies\pcbox@com[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\pcbox\Local Settings\Temp\Cookies\[email protected][2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\pcbox\Local Settings\Temp\Cookies\pcbox@go[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\NPROTECT\00331896.MOZ[]
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP