Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Double-click malware.

  1. 2008-12-07, 07:01 #11
    Jemindra
    Jemindra is offline
    Junior Member
    Join Date
    Feb 2008
    Posts
    7

    Default

    --------------------\\ Lop S&D 4.2.4-9c XP/Vista

    Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) D CPU 2.80GHz )
    BIOS : Phoenix ROM BIOS PLUS Version 1.10 A03
    USER : Ingrid Shepherd ( Administrator )
    BOOT : Normal boot
    Antivirus : PC-cillin Internet Security - Virus Protection 14.60.1206 (Activated)
    Firewall : PC-cillin Internet Security - Firewall 14 (Activated)
    A:\ (USB)
    C:\ (Local Disk) - NTFS - Total:145 Go (Free:72 Go)
    D:\ (CD or DVD)
    E:\ (CD or DVD)
    G:\ (USB)

    "C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
    Option : [1] ( Sun 12/07/2008| 0:52 )

    --------------------\\ Listing folders in APPLIC~1

    [03/20/2006|05:02] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Corel
    [03/20/2006|05:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Gtek
    [08/11/2004|06:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
    [03/20/2006|04:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
    [03/20/2006|04:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun

    [07/31/2008|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> acccore
    [10/04/2008|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
    [05/27/2008|03:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
    [07/31/2008|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
    [04/12/2008|03:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
    [09/28/2008|12:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
    [04/12/2008|04:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ATI
    [05/01/2008|03:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> BVRP Software
    [05/17/2008|06:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Corel
    [08/29/2008|04:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Dragon's Eye Productions
    [05/01/2008|09:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> exgvyfor
    [05/25/2008|04:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
    [12/05/2008|01:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
    [04/22/2008|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> InstallShield
    [05/04/2008|05:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kodak
    [04/12/2008|04:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Messenger Plus!
    [09/24/2008|05:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
    [11/12/2008|01:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft Help
    [04/22/2008|05:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Motive
    [08/27/2008|09:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Spybot - Search & Destroy
    [04/19/2008|11:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
    [08/10/2008|06:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
    [04/15/2008|02:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Trend Micro
    [07/31/2008|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Viewpoint
    [04/12/2008|04:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
    [04/15/2008|08:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WinZip
    [07/21/2008|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> WLInstaller

    [01/10/2007|09:34] C:\DOCUME~1\APPLIC~1\APPLIC~1\<DIR> Microsoft

    [10/24/2008|11:49] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Adobe
    [05/24/2008|02:07] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> AdobeUM
    [08/12/2006|04:32] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Apple Computer
    [06/24/2007|01:59] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> ATI
    [05/31/2008|02:21] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Corel
    [03/27/2006|12:26] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Corel Photo Album
    [07/06/2007|02:34] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Download Manager
    [10/28/2008|11:39] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> dvdcss
    [04/06/2008|01:53] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Funk creative amen
    [04/11/2007|11:53] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Google
    [05/02/2007|10:10] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Gtek
    [04/22/2006|12:35] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Help
    [04/11/2008|10:38] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Identities
    [07/07/2008|10:40] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> IMVU
    [07/08/2006|12:26] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Jasc Software Inc
    [11/14/2008|11:38] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Lavasoft
    [03/29/2006|12:59] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Leadertech
    [03/23/2006|09:48] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Macromedia
    [09/23/2008|10:46] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Microsoft
    [04/16/2006|11:02] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Microsoft Web Folders
    [05/19/2008|09:04] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Mozilla
    [09/22/2008|04:57] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> MP3Rocket
    [01/08/2007|12:08] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> MSN6
    [11/21/2006|08:05] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> MSNInstaller
    [02/25/2007|12:36] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> MySpace
    [11/03/2006|09:07] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Real
    [11/27/2007|02:13] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Skype
    [03/20/2006|04:50] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Sun
    [06/20/2008|12:46] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
    [07/12/2006|07:49] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Talkback
    [10/14/2006|12:18] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Ventrilo
    [03/25/2008|11:23] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> vlc
    [02/15/2008|03:45] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> Winamp
    [07/06/2007|02:51] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> WinRAR
    [10/18/2007|02:21] C:\DOCUME~1\CARLSH~1\APPLIC~1\<DIR> yahoo!

    [03/20/2006|05:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Corel
    [03/20/2006|05:03] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Gtek
    [08/11/2004|06:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
    [03/20/2006|04:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
    [03/20/2006|04:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun

    [03/20/2006|05:02] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Corel
    [03/20/2006|05:03] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Gtek
    [08/11/2004|06:20] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Identities
    [12/21/2006|06:59] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Microsoft
    [12/21/2006|06:59] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Real
    [03/20/2006|04:50] C:\DOCUME~1\Guest\APPLIC~1\<DIR> Sun

    [03/13/2007|12:32] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Adobe
    [03/20/2006|05:02] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Corel
    [03/18/2007|03:29] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Corel Photo Album
    [07/22/2006|04:45] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Gtek
    [03/11/2007|04:18] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Macromedia
    [03/18/2007|03:30] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Microsoft
    [03/11/2007|04:14] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Mozilla
    [03/20/2006|04:50] C:\DOCUME~1\INGRID~1\APPLIC~1\<DIR> Sun

    [09/17/2008|11:30] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Adobe
    [04/04/2007|01:19] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> AdobeUM
    [06/24/2007|08:12] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> ATI
    [03/20/2006|05:02] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Corel
    [04/06/2008|06:59] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Funk creative amen
    [04/15/2007|08:58] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Gtek
    [08/11/2004|06:20] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Identities
    [07/27/2008|01:55] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> IMVU
    [08/19/2007|09:02] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Jasc Software Inc
    [06/19/2007|06:55] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Lavasoft
    [03/19/2007|02:45] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Macromedia
    [06/22/2008|10:12] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Microsoft
    [05/19/2008|06:09] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Mozilla
    [02/11/2008|07:55] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Real
    [01/15/2008|11:37] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Skype
    [03/20/2006|04:50] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Sun
    [10/23/2007|08:23] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Ventrilo
    [01/16/2008|08:54] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> Winamp
    [08/25/2007|01:53] C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\<DIR> WinRAR

    [06/06/2006|09:10] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Help
    [04/07/2007|12:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
    [07/05/2007|01:02] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Mozilla

    [10/19/2008|02:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Adobe
    [10/19/2008|02:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Macromedia
    [07/21/2008|12:30] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft

    [05/04/2008|07:08] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> acccore
    [11/07/2008|09:46] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Adobe
    [05/07/2008|06:09] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> AdobeUM
    [06/18/2008|09:11] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Corel
    [03/20/2006|05:03] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Gtek
    [11/06/2008|06:27] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> gtk-2.0
    [08/11/2004|06:20] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Identities
    [12/06/2008|10:06] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> IMVU
    [07/25/2008|05:54] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> IMVU Previewer
    [10/19/2008|05:07] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> IMVUClient
    [05/17/2008|06:25] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> InstallShield
    [11/14/2008|03:53] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Lavasoft
    [05/03/2008|07:22] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Macromedia
    [09/25/2008|08:30] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Microsoft
    [05/19/2008|03:48] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Mozilla
    [05/16/2008|06:35] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> MP3Rocket
    [07/02/2008|09:51] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Real
    [06/19/2008|02:06] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Softplicity
    [03/20/2006|04:50] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Sun
    [08/27/2008|09:17] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Ventrilo
    [07/31/2008|04:47] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> Viewpoint
    [08/20/2008|04:06] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> vlc
    [06/18/2008|08:52] C:\DOCUME~1\Valerie\APPLIC~1\<DIR> WinRAR


    [08/26/2008|03:30] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> acccore
    [09/29/2008|09:01] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Adobe
    [09/29/2008|09:02] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> AdobeUM
    [09/22/2008|02:26] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Apple Computer
    [10/09/2008|11:12] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Corel
    [10/28/2008|05:25] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> dvdcss
    [10/10/2008|09:47] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> fltk.org
    [03/20/2006|05:03] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Google
    [07/22/2006|04:45] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Gtek
    [08/11/2004|06:20] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Identities
    [09/29/2008|08:15] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> InstallShield
    [11/14/2008|02:24] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Lavasoft
    [07/28/2008|12:42] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Macromedia
    [10/06/2008|11:50] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Microsoft
    [07/28/2008|12:40] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Mozilla
    [12/05/2008|12:59] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> MP3Rocket
    [11/07/2008|11:47] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Opera
    [09/22/2008|09:04] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Real
    [03/20/2006|04:50] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Sun
    [07/29/2008|05:18] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Ventrilo
    [09/28/2008|01:24] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> Viewpoint
    [08/06/2008|10:45] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> vlc
    [09/17/2008|08:38] C:\DOCUME~1\Vanessa\APPLIC~1\<DIR> WinRAR

    --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks

    [12/06/2008 10:17 PM][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{17D1112B-D625-4A9D-86EE-91CD8CD97DA5}.job
    [12/07/2008 12:00 AM][--ah-----] C:\WINDOWS\tasks\B3E20E999389BDA1.job
    [11/07/2008 11:50 AM][--a------] C:\WINDOWS\tasks\EasyShare Registration Task.job
    [12/06/2008 08:39 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [08/04/2004 06:00 AM][-r-h-c---] C:\WINDOWS\tasks\desktop.ini

    ( B3E20E999389BDA1.job )=( c:\docume~1\valeri~1\applic~1\funkcr~1\sectplusloud.exe )

    --------------------\\ Listing Folders in C:\Program Files

    [08/20/2006|01:09] C:\Program Files\<DIR> 3ivx
    [10/07/2008|11:28] C:\Program Files\<DIR> 7-Zip
    [06/01/2008|02:53] C:\Program Files\<DIR> Abbyy FineReader 6.0 Sprint
    [08/25/2007|01:40] C:\Program Files\<DIR> ActivationManager
    [10/04/2008|02:00] C:\Program Files\<DIR> Adobe
    [08/25/2007|01:39] C:\Program Files\<DIR> ADSTechnology
    [07/31/2008|04:46] C:\Program Files\<DIR> AIM6
    [07/31/2008|04:46] C:\Program Files\<DIR> AOL
    [03/06/2008|02:54] C:\Program Files\<DIR> ATI Technologies
    [04/22/2008|05:48] C:\Program Files\<DIR> att-nap
    [09/18/2007|10:22] C:\Program Files\<DIR> Audible
    [04/22/2008|06:36] C:\Program Files\<DIR> BellSouth
    [05/19/2008|09:03] C:\Program Files\<DIR> BellSouth Application Management
    [02/23/2008|08:43] C:\Program Files\<DIR> BitComet
    [09/28/2008|12:45] C:\Program Files\<DIR> Bonjour
    [12/10/2006|03:30] C:\Program Files\<DIR> CIF USB CAMERA
    [04/19/2008|12:17] C:\Program Files\<DIR> Circle Developement
    [06/25/2007|01:08] C:\Program Files\<DIR> Combined Community Codec Pack
    [10/19/2008|02:36] C:\Program Files\<DIR> Common Files
    [07/23/2006|12:11] C:\Program Files\<DIR> CONEXANT
    [06/18/2008|09:08] C:\Program Files\<DIR> Corel
    [09/09/2007|12:48] C:\Program Files\<DIR> Cosmi
    [06/15/2007|09:36] C:\Program Files\<DIR> Datel
    [05/02/2007|11:00] C:\Program Files\<DIR> Debugging Tools for Windows
    [05/04/2007|11:05] C:\Program Files\<DIR> Dell
    [10/27/2008|02:58] C:\Program Files\<DIR> Dell Photo AIO Printer 964
    [05/02/2007|10:09] C:\Program Files\<DIR> DellConnect
    [05/26/2007|03:44] C:\Program Files\<DIR> Design Science
    [08/17/2007|04:19] C:\Program Files\<DIR> DGCA
    [07/22/2008|06:06] C:\Program Files\<DIR> DivX
    [12/07/2008|12:50] C:\Program Files\<DIR> Dl_cats
    [05/25/2008|09:33] C:\Program Files\<DIR> FeelRO Game Client
    [08/29/2008|06:23] C:\Program Files\<DIR> FlashGet
    [12/06/2008|07:47] C:\Program Files\<DIR> Furcadia
    [12/05/2008|04:32] C:\Program Files\<DIR> Google
    [05/17/2008|11:27] C:\Program Files\<DIR> Gravity
    [04/30/2008|01:56] C:\Program Files\<DIR> HijackThis
    [07/25/2008|05:49] C:\Program Files\<DIR> ImvuTools2
    [10/27/2008|01:03] C:\Program Files\<DIR> InstallShield Installation Information
    [07/08/2006|03:06] C:\Program Files\<DIR> Intel
    [07/06/2006|01:03] C:\Program Files\<DIR> Intel Corporation
    [10/24/2008|08:25] C:\Program Files\<DIR> Internet Explorer
    [06/07/2006|12:54] C:\Program Files\<DIR> Jasc Software Inc
    [04/11/2008|06:50] C:\Program Files\<DIR> Java
    [01/04/2008|11:59] C:\Program Files\<DIR> Kodak
    [05/02/2007|11:49] C:\Program Files\<DIR> Lavasoft
    [08/29/2008|06:23] C:\Program Files\<DIR> Messenger
    [09/02/2008|06:40] C:\Program Files\<DIR> Messenger Plus! Live
    [04/16/2006|11:09] C:\Program Files\<DIR> microsoft frontpage
    [09/24/2008|05:05] C:\Program Files\<DIR> Microsoft LifeCam
    [05/15/2008|10:32] C:\Program Files\<DIR> Microsoft Office
    [03/20/2006|04:55] C:\Program Files\<DIR> Microsoft Plus! Digital Media Edition
    [03/20/2006|04:55] C:\Program Files\<DIR> Microsoft Plus! Photo Story 2 LE
    [10/20/2008|03:13] C:\Program Files\<DIR> Microsoft Silverlight
    [04/05/2008|07:34] C:\Program Files\<DIR> Microsoft SQL Server Compact Edition
    [06/06/2007|10:38] C:\Program Files\<DIR> Microsoft Visual Studio
    [05/15/2008|10:27] C:\Program Files\<DIR> Microsoft Visual Studio 8
    [05/15/2008|10:32] C:\Program Files\<DIR> Microsoft Works
    [05/15/2008|10:30] C:\Program Files\<DIR> Microsoft.NET
    [08/27/2008|09:29] C:\Program Files\<DIR> mIRC
    [08/29/2008|06:23] C:\Program Files\<DIR> Modem Helper
    [08/11/2004|06:12] C:\Program Files\<DIR> Movie Maker
    [12/06/2008|11:13] C:\Program Files\<DIR> Mozilla Firefox
    [12/05/2008|12:59] C:\Program Files\<DIR> MP3 Rocket
    [09/24/2008|04:55] C:\Program Files\<DIR> MSBuild
    [05/13/2007|04:28] C:\Program Files\<DIR> MSN
    [07/23/2006|02:39] C:\Program Files\<DIR> MSN Apps
    [10/17/2007|03:45] C:\Program Files\<DIR> msn gaming zone
    [06/15/2007|09:37] C:\Program Files\<DIR> MSXML 4.0
    [09/26/2008|02:02] C:\Program Files\<DIR> MSXML 6.0
    [07/06/2006|11:03] C:\Program Files\<DIR> MUSICMATCH
    [08/11/2004|06:12] C:\Program Files\<DIR> NetMeeting
    [10/19/2008|02:36] C:\Program Files\<DIR> Norton PC Checkup
    [08/11/2004|06:11] C:\Program Files\<DIR> Online Services
    [11/10/2008|10:59] C:\Program Files\<DIR> Opera
    [06/13/2007|11:19] C:\Program Files\<DIR> Outlook Express
    [05/20/2008|09:20] C:\Program Files\<DIR> Philips
    [09/22/2008|02:25] C:\Program Files\<DIR> QuickTime
    [08/27/2006|01:46] C:\Program Files\<DIR> Real
    [09/24/2008|04:52] C:\Program Files\<DIR> Reference Assemblies
    [04/30/2008|03:18] C:\Program Files\<DIR> RegistrySmart
    [06/20/2008|12:47] C:\Program Files\<DIR> Ringz Studio
    [03/20/2006|05:02] C:\Program Files\<DIR> Roxio
    [10/09/2008|10:40] C:\Program Files\<DIR> Sandisk
    [03/20/2006|04:52] C:\Program Files\<DIR> Sigmatel
    [05/10/2008|09:52] C:\Program Files\<DIR> Skype
    [06/25/2007|02:03] C:\Program Files\<DIR> SmartFTP Client
    [11/03/2007|02:11] C:\Program Files\<DIR> Sonic
    [09/30/2008|08:17] C:\Program Files\<DIR> Spybot - Search & Destroy
    [06/20/2008|12:46] C:\Program Files\<DIR> SUPERAntiSpyware
    [06/20/2008|12:43] C:\Program Files\<DIR> TotalImageConverter
    [11/29/2008|12:51] C:\Program Files\<DIR> Trend Micro
    [08/11/2004|06:20] C:\Program Files\<DIR> Uninstall Information
    [04/16/2008|07:35] C:\Program Files\<DIR> Ventrilo
    [10/26/2007|04:11] C:\Program Files\<DIR> Veoh Networks
    [07/15/2007|07:56] C:\Program Files\<DIR> VideoLAN
    [07/31/2008|04:46] C:\Program Files\<DIR> Viewpoint
    [09/29/2008|09:22] C:\Program Files\<DIR> VOCALOID2
    [04/07/2007|04:41] C:\Program Files\<DIR> Windows Journal Viewer
    [07/21/2008|11:06] C:\Program Files\<DIR> Windows Live
    [05/11/2007|10:46] C:\Program Files\<DIR> Windows Media Connect 2
    [05/03/2008|07:56] C:\Program Files\<DIR> Windows Media Player
    [06/06/2007|10:37] C:\Program Files\<DIR> Windows Messaging
    [10/12/2007|08:17] C:\Program Files\<DIR> Windows NT
    [08/11/2004|06:13] C:\Program Files\<DIR> WindowsUpdate
    [11/13/2007|08:16] C:\Program Files\<DIR> WinRAR
    [04/15/2008|08:12] C:\Program Files\<DIR> WinZip
    [03/20/2006|04:57] C:\Program Files\<DIR> WordPerfect Office 12
    [08/11/2004|06:15] C:\Program Files\<DIR> xerox
    [07/02/2007|05:07] C:\Program Files\<DIR> Yahoo!
    [06/20/2008|12:45] C:\Program Files\<DIR> ZD Soft

    --------------------\\ Listing Folders in C:\Program Files\Common Files

    [10/04/2008|01:59] C:\Program Files\Common Files\<DIR> Adobe
    [10/04/2008|01:59] C:\Program Files\Common Files\<DIR> Adobe AIR
    [05/27/2008|03:09] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
    [07/31/2008|04:45] C:\Program Files\Common Files\<DIR> AOL
    [09/24/2008|08:57] C:\Program Files\Common Files\<DIR> Apple
    [03/20/2006|04:57] C:\Program Files\Common Files\<DIR> Borland Shared
    [06/18/2008|09:10] C:\Program Files\Common Files\<DIR> Corel
    [09/09/2007|12:48] C:\Program Files\Common Files\<DIR> Cosmi
    [05/15/2008|10:32] C:\Program Files\Common Files\<DIR> DESIGNER
    [04/11/2008|10:33] C:\Program Files\Common Files\<DIR> INCA Shared
    [03/20/2006|04:57] C:\Program Files\Common Files\<DIR> InstallShield
    [03/27/2006|11:16] C:\Program Files\Common Files\<DIR> Jasc Software Inc
    [03/20/2006|04:50] C:\Program Files\Common Files\<DIR> Java
    [01/04/2008|11:55] C:\Program Files\Common Files\<DIR> Kodak
    [05/25/2008|04:31] C:\Program Files\Common Files\<DIR> Macrovision Shared
    [08/01/2008|01:47] C:\Program Files\Common Files\<DIR> Microsoft Shared
    [04/22/2008|06:23] C:\Program Files\Common Files\<DIR> Motive
    [08/11/2004|06:12] C:\Program Files\Common Files\<DIR> MSSoap
    [02/17/2008|12:14] C:\Program Files\Common Files\<DIR> Nullsoft
    [08/11/2004|06:07] C:\Program Files\Common Files\<DIR> ODBC
    [02/28/2008|10:33] C:\Program Files\Common Files\<DIR> Real
    [05/04/2007|11:05] C:\Program Files\Common Files\<DIR> Roxio Shared
    [08/11/2004|06:12] C:\Program Files\Common Files\<DIR> Services
    [06/20/2008|12:43] C:\Program Files\Common Files\<DIR> Sonic Shared
    [08/11/2004|06:07] C:\Program Files\Common Files\<DIR> SpeechEngines
    [04/22/2008|06:36] C:\Program Files\Common Files\<DIR> SupportSoft
    [10/19/2008|02:36] C:\Program Files\Common Files\<DIR> Symantec Shared
    [05/15/2008|10:38] C:\Program Files\Common Files\<DIR> System
    [03/20/2006|05:02] C:\Program Files\Common Files\<DIR> TiVo Shared
    [11/17/2007|07:19] C:\Program Files\Common Files\<DIR> WindowsLiveInstaller
    [06/20/2008|12:46] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
    [02/28/2008|10:33] C:\Program Files\Common Files\<DIR> xing shared

    --------------------\\ Process

    ( 36 Processes )

    ... OK !

    --------------------\\ Searching with S_Lop

    No Lop folder found !

    --------------------\\ Searching for Lop Files - Folders

    C:\DOCUME~1\CARLSH~1\APPLIC~1\funkcr~1
    C:\DOCUME~1\INGRID~1.CAR\APPLIC~1\funkcr~1
    C:\DOCUME~1\INGRID~1.CAR\LOCALS~1\Temp\nsa3.tmp
    C:\DOCUME~1\INGRID~1.CAR\LOCALS~1\Temp\nsr2166.tmp
    C:\DOCUME~1\INGRID~1.CAR\LOCALS~1\Temp\nst4.tmp
    C:\Program Files\Circle Developement
    C:\DOCUME~1\INGRID~1.CAR\Cookies\ingrid_shepherd@advertising[1].txt
    C:\DOCUME~1\INGRID~1.CAR\Cookies\ingrid_shepherd@adopt.euroclick[1].txt
    C:\WINDOWS\Tasks\B3E20E999389BDA1.job

    --------------------\\ Searching within the Registry

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------\\ Checking the Hosts file

    Hosts file MODIFIED

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 8681 [ 70 ## added by CiD ]

    --------------------\\ Searching for hidden files with Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-12-07 00:54:00
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------\\ Searching for other infections

    C:\WINDOWS\system32\fjwxjwvs.ini
    C:\WINDOWS\system32\fjwxjwvs.ini2
    C:\WINDOWS\system32\fjwxjwvs.tmp
    C:\WINDOWS\system32\rjpkxter.ini
    C:\WINDOWS\system32\rjpkxter.ini2
    ==> VUNDO <==



    [F:1593][D:188]-> C:\DOCUME~1\INGRID~1.CAR\LOCALS~1\Temp
    [F:288][D:0]-> C:\DOCUME~1\INGRID~1.CAR\Cookies
    [F:7313][D:9]-> C:\DOCUME~1\INGRID~1.CAR\LOCALS~1\TEMPOR~1\content.IE5

    1 - "C:\Lop SD\LopR_1.txt" - Sun 12/07/2008| 0:57 - Option : [1]

    --------------------\\ Scan completed at 0:57:11
  2. 2008-12-07, 11:18 #12
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Restart Lop S&D

    This time choose Option 2 (Fix + Hosts)
    Don't close the window during suppression!
    Post the log which is created: (C:\lopR.txt)
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
  3. 2008-12-12, 10:53 #13
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Due to the lack of feedback this Topic is closed.

    If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

    Everyone else please begin a New Topic.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules