PDA

View Full Version : Malware - Wheelchair symbol flashing [Smitfraud]



locadelic
2006-06-03, 05:41
Hi,

I have a slight problem. I have some sort of malware on my pc which is practically impossible to remove. After doing some searching i found this topic http://forums.spybot.info/showthread.php?t=4015 and have done everything i needed to do. Now all i need is a little help from the people who know how to help me fix it completely!! :D

Here are my reports:

c:\rapport.txt


SmitFraudFix v2.53

Scan done at 17:17:22.64, Fri 06/02/2006
Run from C:\Documents and Settings\lauryn\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp???.tmp FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\regperf.exe FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\yhbdupd.dll FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\lauryn\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\lauryn\FAVORI~1

C:\DOCUME~1\lauryn\FAVORI~1\Antivirus Test Online.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}"="alongshore"

[HKEY_CLASSES_ROOT\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{aea3d2df-2b2c-4d7b-81a0-d975c6dc088e}\InProcServer32]
@="C:\WINDOWS\system32\yhbdupd.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

locadelic
2006-06-03, 05:45
Ewido log (in 2 parts, sorry!)



---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 9:47:47 PM, 6/2/2006
+ Report-Checksum: 764E55F1

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Surf SideKick -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup
:mozilla.9:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.10:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.11:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.13:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.17:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.18:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.39:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.40:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.41:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.46:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned with backup
:mozilla.47:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Kmpads : Cleaned with backup
:mozilla.49:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.50:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.51:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.52:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.53:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.54:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.55:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.56:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.57:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.58:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.59:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.60:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.61:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.62:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.66:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.67:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.72:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.74:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.76:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.77:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.78:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.84:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.86:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.90:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.91:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.92:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.93:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.94:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.95:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.96:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.97:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.98:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.99:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.100:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.101:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.102:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.103:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.104:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.105:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.106:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.107:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.108:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.110:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.112:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.113:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.114:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.115:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.116:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.117:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.118:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.119:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.120:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.121:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.122:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.123:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.124:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.125:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.126:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.127:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.128:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.129:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.130:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.131:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.132:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.133:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.134:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.135:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.136:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.138:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.139:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.142:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.171:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.172:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.173:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.174:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.175:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.176:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.177:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.178:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.179:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.180:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.199:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.200:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.201:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.202:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.203:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.204:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.205:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.206:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.207:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.213:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.214:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.215:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.216:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.217:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.239:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.240:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.243:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.244:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.245:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.246:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup

locadelic
2006-06-03, 05:45
Ewido part 2:



:mozilla.247:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.248:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned with backup
:mozilla.268:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.269:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.270:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.271:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.272:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.287:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.293:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.294:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.295:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.296:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.302:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.303:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.312:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.313:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.314:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.315:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.316:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.317:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.318:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.319:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.320:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.321:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.322:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.323:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.324:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.325:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.326:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.327:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.328:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.329:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.330:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.331:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.332:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.333:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.336:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.337:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.338:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.339:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.343:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.345:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.346:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.355:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.356:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.384:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.386:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.387:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.388:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.409:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.434:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.435:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.436:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.437:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.471:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.477:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.499:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.514:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.516:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.517:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.518:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.519:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.525:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.526:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.529:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.530:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.554:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.599:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.621:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.622:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.628:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.629:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.632:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.633:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.634:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.635:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.644:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned with backup
:mozilla.645:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned with backup
:mozilla.662:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.686:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.688:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.689:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.710:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.715:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.716:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.717:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.737:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.754:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.755:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.756:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.757:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.765:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.766:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.790:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.791:C:\Documents and Settings\lauryn\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\lauryn\Local Settings\Application Data\Mozilla\Firefox\Profiles\4lrfihbu.default\Cache\D536F5C8d01 -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned with backup
C:\WINDOWS\system32\system32dll.007 -> Not-A-Virus.Monitor.Win32.Ardamax.24 : Cleaned with backup
C:\WINDOWS\YAXUninst.exe -> Adware.MediaTickets : Cleaned with backup
F:\backup\installs\Appz\Messengers\MsgPlus-301.exe/sponsor.exe -> Downloader.Swizzor.ag : Cleaned with backup


::Report End

locadelic
2006-06-03, 05:46
HJT Log:



Logfile of HijackThis v1.99.1
Scan saved at 10:23:53 PM, on 6/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\appz\msnplus\MsgPlus.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\AOL\1146247897\ee\AOLSoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Plaxo\2.5.10.21\PlaxoHelper.exe
C:\DOCUME~1\lauryn\APPLIC~1\CURITY~1\regsvr32.exe
C:\WINDOWS\PPPATC~1\NPDB~1.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\appz\firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R3 - URLSearchHook: (no name) - _{CFCFA124-3599-6160-EA1E-490130B876B3} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp (file missing)
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MessengerPlus3] "D:\appz\msnplus\MsgPlus.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\appz\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1146247897\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [DAEMON Tools] "D:\appz\daemon tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.5.10.21\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [Auea] "C:\DOCUME~1\lauryn\APPLIC~1\CURITY~1\regsvr32.exe" -vt yax
O4 - HKCU\..\Run: [Mjgf] C:\WINDOWS\PPPATC~1\NPDB~1.EXE
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: LimeWire On Startup.lnk = D:\appz\limewire\LimeWire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\appz\acrobat\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\appz\office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\appz\office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\appz\yahoo\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\appz\yahoo\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECE97EA8-4583-48ED-8A9E-1B42F9B97BA7}: NameServer = 66.163.0.161,66.163.0.173
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: repairs303169590.dll,cmd.dll
O20 - Winlogon Notify: Explorer - C:\WINDOWS\system32\dnmclien.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)

locadelic
2006-06-03, 20:12
Guys, please... i really need help with this. I can't use my windows partition until this stuff is gone and i really, really don't want to reinstall :(

HELP!! :( :( :(

LonnyRJones
2006-06-07, 19:22
Hi locadelic
Run Smithfraudfix option 2 then a Ewido full scan while your pc is in safe mode
Reboot back to a normal (none safe mode) session and post the smithfraudfix report and a new hijackthis log.

tashi
2006-06-14, 07:33
How is it going locadelic.

tashi
2006-06-20, 00:39
This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a pm and provide a link to the thread.

Applies only to the original topic starter.