PDA

View Full Version : Trojans



matttheposer
2006-06-04, 21:09
Logfile of HijackThis v1.99.1
Scan saved at 1:05:17 PM, on 6/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\wmiapsv.exe
C:\Program Files\WUSB11 WLAN Monitor\WLService.exe
C:\Program Files\WUSB11 WLAN Monitor\WUSB11B.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\thiselt.exe
C:\WINDOWS\ms035313545-26.exe
C:\WINDOWS\system32\twinsqez.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\twinsqez.exe
C:\Documents and Settings\matt\Desktop\poo\HijackThis.exe

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,cfiyiys.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [pop06apelt] C:\WINDOWS\thiselt.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ms035313545-26] C:\WINDOWS\ms035313545-26.exe
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [arpixr] C:\WINDOWS\system32\bakqxt.exe reg_run
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\twinsqez.exe GID003
O4 - HKLM\..\Run: [newname] C:\\newname25.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Reboot.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\twinsqez.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.mmohsix.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {5526B4C6-63D6-41A1-9783-0FABF529859A} (mm06ocx.mm06ocxf) - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1041444010593
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147288948046
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15021/CTPID.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Microsoft Performance WMI Adapter AddOn (WMIPervAddOn) - Unknown owner - C:\WINDOWS\wmiapsv.exe
O23 - Service: WUSB28SVC - Unknown owner - C:\Program Files\WUSB11 WLAN Monitor\WLService.exe" "WUSB11B.exe (file missing)

matttheposer
2006-06-04, 21:12
Incident Status Location

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\LocalService\Cookies\system@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\LocalService\Cookies\system@adopt.hbmediapro[2].txt
Spyware:Cookie/nCase Not disinfected C:\Documents and Settings\LocalService\Cookies\system@banners.searchingbooth[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\LocalService\Cookies\system@bluestreak[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\LocalService\Cookies\system@realmedia[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\LocalService\Cookies\system@zedo[1].txt
Spyware:Spyware/SurfSideKick Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\102[1].avi
Adware:Adware/Sqwire Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\103[1].avi
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\Installer[1].exe
Adware:Adware/NewAds Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\maxidr[1].avi
Adware:Adware/NewAds Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\maxidr[2].avi
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\rmtag3[1].js
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\rmtag3[2].js
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\rmtag3[3].js
Spyware:Spyware/Media-motor Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\85CZOH09\thiselt[1].exe
Spyware:Spyware/SurfSideKick Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\102[1].avi
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\115[1].avi
Adware:Adware/NewAds Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\msninstaller2[1].zip[mc-110-12-0000488.exe]
Spyware:Spyware/New.net Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\NNSCAA638[1].EXE
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\rmtag3[1].js
Adware:Adware/DigInk Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\Tagasuarus2[1].exe
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][svchostsys.exe]
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][sysstall.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][webhc1.exe][webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\87ATA3E9\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whiehlpr.dll]
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\117[1].avi
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\876057[1].exe
Spyware:Spyware/LinkReplacer Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\gkyukar[1].cab[nr1rnqm8.exe]
Adware:Adware/NewAds Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\mc-110-12-0000228[1].exe
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\rmtag3[1].js
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\rmtag3[2].js
Adware:Adware/Mirar Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I3OXKTCN\WinATS[1].cab[WinATS.dll]
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\!update-3895[1].0000
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\111[1].avi
Adware:Adware/YazzleSudoku Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\116[1].avi
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\117[1].avi
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\119[1].avi
Adware:Adware/NewAds Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\comhost[1].zip[mc-110-12-0000488.exe]
Adware:Adware/DollarRevenue Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\comhost[1].zip[msnupdate.exe]
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\rmtag3[1].js
Adware:Adware/Zenosearch Not disinfected C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\MT2XMP6J\ZIGID003[1].exe
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\matt\Cookies\matt@112.2o7[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\matt\Cookies\matt@2o7[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\matt\Cookies\matt@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\matt\Cookies\matt@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\matt\Cookies\matt@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\matt\Cookies\matt@adopt.hbmediapro[2].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\matt\Cookies\matt@apmebf[2].txt

matttheposer
2006-06-04, 21:12
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\matt\Cookies\matt@atwola[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\matt\Cookies\matt@burstnet[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\matt\Cookies\matt@cassava[1].txt
Spyware:Cookie/Kmpads Not disinfected C:\Documents and Settings\matt\Cookies\matt@kmpads[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\matt\Cookies\matt@microsofteup.112.2o7[1].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\matt\Cookies\matt@qksrv[2].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\matt\Cookies\matt@revenue[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\matt\Cookies\matt@server.iad.liveperson[2].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\matt\Cookies\matt@www.affiliatefuel[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\matt\Cookies\matt@www.burstbeacon[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\matt\Cookies\matt@zedo[2].txt
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\temp.fr5645\Programs\webhdll.dll_tobedeleted_tobedeleted
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[svchostsys.exe]
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[sysstall.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[webhc1.exe][whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[webhc1.exe][whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[webhc1.exe][whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[webhc1.exe][webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temp\webhclick.exe[webhc1.exe][whiehlpr.dll]
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\81QJKHQB\rmtag3[1].js
Adware:Adware/YieldManager Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\rmtag3[1].js
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][svchostsys.exe]
Virus:Trj/Clicker.QE Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][sysstall.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][webhc1.exe][webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Content.IE5\L7F5B13W\WebHClick1[1].exe[webhclick.exe][webhc1.exe][whiehlpr.dll]
Spyware:spyware/surfsidekick Not disinfected C:\Documents and Settings\matt\Local Settings\Temporary Internet Files\Ssk.log
Adware:adware/zenosearch Not disinfected C:\Documents and Settings\matt\Start Menu\Programs\Startup\Zeno.lnk
Adware:adware/dollarrevenue Not disinfected C:\keyboard25.exe
Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\mc-110-12-0000228.exe
Adware:Adware/WebHancer Not disinfected C:\Program Files\Common Files\misc001\webhc1.exe[whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\Program Files\Common Files\misc001\webhc1.exe[whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\Program Files\Common Files\misc001\webhc1.exe[whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\Program Files\Common Files\misc001\webhc1.exe[webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\Program Files\Common Files\misc001\webhc1.exe[whiehlpr.dll]
Adware:Adware/Maxifiles Not disinfected C:\Program Files\Common Files\services.exe
Virus:Trj/Clicker.QE Disinfected C:\Program Files\Common Files\simtest\sysstall.exe
Virus:Trj/Clicker.QE Disinfected C:\Program Files\Common Files\svchostsys\svchostsys.exe

matttheposer
2006-06-04, 21:13
Adware:Adware/Maxifiles Not disinfected C:\Program Files\DNS\cwebpage.dll
Adware:Adware/NewAds Not disinfected C:\Program Files\MSN Messenger\nudge.exe
Adware:Adware/NewAds Not disinfected C:\Program Files\Windows\WinUpdate.exe
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc108.exe[whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc108.exe[whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc108.exe[webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc108.exe[whiehlpr.dll]
Virus:Trj/Clicker.QE Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[svchostsys.exe]
Virus:Trj/Clicker.QE Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[sysstall.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[webhc1.exe][whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[webhc1.exe][whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[webhc1.exe][whSurvey.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[webhc1.exe][webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc114.exe[webhc1.exe][whiehlpr.dll]
Adware:Adware/nCase Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc138.com
Spyware:Spyware/LinkReplacer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc141.tmp[nr1rnqm8.exe]
Spyware:Spyware/SurfSideKick Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc142.tmp
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc150\matt@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc150\matt@adopt.hbmediapro[2].txt
Adware:Adware/Maxifiles Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc154\ipwins.exe
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc156\rmtag3[2].js
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc158\rmtag3[2].js
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc158\rmtag3[3].js
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc162\rmtag3[1].js
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc164\whCC-webhancer[1].exe[whAgent.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc164\whCC-webhancer[1].exe[whInstaller.exe]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc164\whCC-webhancer[1].exe[webhdll.dll]
Adware:Adware/WebHancer Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc164\whCC-webhancer[1].exe[whiehlpr.dll]
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc167\rmtag3[1].js
Adware:Adware/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc171\rmtag3[2].js
Adware:Adware/nCase Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc172\AppWrap[1].exe
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc42\matt@ad.yieldmanager[2].txt
Spyware:Cookie/Com.com Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc42\matt@com[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\RECYCLER\S-1-5-21-2025429265-1844823847-725345543-1004\Dc42\matt@stats1.reliablestats[2].txt

matttheposer
2006-06-04, 21:13
Adware:Adware/Look2Me Not disinfected C:\warebundle.exe
Adware:Adware/nCase Not disinfected C:\WINDOWS\icont.exe
Adware:Adware/NewAds Not disinfected C:\WINDOWS\mc-110-12-0000488.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\ms035313545-26.exe
Spyware:Spyware/New.net Not disinfected C:\WINDOWS\NDNuninstall7_22.exe
Adware:adware/popper Not disinfected C:\WINDOWS\offun.exe
Virus:Trj/Downloader.HPZ Not disinfected C:\WINDOWS\pf78.exe[pms111x.exe]
Virus:Trj/VB.MC Not disinfected C:\WINDOWS\pf78.exe[SYSC00.exe]
Adware:Adware/FCHelp Not disinfected C:\WINDOWS\srvwzhcmlx.exe[PECarlin.exe]
Spyware:Spyware/SurfSideKick Not disinfected C:\WINDOWS\system32\bk.exe
Adware:Adware/Zenosearch Not disinfected C:\WINDOWS\system32\prdsregk.exe
Adware:Adware/NewAds Not disinfected C:\WINDOWS\system32\removefunc.ram[mc-110-12-0000488.exe]
Adware:Adware/DollarRevenue Not disinfected C:\WINDOWS\system32\removefunc.ram[msnupdate.exe]
Spyware:Spyware/MarketScore Not disinfected C:\WINDOWS\system32\rk.bin
Potentially unwanted tool:Application/Restart Not disinfected C:\WINDOWS\system32\Tools\Restart.exe
Adware:Adware/Deskwizz Not disinfected C:\WINDOWS\system32\VSL03.exe[VSL.dl_]
Adware:Adware/Deskwizz Not disinfected C:\WINDOWS\system32\VSL03.exe[auxe.exe]
Adware:Adware/Deskwizz Not disinfected C:\WINDOWS\system32\VSL05.exe[VSL.dl_]
Adware:Adware/Deskwizz Not disinfected C:\WINDOWS\system32\VSL05.exe[auxe.exe]
Adware:Adware/Zenosearch Not disinfected C:\WINDOWS\system32\ZICORN003.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\Tagasuarus2.exe
Spyware:Spyware/Media-motor Not disinfected C:\WINDOWS\thiselt.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\unin101.exe
Adware:Adware/DigInk Not disinfected C:\WINDOWS\uni_ehhh.exe
Adware:Adware/Webdir Not disinfected C:\WINDOWS\VirtualDNS.dll

matttheposer
2006-06-04, 21:18
I got this problem from AIM, I was not thinking when I clicked on it. Right after clicking on it i knew exactlly what it was it, something I didn't want. It removed my windows security center from my desktop, I can no longer even activate my Windows Firewall. I also get pop-ups ever few minutes. This is my first time posting on here so if I messed up on my post point it out I can try to fix it. Thanks

tashi
2006-06-09, 16:43
Hello and sorry for the wait.
If you are still in need of assistance please go here and post a link back to this topic to flag a helper.

If you have waited four days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836)

LonnyRJones
2006-06-10, 05:40
Welcome matttheposer
If your not recieving help at another forum ? post back with a fresh hijackthis log please.

tashi
2006-06-16, 02:20
This topic has been closed to prevent others with similar issues posting in it.
If you need it re-opened please send me or your helper a pm and provide a link to the thread.

Applies only to the original topic starter.