-
Alright, it might be fixed this time. Please check these.
Alright, I followed the 4 steps, and got the following:
Logfile of HijackThis v1.99.1
Scan saved at 5:39:10 PM, on 7/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ishost.exe
C:\WINDOWS\system32\isnotify.exe
C:\WINDOWS\system32\issearch.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ismon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dacc7f24.exe
C:\WINDOWS\system32\SSTEM~1\smss.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\s?curity\m?hta.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theninhotline.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cust...//my.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=w...TkiQ76jMTJmewA
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn3\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {53829F91-1B06-4DB9-B13E-812A986169F9} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn3\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: CouponBar - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\WINDOWS\CouponBarIE.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [dacc7f24.exe] C:\WINDOWS\system32\dacc7f24.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Notn] "C:\WINDOWS\system32\SSTEM~1\smss.exe" -vt yazr
O4 - HKCU\..\Run: [dacc7f24.exe] C:\Documents and Settings\judee and ben\Local Settings\Application Data\dacc7f24.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Crvosgg] C:\Program Files\s?curity\m?hta.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm006YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Arkadium - {A442DE97-7F7F-4265-A813-4E5D81C83EFE} - C:\Program Files\ArkadiumV2\arkadium.exe
O9 - Extra 'Tools' menuitem: Arkadium - {A442DE97-7F7F-4265-A813-4E5D81C83EFE} - C:\Program Files\ArkadiumV2\arkadium.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comca...mLauncher2.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...games_live.cab
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_3us.cab
O16 - DPF: {CDAA0214-3907-4C47-A3F6-014DA1517440} (ArkDownloader Class) - http://www.gamedek.com/download/arkDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/bej...ploader_v6.cab
O16 - DPF: {EF98AF7B-1F54-4079-91BC-3996DEABA45A} (Sinstaller Class) - http://www.cursorcafe.com/app_cc/bin/cursorcafe.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\iexplore.dll
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\Documents and Settings\Melissa\Application Data\Microsoft\Media Player.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
I'll post the other log in the next post.
I'd also like to note that pop-ups keep appearing, and they seem to be from some "Outerinfo" company. Also, my IE has been entirely taken over.
Any and all help is very much appreciated.
-
And here is the virus scan log:
Incident Status Location
Adware:Adware/PurityScan Not disinfected c:\windows\system32\sstem~1\smss.exe
Adware:Adware/SystemDoctor Not disinfected c:\windows\system32\dacc7f24.exe
Dialer:Dialer.EHF Not disinfected C:\WINDOWS\TEMP\win55D.tmp.exe
Adware:Adware/SystemDoctor Not disinfected C:\WINDOWS\system32\isnotify.exe
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\fccabby.dll
Adware:Adware/SuperSpider Not disinfected C:\WINDOWS\system32\wineak32.dll
Adware:Adware/PurityScan Not disinfected C:\WINDOWS\system32\iexplore.dll
Adware:adware/mediatickets Not disinfected C:\WINDOWS\system32\oins.exe
Potentially unwanted tool:application/mywebsearch Not disinfected c:\windows\system32\f3PSSavr.scr
Adware:adware/securityerror Not disinfected c:\windows\system32\ot.ico
Potentially unwanted tool:application/funweb Not disinfected c:\windows\downloaded program files\f3initialsetup1.0.0.15.inf
Dialer:dialer.avv Not disinfected c:\windows\downloaded program files\gdnUS2339.exe
Adware:adware/emediacodec Not disinfected c:\documents and settings\all users\desktop\Online Security Guide.url
Spyware:spyware/betterinet Not disinfected c:\windows\inf\biini.inf
Adware:adware/ieplugin Not disinfected c:\windows\kwv2.dat
Spyware:spyware/new.net Not disinfected c:\windows\NDNuninstall7_14.exe
Adware:adware/dropspam Not disinfected c:\program files\dslifestyle
Potentially unwanted tool:application/myway Not disinfected c:\program files\MyWay
Adware:adware/webhancer Not disinfected c:\program files\whInstall
Spyware:spyware/searchcentrix Not disinfected Windows Registry
Spyware:spyware/sysren Not disinfected Windows Registry
Spyware:spyware/virtumonde Not disinfected Windows Registry
Potentially unwanted tool:application/altnet Not disinfected hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM
Adware:adware/yazzle Not disinfected Windows Registry
Adware:adware/otx Not disinfected Windows Registry
Adware:adware/comet Not disinfected Windows Registry
Adware:Adware/FlashTrack Not disinfected C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20050926220802.zip[Program Files/xml/xclean.exe]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.atdmt.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.advertising.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Angela\Application
Ok, it's still too big, so I'll post the second half in the next post....
-
Here you go, and sorry if there was an easier way to do this:
Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.mediaplex.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.serving-sys.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.realmedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.realmedia.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.fastclick.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.zedo.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Peel Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.peel.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.atwola.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.2o7.net/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt[.adrevolver.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Angela\Cookies\angela@ad.yieldmanager[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Angela\Cookies\angela@atwola[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Angela\Cookies\angela@belnk[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Angela\Cookies\angela@cgi-bin[2].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Angela\Cookies\angela@com[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Angela\Cookies\angela@dist.belnk[2].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Angela\Cookies\angela@entrepreneur[1].txt
Spyware:Cookie/Malwarewipe Not disinfected C:\Documents and Settings\Angela\Cookies\angela@malwarewipe[1].txt
Adware:Adware/SystemDoctor Not disinfected C:\Documents and Settings\Angela\Local Settings\Application Data\dacc7f24.exe
Adware:Adware/SystemDoctor Not disinfected C:\Documents and Settings\Angela\Local Settings\Temp\h91746.exe
Last edited by tashi; 2006-07-20 at 00:21.
Reason: Topic moved from Spybot forum (no hjt logs)
-
Alright, it might be fixed this time. Please check these.
I ran across another topic which dealt with the same problem I had. I used the method stated, and everything seems to be fine...except that Ewido seems to just have "quarantined" some trojans...does that mean they're not actually deleted off of my comp.? Anyhow, here's the logfiles I got.
SmitFraudFix v2.74
Scan done at 2:41:16.17, Thu 07/20/2006
Run from C:\Documents and Settings\judee and ben\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"cinnamomum"="{93ac7c30-3878-4eaa-9420-7977285df5b1}"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\system32\pmnqguh.dll ->
C:\WINDOWS\system32\pmnqguh.dll -> Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\.protected Deleted
C:\WINDOWS\system32\ishost.exe Deleted
C:\WINDOWS\system32\ismon.exe Deleted
C:\WINDOWS\system32\isnotify.exe Deleted
C:\WINDOWS\system32\issearch.exe Deleted
C:\WINDOWS\system32\ixt?.dll Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\components\flx?.dll Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\Desktop\Security Troubleshooting.url Deleted
C:\DOCUME~1\JUDEEA~1\FAVORI~1\Antivirus Test Online.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\.protected Deleted
C:\Program Files\SpyQuake2.com\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
-
Here's another:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 4:29:42 AM 7/20/2006
+ Scan result:
C:\Documents and Settings\Melissa\Local Settings\Temp\Del44.tmp -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\Quarantine\20050926220802.zip/Program Files/xml/xclean.exe -> Adware.Broadcap : Cleaned with backup (quarantined).
C:\Program Files\CursorCafe\installer\bin\CursorCafeInst.dll -> Adware.Comet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{5BED3930-2E9E-76D8-BACC-80DF2188D455} -> Adware.CouponBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5BED3930-2E9E-76D8-BACC-80DF2188D455} -> Adware.CouponBar : Cleaned with backup (quarantined).
HKU\S-1-5-21-2310621878-3382072319-4052748696-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5BED3930-2E9E-76D8-BACC-80DF2188D455} -> Adware.CouponBar : Cleaned with backup (quarantined).
C:\WINDOWS\CouponBarIE.dll -> Adware.Coupons : Cleaned with backup (quarantined).
C:\WINDOWS\cpbrkpie.ocx -> Adware.Coupons : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-2310621878-3382072319-4052748696-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} -> Adware.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Local Settings\Temporary Internet Files\Content.IE5\8LIROXUJ\util[1].js -> Adware.MediaMotor : Cleaned with backup (quarantined).
C:\Program Files\NewDotNet(2)\newdotnet6_98(2).dll -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\WINDOWS\system32\iexplore.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\WINDOWS\Аdobe\wоwexec.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
[1264] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[212] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[264] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[276] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[444] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[520] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[572] C:\WINDOWS\system32\scanregw.dll -> Adware.PurityScan : Error during cleaning.
[720] C:\WINDOWS\system32\iexplore.dll -> Adware.PurityScan : Error during cleaning.
C:\Documents and Settings\Angela\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\BrowserSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\BrowserSearch\BrowserSearch.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ErrorSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Games -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Games\GamesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Games\GamesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Layouts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Layouts\PreferencesLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Layouts\PreferencesLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Layouts\ToolbarLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Layouts\ToolbarLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Manager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Manager\ManagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Manager\ManagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Movies -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Movies\MoviesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Movies\MoviesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Reference -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Reference\ReferenceOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Reference\ReferenceOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\RelatedSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Screensavers -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ScreensaversMarketingSitePager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Screensavers\ScreensaversOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Screensavers\ScreensaversOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchAssistPlus -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchMatch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchMatch\SearchMatchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\SearchMatch\searchMatchPages -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Toolbar -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarLogo -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Toolbar\TBProductsOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\TravelSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\TravelSearch\TravelSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Weather -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Weather\AlertArchive.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Weather\WeatherOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Starware\Weather\WeatherOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\BrowserSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\BrowserSearch\BrowserSearch.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ErrorSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Games -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Games\GamesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Games\GamesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Layouts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Layouts\PreferencesLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Layouts\PreferencesLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Layouts\ToolbarLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Layouts\ToolbarLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Manager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Manager\ManagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Manager\ManagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Movies -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Movies\MoviesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Movies\MoviesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Reference -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Reference\ReferenceOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Reference\ReferenceOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\RelatedSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Screensavers -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ScreensaversMarketingSitePager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Screensavers\ScreensaversOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Screensavers\ScreensaversOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchAssistPlus -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchMatch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchMatch\SearchMatchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\SearchMatch\searchMatchPages -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Toolbar -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarLogo -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Toolbar\TBProductsOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\TravelSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\TravelSearch\TravelSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Weather -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Weather\AlertArchive.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Weather\WeatherOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Application Data\Starware\Weather\WeatherOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
-
And more:
C:\Documents and Settings\Molly\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\BrowserSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\BrowserSearch\BrowserSearch.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ErrorSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Games -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Games\GamesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Games\GamesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Layouts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Layouts\PreferencesLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Layouts\PreferencesLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Layouts\ToolbarLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Layouts\ToolbarLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Manager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Manager\ManagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Manager\ManagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Movies -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Movies\MoviesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Movies\MoviesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Reference -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Reference\ReferenceOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Reference\ReferenceOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\RelatedSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Screensavers -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ScreensaversMarketingSitePager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Screensavers\ScreensaversOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Screensavers\ScreensaversOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchAssistPlus -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchAssistPlus\SearchAssistPlusOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchMatch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchMatch\SearchMatchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\SearchMatch\searchMatchPages -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Toolbar -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarLogo -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Toolbar\TBProductsOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\TravelSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\TravelSearch\TravelSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Weather -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Weather\AlertArchive.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Weather\WeatherOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Molly\Application Data\Starware\Weather\WeatherOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Downloads\AcropolisSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Downloads\BarnyardInvasionSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Downloads\EggVsChickenSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Downloads\FamilyFeudSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\Downloads\TumblebugsSetup-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\WINDOWS\system32\fccabby.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\WINDOWS\system32\gebcc.dll -> Adware.Virtumonde : Cleaned with backup (quarantined).
C:\Program Files\whInstall -> Adware.Webhancer : Cleaned with backup (quarantined).
C:\Program Files\whInstall\license.txt -> Adware.Webhancer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\Program Files\Netscape\Netscape\plugins\npclntax.dll -> Adware.Zango : Cleaned with backup (quarantined).
C:\Documents and Settings\judee and ben\Application Data\Міcrosoft.NET\regedit.exe -> Downloader.PurityScan.co : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\!update.exe -> Downloader.PurityScan.co : Cleaned with backup (quarantined).
C:\Documents and Settings\judee and ben\Shared\microsoft_office_2003_standard_2003_keygen.exe -> Dropper.Agent.arv : Cleaned with backup (quarantined).
C:\WINDOWS\system32\oins.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Angela\Application Data\Microsoft\HTML Help.dll -> Not-A-Virus.Hoax.Win32.Renos.dw : Ignored.
:mozilla.104:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.15:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.16:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.17:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.18:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.42:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.43:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.45:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@entrepreneur.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@meetupcom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
-
And more:
:mozilla.109:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.110:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.111:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.112:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.120:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.121:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.122:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.123:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.124:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.19:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.20:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.22:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.24:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.30:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.38:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.17:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.32:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@install.bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.6:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.7:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.80:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.81:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.82:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.83:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.84:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.85:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.87:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.8:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.9:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.30:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.34:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.58:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wfkoemdjegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wflikgcjghq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wflokkcjcbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wgk4qpd5aco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wglicjajobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6whkikod5efp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjkognd5kko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjkygid5klo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjkykpajcbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjkyuidjklo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjl4whdpsdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjliggcjmcp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjlisid5ego.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjlyehazelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjmiehd5sdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjmyaic5ekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjmyqnajefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@e-2dj6wjnyajdpkgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.76:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.77:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.78:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.79:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@tracking.g3x[1].txt -> TrackingCookie.G3x : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.114:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@hypertracker[1].txt -> TrackingCookie.Hypertracker : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.47:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.54:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.55:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@data1.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@data3.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@data4.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.20:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.21:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.22:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.95:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.96:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.97:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.31:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.36:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.39:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.56:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.57:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.70:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.71:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.72:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.48:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.53:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.60:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.61:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.62:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.63:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.86:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.88:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.89:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@adopt.specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@h.starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@try.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@www.starware[1].txt -> TrackingCookie.Starware : Cleaned.
:mozilla.54:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.55:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.59:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.43:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.44:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.45:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.46:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.47:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.48:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
-
And more:
:mozilla.49:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.51:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.90:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.91:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.92:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.93:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.94:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.95:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.96:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.97:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.98:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.100:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.52:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.52:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.53:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.99:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.10:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.11:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.12:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.17:C:\Documents and Settings\Melissa\Application Data\Mozilla\Profiles\default\al4pwq20.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.69:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.71:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.72:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.73:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.74:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Angela\Cookies\angela@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Melissa\Cookies\melissa@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Molly\Cookies\molly@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.102:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.103:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.104:C:\Documents and Settings\judee and ben\Application Data\Mozilla\Profiles\default\cstgpcwk.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.88:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.89:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.90:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.91:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.92:C:\Documents and Settings\Angela\Application Data\Mozilla\Profiles\default\0ft7vir8.slt\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Angela\Local Settings\Temporary Internet Files\Content.IE5\YLGVUPU5\bgates[1].exe -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\Documents and Settings\Melissa\Local Settings\Temporary Internet Files\Content.IE5\G1Y7SPQV\bgates[1].exe -> Trojan.Dialer.pz : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win55D.tmp.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win574.tmp.exe -> Trojan.Dialer.u : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win53C.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\win553.tmp.exe -> Trojan.Pakes : Cleaned with backup (quarantined).
C:\WINDOWS\system32\sуstem\smss.exe -> Trojan.PurityAd : Cleaned with backup (quarantined).
::Report end
-
Seems like this is going to go on forever:
Logfile of HijackThis v1.99.1
Scan saved at 5:08:25 AM, on 7/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
c:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\wanmpsvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dacc7f24.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\s?curity\m?hta.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
C:\WINDOWS\system32\cidaemon.exe
C:\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn3\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {53829F91-1B06-4DB9-B13E-812A986169F9} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\companion\Installs\cpn3\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [dacc7f24.exe] C:\WINDOWS\system32\dacc7f24.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [dacc7f24.exe] C:\Documents and Settings\judee and ben\Local Settings\Application Data\dacc7f24.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Crvosgg] C:\Program Files\s?curity\m?hta.exe
O4 - Global Startup: palstart.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZNxdm006YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Arkadium - {A442DE97-7F7F-4265-A813-4E5D81C83EFE} - C:\Program Files\ArkadiumV2\arkadium.exe
O9 - Extra 'Tools' menuitem: Arkadium - {A442DE97-7F7F-4265-A813-4E5D81C83EFE} - C:\Program Files\ArkadiumV2\arkadium.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} - http://survey.otxresearch.com/Preloader.dll
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {416792D8-F532-493A-BECC-1C99A1501FF9} (vmLaunch Class) - http://media2.comcast.net/anon.comca...mLauncher2.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4E7BD74F-2B8D-469E-DEFA-EB76B1D5FA7D} - http://lovefreegames.aavalue.com/LFG...games_live.cab
O16 - DPF: {5695786C-A32E-1DE2-9310-686B6AB41475} - http://85.255.113.214/1/gdnUS2339.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - http://yax-download.yazzle.net/Yazzl...cab?refid=1123
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {A82C3A33-5C0E-466C-B020-71585433A7E4} (PhxStudent.OeSetup15) - https://mycampus.phoenix.edu/secure/PhxStudent15.CAB
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_3us.cab
O16 - DPF: {CDAA0214-3907-4C47-A3F6-014DA1517440} (ArkDownloader Class) - http://www.gamedek.com/download/arkDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/bej...ploader_v6.cab
O16 - DPF: {EF98AF7B-1F54-4079-91BC-3996DEABA45A} (Sinstaller Class) - http://www.cursorcafe.com/app_cc/bin/cursorcafe.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\WINDOWS\system32\iexplore.dll C:\WINDOWS\system32\scanregw.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
-
In Memoriam -Always in our heart
Hello and welcome to the forum. If you still need help and are not receiving it elsewhere, you have a Smitfraud infection. There is other junk also, but let's start with that infection. You may find this information interesting if you wish to join in efforts to stop these lowlifes:
If you have been infected by one of the SpyAxe family
http://forums.tomcoyote.org/index.php?showtopic=58063
http://www.malwarecomplaints.info/
Please follow the directions in this link: http://forums.spybot.info/showthread.php?t=4015 When you complete the instructions, post the results of these logs:
Copy/paste into this same topic.
c:\rapport.txt
Ewido log
The HJT log
I will be notified and respond as soon as possible after that to see what more we have to do.
Thanks...pskelley
Safer Networking Forums
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
