Results 1 to 8 of 8

Thread: Win32 Malware Removal

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Dec 2010
    Posts
    4

    Default Win32 Malware Removal

    Hi guys,
    I just scanned with spybot search & destroy and it found win32 porn/popup threat. I fixed the selected problems but it still finds it. It also finds other entries due to 'goole chrome cookies' Malwarebytes or MRT does not find any threats. I dont get why only spybot finds it, how do i remove it?

    Thanks, Danny.

    Spybot:

    Win32.AutoRun.tmp: [SBI $751B1850] Settings (Registry value, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman

    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Statcounter: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    WebTrends live: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2010-08-08 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2010-06-29 Includes\Adware.sbi (*)
    2010-11-30 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2010-09-22 Includes\Dialer.sbi (*)
    2010-11-30 Includes\DialerC.sbi (*)
    2010-01-25 Includes\HeavyDuty.sbi (*)
    2010-11-30 Includes\Hijackers.sbi (*)
    2010-11-30 Includes\HijackersC.sbi (*)
    2010-09-15 Includes\iPhone.sbi (*)
    2010-08-02 Includes\Keyloggers.sbi (*)
    2010-11-30 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2010-09-13 Includes\Malware.sbi (*)
    2010-12-01 Includes\MalwareC.sbi (*)
    2010-05-18 Includes\PUPS.sbi (*)
    2010-10-12 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2010-11-30 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2010-06-29 Includes\Spyware.sbi (*)
    2010-11-30 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-11-02 Includes\Trojans.sbi (*)
    2010-11-30 Includes\TrojansC-02.sbi (*)
    2010-11-30 Includes\TrojansC-03.sbi (*)
    2010-11-30 Includes\TrojansC-04.sbi (*)
    2010-11-30 Includes\TrojansC-05.sbi (*)
    2010-11-30 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll


    DDS:



    DDS (Ver_10-12-05.01) - NTFSx86
    Run by Agustus08 at 13:07:00.47 on 06/12/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.1024.310 [GMT 0:00]

    SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\svchost.exe -k Akamai
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Windows\System32\rundll32.exe
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    C:\Users\Agustus08\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
    C:\Windows\system32\FsUsbExService.Exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Agustus08\Downloads\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.aol.com/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    uRun: [Google Update] "c:\users\agustus08\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [EPSON S21 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifae.exe /fu "c:\windows\temp\E_S3EB.tmp" /EF "HKCU"
    uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [NPSStartup]
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\users\agustu~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
    R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-9 238952]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-8-8 1153368]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-9 36608]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-9-11 27632]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2010-9-10 30312]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-9-11 13224]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-9-10 98432]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-9-10 14848]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-9-10 123648]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2010-9-10 96488]
    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2010-9-10 12776]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2010-9-10 121576]
    S3 WatAdminSvc;WatAdminSvc;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-6 1343400]

    =============== Created Last 30 ================

    2010-12-04 22:03:10 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{a2a34a01-74e7-4bd1-a273-55b5784b2b91}\mpengine.dll
    2010-12-01 19:26:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-01 19:26:15 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-01 17:38:47 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2010-12-01 15:42:17 -------- d-----w- c:\program files\common files\Adobe Systems Shared
    2010-11-30 17:06:56 -------- d-----w- c:\program files\Microsoft Security Essentials
    2010-11-30 16:28:40 -------- d-----w- c:\users\agustu~1\appdata\roaming\Malwarebytes
    2010-11-30 16:28:29 -------- d-----w- c:\progra~2\Malwarebytes
    2010-11-30 16:28:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-30 06:58:29 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6079ed3e-c590-456d-a24e-a7dc2c765c8b}\mpengine.dll
    2010-11-25 19:17:30 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

    ==================== Find3M ====================

    2010-12-01 15:37:42 87608 ----a-w- c:\users\agustu~1\appdata\roaming\inst.exe
    2010-12-01 15:37:42 47360 ----a-w- c:\users\agustu~1\appdata\roaming\pcouffin.sys
    2010-10-22 11:43:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2010-10-22 11:43:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-09-15 03:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-09-11 19:41:47 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
    2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
    2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
    2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb

    ============= FINISH: 13:11:06.60 ===============

    Could this be placed in the waiting room please?
    ---------------------------------------
    Last edited by tashi; 2010-12-08 at 17:52. Reason: Merged posts

  2. #2
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    If help still needed post fresh dds logs. Also, update Spybot and post back its report.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  3. #3
    Junior Member
    Join Date
    Dec 2010
    Posts
    4

    Default

    Hi, thanks for the reply.

    Help is still needed, spybot is still finding alot of malware after mulitple scans.

    DDS:


    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Agustus08 at 10:09:20.06 on 16/12/2010
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.1024.339 [GMT 0:00]

    AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
    SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k Akamai
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
    C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
    C:\Windows\system32\FsUsbExService.Exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\SOUNDMAN.EXE
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\Users\Agustus08\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
    C:\Users\Agustus08\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\Windows Media Player\wmprph.exe
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\AUDIODG.EXE
    C:\Users\Agustus08\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Agustus08\Downloads\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.aol.com/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
    uRun: [Google Update] "c:\users\agustus08\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [EPSON S21 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifae.exe /fu "c:\windows\temp\E_S3EB.tmp" /EF "HKCU"
    uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
    uRun: [ares] "c:\program files\ares\Ares.exe" -h
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [NPSStartup]
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
    mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\users\agustu~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
    R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-9 238952]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-8-8 1153368]
    R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-9 36608]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
    R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-9-11 27632]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2010-9-10 30312]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-9-11 13224]
    S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-9-10 98432]
    S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-9-10 14848]
    S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-9-10 123648]
    S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2010-9-10 96488]
    S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2010-9-10 12776]
    S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2010-9-10 121576]
    S3 WatAdminSvc;WatAdminSvc;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-6 1343400]

    =============== Created Last 30 ================

    2010-12-15 18:15:55 -------- d-sh--w- c:\windows\system32\%APPDATA%
    2010-12-15 18:12:09 516096 ----a-w- c:\program files\windows mail\wab.exe
    2010-12-15 18:12:00 2048 ----a-w- c:\windows\system32\tzres.dll
    2010-12-14 13:26:04 102439 ----a-w- c:\windows\system32\sipr3260.dll
    2010-12-14 13:26:03 65602 ----a-w- c:\windows\system32\cook3260.dll
    2010-12-14 13:26:03 217127 ----a-w- c:\windows\system32\drv43260.dll
    2010-12-14 13:26:03 208935 ----a-w- c:\windows\system32\drv33260.dll
    2010-12-14 13:26:03 176165 ----a-w- c:\windows\system32\drv23260.dll
    2010-12-14 13:26:02 626688 ----a-w- c:\windows\system32\vp7vfw.dll
    2010-12-14 13:26:01 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
    2010-12-14 13:25:51 -------- d-----w- c:\program files\VSO
    2010-12-14 12:09:35 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{41288eff-0cd7-4f8f-ae08-6667d39b4fd6}\mpengine.dll
    2010-12-01 19:26:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-12-01 19:26:15 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-12-01 17:38:47 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2010-12-01 15:42:17 -------- d-----w- c:\program files\common files\Adobe Systems Shared
    2010-11-30 17:06:56 -------- d-----w- c:\program files\Microsoft Security Essentials
    2010-11-30 16:28:40 -------- d-----w- c:\users\agustu~1\appdata\roaming\Malwarebytes
    2010-11-30 16:28:29 -------- d-----w- c:\progra~2\Malwarebytes
    2010-11-30 16:28:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-11-30 06:58:29 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6079ed3e-c590-456d-a24e-a7dc2c765c8b}\mpengine.dll
    2010-11-25 19:17:30 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

    ==================== Find3M ====================

    2010-12-01 15:37:42 87608 ----a-w- c:\users\agustu~1\appdata\roaming\inst.exe
    2010-12-01 15:37:42 47360 ----a-w- c:\users\agustu~1\appdata\roaming\pcouffin.sys
    2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
    2010-10-22 11:43:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2010-10-22 11:43:18 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll
    2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys
    2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll
    2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
    2010-10-16 04:41:02 101760 ----a-w- c:\windows\system32\consent.exe
    2010-10-16 04:36:10 314368 ----a-w- c:\windows\system32\webio.dll

    ============= FINISH: 10:11:19.74 ===============

    Spybot


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Zedo: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Win32.PornPopUp: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    CasaleMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    WebTrends live: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2010-08-08 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2010-10-05 Includes\Adware.sbi (*)
    2010-11-30 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2010-12-14 Includes\Dialer.sbi (*)
    2010-12-14 Includes\DialerC.sbi (*)
    2010-01-25 Includes\HeavyDuty.sbi (*)
    2010-11-30 Includes\Hijackers.sbi (*)
    2010-11-30 Includes\HijackersC.sbi (*)
    2010-09-15 Includes\iPhone.sbi (*)
    2010-12-14 Includes\Keyloggers.sbi (*)
    2010-12-14 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2010-12-14 Includes\Malware.sbi (*)
    2010-12-14 Includes\MalwareC.sbi (*)
    2010-05-18 Includes\PUPS.sbi (*)
    2010-12-14 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2010-12-14 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2010-12-14 Includes\Spyware.sbi (*)
    2010-12-14 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-11-02 Includes\Trojans.sbi (*)
    2010-11-30 Includes\TrojansC-02.sbi (*)
    2010-11-30 Includes\TrojansC-03.sbi (*)
    2010-11-30 Includes\TrojansC-04.sbi (*)
    2010-12-14 Includes\TrojansC-05.sbi (*)
    2010-11-30 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

  4. #4
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

    Double-click ATF Cleaner.exe to open it

    Under Main choose:
    Windows Temp
    Current User Temp
    All Users Temp
    Cookies
    Temporary Internet Files
    Prefetch
    Java Cache

    *The other boxes are optional*
    Then click the Empty Selected button.

    If you use Firefox:
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    If you use Opera:
    Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program.


    Follow instructions here to delete Chrome cookies.

    See if anything is still found.
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

  5. #5
    Junior Member
    Join Date
    Dec 2010
    Posts
    4

    Default

    Thanks for your reply.
    I followed your advice, scanned again and this is what Spybot found;


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Adviva: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    BurstMedia: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    Tradedoubler: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    WebTrends live: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    FastClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    AdBrite: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)


    MediaPlex: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

    2009-01-26 blindman.exe (1.0.0.8)
    2009-01-26 SDFiles.exe (1.6.1.7)
    2009-01-26 SDMain.exe (1.0.0.6)
    2009-01-26 SDShred.exe (1.0.2.5)
    2009-01-26 SDUpdate.exe (1.6.0.12)
    2009-01-26 SDWinSec.exe (1.0.0.12)
    2009-01-26 SpybotSD.exe (1.6.2.46)
    2009-03-05 TeaTimer.exe (1.6.6.32)
    2010-08-08 unins000.exe (51.49.0.0)
    2009-01-26 Update.exe (1.6.0.7)
    2009-11-04 advcheck.dll (1.6.5.20)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2009-01-26 SDHelper.dll (1.6.2.14)
    2008-06-19 sqlite3.dll
    2009-01-26 Tools.dll (2.1.6.10)
    2009-01-16 UninsSrv.dll (1.0.0.0)
    2010-10-05 Includes\Adware.sbi (*)
    2010-11-30 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2010-12-14 Includes\Dialer.sbi (*)
    2010-12-14 Includes\DialerC.sbi (*)
    2010-01-25 Includes\HeavyDuty.sbi (*)
    2010-11-30 Includes\Hijackers.sbi (*)
    2010-11-30 Includes\HijackersC.sbi (*)
    2010-09-15 Includes\iPhone.sbi (*)
    2010-12-14 Includes\Keyloggers.sbi (*)
    2010-12-14 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2010-12-14 Includes\Malware.sbi (*)
    2010-12-14 Includes\MalwareC.sbi (*)
    2010-05-18 Includes\PUPS.sbi (*)
    2010-12-14 Includes\PUPSC.sbi (*)
    2010-01-25 Includes\Revision.sbi (*)
    2009-01-13 Includes\Security.sbi (*)
    2010-12-14 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2010-12-14 Includes\Spyware.sbi (*)
    2010-12-14 Includes\SpywareC.sbi (*)
    2010-03-08 Includes\Tracks.uti
    2010-11-02 Includes\Trojans.sbi (*)
    2010-11-30 Includes\TrojansC-02.sbi (*)
    2010-11-30 Includes\TrojansC-03.sbi (*)
    2010-11-30 Includes\TrojansC-04.sbi (*)
    2010-12-14 Includes\TrojansC-05.sbi (*)
    2010-11-30 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll

  6. #6
    Security Expert: Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,288

    Default

    Hi,

    All those items in latest report are tracking cookies that are found after normal web surfing session. I wouldn't worry about those
    Microsoft Windows Insider MVP 2016-2020
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •