|
|
|
Hijak This Scan
|
|
Senior Member
|
5. November 2006 @ 18:28 |
Link to this message
|
Hate to do it to you, but please rescan with ActiveScan. It has been a while so there may be more bad files than in the older log.
First run CCleaner
Close all windows.
Open CCleaner.
Click Options > Advance > uncheck "Only delete files in Windows Temp folders older than 48 hours".
Click Cleaner > ]Run Cleaner.
This message has been edited since posting. Last time this message was edited on 5. November 2006 @ 18:31
|
|
Advertisement
|
 |
|
|
Member
|
6. November 2006 @ 02:33 |
Link to this message
|
|
No Prob. I'll do it once i get home. . . Thanx 4 the help.
|
Member
|
6. November 2006 @ 11:43 |
Link to this message
|
|
Here it is. . .
Incident Status Location
Potentially unwanted tool:application/mywebsearch Not disinfected c:\windows\system32\f3pssavr.scr
Adware:adware/sahagent Not disinfected c:\windows\downloaded program files\sporder_.dll
Spyware:spyware/betterinet Not disinfected c:\windows\inf\satmat.inf
Adware:adware/downloadware Not disinfected c:\windows\Digital Signature 20040914.htm
Adware:adware/ieplugin Not disinfected c:\windows\kwv2.dat
Adware:adware/twain-tech Not disinfected c:\windows\satmat.ini
Adware:adware/powerscan Not disinfected Windows Registry
Adware:adware/adlogix Not disinfected Windows Registry
Adware:adware/memorywatcher Not disinfected Windows Registry
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@276[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@2o7[2].txt
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@64.62.232[2].txt
Spyware:Cookie/Abetterinternet Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@abetterinternet[2].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.addynamix[2].txt
Spyware:Cookie/Gorillanation Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.gorillanation[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.pointroll[2].txt
Spyware:Cookie/PurityScan Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.valuead[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@advertising[2].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@adviva[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@atdmt[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@atwola[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ayb.lop[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@azjmp[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bannerlandia.com[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bluestreak[1].txt
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bravenet[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@bs.serving-sys[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@casalemedia[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ccbill[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@centrport[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[4].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@cgi-bin[5].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@citi.bridgetrack[2].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@clickbank[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@com[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@data.coremetrics[1].txt
Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@desktop.kazaa[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-dig.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-micron.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg.hitbox[1].txt
Spyware:Cookie/Euniverseads Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@euniverseads[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[2].txt
Spyware:Cookie/Gator Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@gator[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@gostats[1].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@go[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hg1.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@hotlog[1].txt
Spyware:Cookie/Internetfuel Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@internetfuel[2].txt
Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@kount[2].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@linksynergy[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@lop[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@mediaplex[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@overture[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@perf.overture[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@phg.hitbox[2].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@qksrv[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[3].txt
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@revenue[1].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@rightmedia[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@servedby.advertising[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@serving-sys[1].txt
Spyware:Cookie/Santa Monica networks inc Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@smni[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@targetnet[1].txt
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tickle[2].txt
Spyware:Cookie/SaveNow Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tracking.thunderdownloads[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@valueclick[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@weborama[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.affiliatefuel[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.burstbeacon[2].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.myaffiliateprogram[1].txt
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@www.web-stat[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@xiti[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\TaniaA\Cookies\taniaa@zedo[1].txt
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\IExploreSkins.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\s21.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\sta31D.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\sta321.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\tb_setup.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\temp.cab
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\toolbar.dll
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\upd117.exe
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\upd118.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\update_1.exe
Adware:Adware/StatBlaster Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WinWildApp.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WTA1\WinTA.cab[WToolsA.exe]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WToolsA.cab[WToolsA.exe]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\WToolsA.exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~293435.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~306983.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~318146.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~356562.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~392031.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~409926.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~513832.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~521166.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~537182.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~541423.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~551875.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~551981.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~561307.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~575646.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~583958.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~592691.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~597181.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~599394.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~603541.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~625211.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~644600.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~648702.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~654221.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~717622.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~722406.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~754413.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~773125.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~778591.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~784244.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~793322.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~794123.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~804016.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~848679.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~875038.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~900649.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~916826.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~927781.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~932201.tmp
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temp\~945568.tmp
Adware:Adware/nCase Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\07XJYAR5\AppWrap[1].exe
Virus:Trj/Downloader.FK Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4J43C5QJ\stc[1].htm
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[CSSecure.dll]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmfilemap.xml]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmproxy.dll]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[dmserver.exe]
Adware:Adware/Comet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\dm_286[2].cab[DMUpdate.exe]
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4XAZCPUN\mwsvm[1].cab[mwsvm.exe]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\4ZQRWJ2N\upd124[1].exe
Adware:Adware/NetPals Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\CPYRG9Q3\Ud3rT0n5[1].cab[ATPartners.inf]
Adware:Adware/Gator Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\FZ9NVHOO\hdplugin_1015_bundle33v0d12[2].cab[HDPlugin1015.dll]
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\GVOH0JWJ\fash[1].cab[fash.exe]
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\HXV6X1LB\AppWrap[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[1].exe
Spyware:Spyware/BetterInet Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[2].exe
Adware:Adware/nCase Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\J8DD388O\AppWrap[4].exe
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\LJJGHUI6\upd118[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\NR17F18W\ocx[1].cab
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\O3DN6Y35\DS3[2].cab[DS3.dll]
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PK03P94D\upd117[1].exe
Spyware:Spyware/Searchcentrix Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PK03P94D\weblz[2].CAB[somaticCAB.exe]
Virus:Trj/Imiserv.B Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\PKWFPDCP\webplugin[2].cab
Spyware:Spyware/ClearSearch Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\ClrSchP038[1].exe
Virus:Trj/Idly.A Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\IdleUI[1].dll
Adware:Adware/Popmon Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\internetfeatures[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\loader[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\slmss[1].exe
Adware:Adware/PortalScan Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1E34DMJ\STC[1].exe
Adware:Adware/WinTools Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1IJ8HAN\frsk[1].cab[frsk.exe]
Potentially unwanted tool:Application/FunWeb Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\S1IJ8HAN\SmileyCentralInitialSetup1.0.0.8[2].cab
Virus:Trj/Downloader.SJ Disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\HP2[2].CHM
Hacktool:Exploit/Mhtredir.T Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\hp2[2].htm
Adware:Adware/Look2Me Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\ST2VKDIF\upd121[1].exe
Spyware:Spyware/Virtumonde Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\Y5SPGZEH\AppWrap[1].exe
Adware:Adware/Sqwire Not disinfected C:\Documents and Settings\TaniaA\Local Settings\Temporary Internet Files\Content.IE5\Y5SPGZEH\SQLoader3303[1].cab[SQLoader.exe]
Potentially unwanted tool:Application/HideWindow.A Not disinfected C:\hp\bin\FondleWindow.exe
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Microsoft AntiSpyware\Quarantine\E666CBC5-17AD-47CA-9E78-535BFD\233DD0F1-375A-4A9F-BEEB-59C157
Adware:Adware/Lop Not disinfected C:\Program Files\peakdupe\Mags 2.dll
Adware:Adware/Lop Not disinfected C:\Program Files\peakdupe\PingWin.dll
Hacktool:HackTool/SRunner.B Not disinfected C:\WINDOWS\system32\instsrv.exe
|
Member
|
6. November 2006 @ 11:44 |
Link to this message
|
|
-EDIT-
I don't know y it keeps doing that. . .
This message has been edited since posting. Last time this message was edited on 6. November 2006 @ 11:46
|
Member
|
8. November 2006 @ 06:25 |
Link to this message
|
|
is it all gone?
|
Senior Member
|
8. November 2006 @ 13:49 |
Link to this message
|
Sorry bugzy, I looked over your log yesterday and didn't reply.
Sorry if the instructions are long. This is just my pre-written instructions. :)
If you do not already have Ad-Aware SE Personal get it here
Install Ad-Aware SE Personal:
Follow the default settings for installation.
After installing uncheck the following:
* "Perform a full system scan now"
* "Update definition file now"
* "Open the help file now"
Update Ad-Aware SE Personal:
Open Ad-Aware.
Click "Check for updates now" then click "Connect".
If any are found click "OK" to download and install the updates. Once it has finished click "Finish".
Configure Ad-Aware SE Personal:
Click the Gear button at the top of the window.
Click "General" on the left hand side. Make sure these items have a green check next to them.
If they do not, click once on the circle next to them to put a green checkmark.
* "Automatically save logfile"
* "Automatically quarantine objects prior to removal"
* "Safe Mode (always request confirmation)"
* "Prompt to update outdated definitions" - change to 7 days from the default 14.
Click "Scanning" on the left hand side. Make sure these items have a green check next to them.
* "Scan within archives"
* "Select drives & folders to scan" - select your hard drive(s).
* "Scan active processes"
* "Scan registry"
* "Deep-scan registry"
* "Scan my IE favorites for banned URLs"
* "Scan my Hosts file"
Click "Advanced" on the left hand side. Make sure these items have a green check next to them.
* "Move deleted files to Recycle Bin"
* "Include additional object information"
* "Include negligible objects information"
* "Include environment information"
Click "Tweak" on the left hand side to display the Tweak Settings box.
Click the + (plus) sign next to the Scanning Engine section. Make sure these items have a green check next to them.
* "Unload recognized processes & modules during scan"
* "Scan registry for all users instead of current user only"
* "Obtain command line of scanned processes"
Click the + (plus) sign next to the Cleaning Engine section. Make sure these items have a green check next to them.
* "Always try to unload modules before deletion"
* "During removal, unload Explorer and IE if necessary"
* "Let Windows remove files in use at next reboot"
* "Delete quarantined objects after restoring"
Once you are done with these settings, click "Proceed" to save them. This will take you back to the main screen.
Run Ad-Aware SE Personal:
* Click the "Start" button.
* Uncheck the "Search for negligible risk entries" entry.
* Choose the "Use custom scanning options" scan mode.
* Click the "Next" button.
* When it finishes, right-click on any entry in the list and click "Select All" to select the whole list.
* Click "Next" and choose "OK" at the prompt to quarantine and remove the objects.
Delete this folder:
C:\Program Files\peakdupe
Go here and download ATF Cleaner.
Open ATF Cleaner.
Check "Select All".
Click "Empty Selected".
Restart and post back with a new HjT log and please tell me how things are running. Any problems?
This message has been edited since posting. Last time this message was edited on 8. November 2006 @ 13:51
|
Member
|
9. November 2006 @ 02:44 |
Link to this message
|
|
Things a running much better with the instructions u gave me minus the last one. When i get home tonight i'll do the rest. . . Thanx for the time abd help. . .
|
Senior Member
|
9. November 2006 @ 06:51 |
Link to this message
|
That should be the last thing you have to do. Should be clean after that. :) Let me know what Ad-Aware finds.
|
Member
|
12. November 2006 @ 18:24 |
Link to this message
|
These are both the logs from Ad-Aware and HjT. Let me know if n e thing is wrong. . . And Thanx Again. . .
Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, November 12, 2006 10:50:28 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R131 09-11-2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Coulomb Dialer(TAC index:5):1 total references
Tracking Cookie(TAC index:3):95 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R131 09-11-2006
Internal build : 165
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 836619 Bytes
Total size : 2703174 Bytes
Signature data size : 2653684 Bytes
Reference data size : 48978 Bytes
Signatures total : 72308
CSI Fingerprints total : 4428
CSI data size : 191532 Bytes
Target categories : 15
Target families : 1006
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:38 %
Total physical memory:523756 kb
Available physical memory:195832 kb
Total page file size:1277660 kb
Available on page file:1003464 kb
Total virtual memory:2097024 kb
Available virtual memory:2029776 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Move deleted files to Recycle Bin
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
11-12-2006 10:50:28 PM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 548
ThreadCreationTime : 11-13-2006 12:17:05 AM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 624
ThreadCreationTime : 11-13-2006 12:17:07 AM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 648
ThreadCreationTime : 11-13-2006 12:17:07 AM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 692
ThreadCreationTime : 11-13-2006 12:17:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 704
ThreadCreationTime : 11-13-2006 12:17:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 856
ThreadCreationTime : 11-13-2006 12:17:09 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 916
ThreadCreationTime : 11-13-2006 12:17:10 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 984
ThreadCreationTime : 11-13-2006 12:17:10 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1144
ThreadCreationTime : 11-13-2006 12:17:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1228
ThreadCreationTime : 11-13-2006 12:17:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [vsmon.exe]
ModuleName : C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 1256
ThreadCreationTime : 11-13-2006 12:17:12 AM
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : vsmon.exe
#:12 [lexbces.exe]
ModuleName : C:\WINDOWS\system32\LEXBCES.EXE
Command Line : C:\WINDOWS\system32\LEXBCES.EXE
ProcessID : 1508
ThreadCreationTime : 11-13-2006 12:17:17 AM
BasePriority : Normal
FileVersion : 8.19
ProductVersion : 8.19
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LexBceS.exe
#:13 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1544
ThreadCreationTime : 11-13-2006 12:17:17 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:14 [lexpps.exe]
ModuleName : C:\WINDOWS\system32\LEXPPS.EXE
Command Line : LEXPPS.EXE
ProcessID : 1584
ThreadCreationTime : 11-13-2006 12:17:17 AM
BasePriority : Normal
FileVersion : 8.19
ProductVersion : 8.19
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)
#:15 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1856
ThreadCreationTime : 11-13-2006 12:17:25 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:16 [acsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
ProcessID : 1988
ThreadCreationTime : 11-13-2006 12:17:26 AM
BasePriority : Normal
#:17 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 2036
ThreadCreationTime : 11-13-2006 12:17:26 AM
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:18 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 144
ThreadCreationTime : 11-13-2006 12:17:27 AM
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:19 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
ProcessID : 208
ThreadCreationTime : 11-13-2006 12:17:27 AM
BasePriority : Normal
FileVersion : 7.5.0.429
ProductVersion : 7.5.0.429
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:20 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : C:\WINDOWS\System32\nvsvc32.exe
ProcessID : 348
ThreadCreationTime : 11-13-2006 12:17:27 AM
BasePriority : Normal
FileVersion : 6.13.10.4253
ProductVersion : 6.13.10.4253
ProductName : NVIDIA Driver Helper Service, Version 42.53
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 42.53
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:21 [lxbfbmgr.exe]
ModuleName : C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
Command Line : "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
ProcessID : 508
ThreadCreationTime : 11-13-2006 12:17:28 AM
BasePriority : Normal
FileVersion : 0.1.25.0
ProductVersion : 0.1.25.0
ProductName : Button Manager Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark X6100 Series Button Manager
InternalName : lxbfbmgr.exe
LegalCopyright : (C) 2002 Lexmark International, Inc.
OriginalFilename : lxbfbmgr.exe
#:22 [ezsp_px.exe]
ModuleName : C:\WINDOWS\system32\ezSP_Px.exe
Command Line : "C:\WINDOWS\system32\ezSP_Px.exe"
ProcessID : 520
ThreadCreationTime : 11-13-2006 12:17:29 AM
BasePriority : Normal
#:23 [lxbfbmon.exe]
ModuleName : C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
Command Line : "C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe"
ProcessID : 536
ThreadCreationTime : 11-13-2006 12:17:29 AM
BasePriority : Normal
FileVersion : 0.1.25.0
ProductVersion : 0.1.25.0
ProductName : Button Monitor Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark X6100 Series Button Monitor
InternalName : lxbfbmon.exe
LegalCopyright : (C) 2002 Lexmark International, Inc.
OriginalFilename : lxbfbmon.exe
#:24 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 532
ThreadCreationTime : 11-13-2006 12:17:29 AM
BasePriority : Normal
FileVersion : 7.5.0.418
ProductVersion : 7.5.0.418
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:25 [zlclient.exe]
ModuleName : C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
Command Line : n/a
ProcessID : 568
ThreadCreationTime : 11-13-2006 12:17:29 AM
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : zlclient.exe
#:26 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 604
ThreadCreationTime : 11-13-2006 12:17:30 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:27 [plaxohelper.exe]
ModuleName : C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe
Command Line : "C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe" -a
ProcessID : 136
ThreadCreationTime : 11-13-2006 12:17:31 AM
BasePriority : Normal
FileVersion : 2.11.1.5
ProductVersion : 2.11.1.5
ProductName : Plaxo Integration for Outlook Express
CompanyName : Plaxo, Inc.
FileDescription : Enables Plaxo to integrate securely with Outlook Express
InternalName : InstallStub
LegalCopyright : Copyright 2001-2006
OriginalFilename : PlaxoHelper.exe
#:28 [rundll32.exe]
ModuleName : C:\WINDOWS\system32\rundll32.exe
Command Line : rundll32 nView.dll,nViewInitialize
ProcessID : 708
ThreadCreationTime : 11-13-2006 12:17:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:29 [acrotray.exe]
ModuleName : C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
Command Line : "C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe"
ProcessID : 976
ThreadCreationTime : 11-13-2006 12:17:31 AM
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright © 2001
OriginalFilename : AcroTray.exe
#:30 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1064
ThreadCreationTime : 11-13-2006 12:17:31 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:31 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1280
ThreadCreationTime : 11-13-2006 12:17:32 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:32 [sgmain.exe]
ModuleName : C:\Program Files\SpywareGuard\sgmain.exe
Command Line : "C:\Program Files\SpywareGuard\sgmain.exe"
ProcessID : 1432
ThreadCreationTime : 11-13-2006 12:17:33 AM
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SpywareGuard
FileDescription : SpywareGuard
InternalName : sgmain
LegalCopyright : Copyright (C) 2002-2003 Javacool Software LLC
OriginalFilename : sgmain.exe
Comments : SpywareGuard
#:33 [ntvdm.exe]
ModuleName : C:\WINDOWS\system32\ntvdm.exe
Command Line : "C:\WINDOWS\system32\ntvdm.exe" -f -i1 -w -a C:\WINDOWS\system32\krnl386.exe
ProcessID : 1676
ThreadCreationTime : 11-13-2006 12:17:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : NTVDM.EXE
InternalName : NTVDM.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NTVDM.EXE
#:34 [wanmpsvc.exe]
ModuleName : C:\WINDOWS\wanmpsvc.exe
Command Line : "C:\WINDOWS\wanmpsvc.exe"
ProcessID : 1700
ThreadCreationTime : 11-13-2006 12:17:33 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 0
ProductVersion : 9, 0, 0, 0
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe
#:35 [sgbhp.exe]
ModuleName : C:\Program Files\SpywareGuard\sgbhp.exe
Command Line : "C:\Program Files\SpywareGuard\sgbhp.exe"
ProcessID : 1960
ThreadCreationTime : 11-13-2006 12:17:37 AM
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SG Browser Hijacking Protection
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
LegalCopyright : Copyright (C) 2002-2003 Javacool Software LLC.
OriginalFilename : sgbhp.exe
Comments : SG Browser Hijacking Protection
#:36 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 2952
ThreadCreationTime : 11-13-2006 12:17:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:37 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k HTTPFilter
ProcessID : 2736
ThreadCreationTime : 11-13-2006 6:21:43 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:38 [mssysmgr.exe]
ModuleName : c:\DOCUME~1\lorena\desktop\data\Xtras\mssysmgr.exe
Command Line : "c:\DOCUME~1\lorena\desktop\data\Xtras\mssysmgr.exe"
ProcessID : 1084
ThreadCreationTime : 11-13-2006 6:40:21 AM
BasePriority : Normal
FileVersion : 2, 1, 1, 537
ProductVersion : 2, 1, 1, 537
ProductName : PhotoShow Deluxe
CompanyName : Simple Star, Inc.
FileDescription : PhotoShow Deluxe Media Manager
InternalName : PhotoShow Deluxe Media Manager
LegalCopyright : Copyright © 2003 Simple Star, Inc.
OriginalFilename : mssysmgr.exe
#:39 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3820
ThreadCreationTime : 11-13-2006 6:46:41 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@live365[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:taniaa@live365.com/
Expires : 11-11-2011 6:51:12 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrator@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@0[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@0[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@0[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@0[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@0[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@0[3].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@0[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@0[4].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@276[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@276[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@276[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@276[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ad-flow[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ad-flow[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ad-logics[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ad-logics[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@adnetintads.valuead[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@adnetintads.valuead[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@adrevolver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ads.addynamix[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.addynamix[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ads.adsag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.adsag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.pointroll[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ads.specificpop[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.specificpop[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ads.valuead[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ads.valuead[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@adserver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@adserving.autotrader[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@adserving.autotrader[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@adviva[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@adviva[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@as1.falkag[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@atdmt[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ayb.lop[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ayb.lop[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@banner.goldenpalace[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@banner.goldenpalace[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@bfast[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@bins.lop[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@bins.lop[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@bluestreak[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@bravenet[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@bs.serving-sys[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@c.as-us.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@c.as-us.falkag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@casalemedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@centrport[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@centrport[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@citi.bridgetrack[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@citi.bridgetrack[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@clickagents[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@clickagents[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@clickbank[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@clickbank[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@commission-junction[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@commission-junction[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@data.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@data.coremetrics[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@defender.veloz[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@defender.veloz[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@edge.ru4[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@edge.ru4[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ehg-aol.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-aol.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ehg-micron.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-micron.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ehg-sonypictures.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-sonypictures.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ehg-timeinc.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg-timeinc.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@ehg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@ehg.hitbox[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@euniverseads[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@euniverseads[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@fastclick[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@gator[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@gator[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@hotlog[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@hotlog[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@internetfuel[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@internetfuel[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@internetwasher[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@internetwasher[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@linksynergy[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@linksynergy[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@list[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@list[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@lop[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@lop[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@maxserving[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@maxserving[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@mediaplex[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@mediaplex[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@overture[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@perf.overture[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@phg.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@phg.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@please[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@please[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@pointroll[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@popupsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@popupsponsor[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@qksrv[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@qksrv[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@questionmarket[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@rccl.bridgetrack[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@rccl.bridgetrack[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@realmedia[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@realmedia[3].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@revenue[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@revenue[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@rub[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@rub[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@s.as-us.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@s.as-us.falkag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@servedby.advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@servedby.advertising[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@servedfor.valuead[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@servedfor.valuead[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@server.iad.liveperson[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@serving-sys[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@st.sageanalyst[1].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@st.sageanalyst[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@targetnet[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@targetnet[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@test.coremetrics[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@test.coremetrics[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@tickle[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@tickle[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@tmpad[1].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@tmpad[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@tracking.thunderdownloads[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@tracking.thunderdownloads[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@trafficmp[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@tribalfusion[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@tripod[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@valueclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@valueclick[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@weborama[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@weborama[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@www.1stblaze[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@www.1stblaze[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@www.entrepreneur[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@www.entrepreneur[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@www.lopeor[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@www.lopeor[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@www4.yesadvertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@www4.yesadvertising[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@www6.paypopup[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@www6.paypopup[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@z1.adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@z1.adserver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : taniaa@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\TaniaA\Cookies\taniaa@zedo[1].txt
Coulomb Dialer Object Recognized!
Type : File
Data : Groove.x32
TAC Rating : 5
Category : Dialer
Comment :
Object : C:\WINDOWS\system32\Macromed\Shockwave 8\Xtras\download\TheGrooveAlliance\3DGrooveXtrav181\
FileVersion : 1, 8, 1, 0
ProductVersion : 1, 8, 1, 0
ProductName : GROOVE
FileDescription : GROOVE
InternalName : GROOVE
LegalCopyright : Copyright 2001
OriginalFilename : GROOVE.x32
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 96
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 96
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
58 entries scanned.
New critical objects:0
Objects found so far: 96
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 96
11:15:34 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:25:05.891
Objects scanned:277140
Objects identified:96
Objects ignored:0
New critical objects:96
Logfile of HijackThis v1.99.1
Scan saved at 11:21:27 PM, on 11/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\svchost.exe
c:\DOCUME~1\lorena\desktop\data\Xtras\mssysmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis_v1.99.1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\2.11.1.5\PlaxoHelper.exe -a
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] c:\DOCUME~1\lorena\desktop\data\Xtras\mssysmgr.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Text for the Day.lnk = C:\Program Files\TRU\Daytext.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt4_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/games/clients/y/grt5_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.app...iTunesSetup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5...b?1106544692796
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
|
Member
|
12. November 2006 @ 18:25 |
Link to this message
|
|
-EDIT-
This message has been edited since posting. Last time this message was edited on 13. November 2006 @ 02:57
|
Senior Member
|
13. November 2006 @ 12:33 |
Link to this message
|
Looks good, although, Ad-Aware didn't find anything...?
Look for this folder:
C:\Program Files\peakdupe
Is it there?
|
Member
|
13. November 2006 @ 13:44 |
Link to this message
|
|
It's not there. . . Is that a prob???
|
Senior Member
|
13. November 2006 @ 17:30 |
Link to this message
|
|
No problem, actually, that's good. Not quite sure where all the adware went between scans, but it's gone, so you should clean now.
|
|
Advertisement
|
|
|
Member
|
14. November 2006 @ 03:32 |
Link to this message
|
|
Again, THANX ! ! ! Ur a life saver. . .
|
|
