Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 28.11.2024 / 21:32
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > spywares n adwarez in my pc plz...help ,me
Show topics
 
Forums
Forums
spywares n adwarez in my pc plz...help ,me
  Jump to:
 
Posted Message
bayezid
Junior Member
_ 		25. July 2006 @ 08:27 _ Link to this message    Send private message to this user   
from 10 dayz im avin adwarez n spywarez in my pc i had spware doctor but it didn work den i formatted it twice but after oning da net deyre back again den atlast yesteday i got spysweeper n i sweeped da sytem n all da spwarez were deleted but 2day wen i oned da pc again deyre back i just dunno wat 2 do .....im avin ADWARE LOOK2ME
[ + quote]
lecsiy
Senior Member

5 product reviews
_ 		26. July 2006 @ 06:09 _ Link to this message    Send private message to this user   
Try spybots S&D and run it in safe mode.

And for god sake how hard is it to talk normally.
Quote:
it twice but after oning da net deyre back again den atlast yesteday i got spysweeper n i sweeped da sytem
Please speak normally. So much easier to help you that way.
[ + quote]
bayezid
Junior Member
_ 		26. July 2006 @ 23:58 _ Link to this message    Send private message to this user   
srry but which software should i download ,can u give me da link
Quote:
sorry i waz in a hurry thats why i typed like dat
and herez my last scan log
********
6:52 PM: | Start of Session, Tuesday, July 25, 2006 |
6:52 PM: Spy Sweeper started
6:52 PM: Sweep initiated using definitions version 725
6:52 PM: Starting Memory Sweep
6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:10 PM: Memory Sweep Complete, Elapsed Time: 00:17:19
7:10 PM: Starting Registry Sweep
7:11 PM: Found Adware: findthewebsiteyouneed hijack
7:11 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438)
7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:11 PM: Registry Sweep Complete, Elapsed Time:00:01:27
7:11 PM: Starting Cookie Sweep
7:11 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
7:11 PM: Starting File Sweep
7:13 PM: Found Adware: look2me
7:13 PM: 00002690.dll (ID = 159)
7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:17 PM: 00002685.dll (ID = 159)
7:18 PM: 00002683.dll (ID = 159)
7:18 PM: 00002681.exe (ID = 168558)
7:19 PM: 00002679.dll (ID = 159)
7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:21 PM: 00002676.dll (ID = 159)
7:22 PM: 00002674.dll (ID = 159)
7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:26 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:27 PM: 00002668.dll (ID = 159)
7:28 PM: 00002666.dll (ID = 159)
7:28 PM: 00002664.dll (ID = 163672)
7:28 PM: 00002662.dll (ID = 159)
7:28 PM: 00002660.dll (ID = 159)
7:28 PM: 00002658.dll (ID = 159)
7:28 PM: 00002656.dll (ID = 159)
7:29 PM: 00002651.dll (ID = 159)
7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:31 PM: Found Adware: command
7:31 PM: uninstall_nmon.vbs (ID = 231442)
7:33 PM: ahferror.dll (ID = 159)
7:33 PM: k0pmla711d.dll (ID = 159)
7:34 PM: 00001130.dll (ID = 163672)
7:35 PM: hrr8059ue.dll (ID = 159)
7:35 PM: 00000594.dll (ID = 159)
7:35 PM: 00000841.dll (ID = 159)
7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:36 PM: cudial32.dll (ID = 163672)
7:36 PM: atmtd.dll._ (ID = 166754)
7:37 PM: wdnotify.dll (ID = 159)
7:37 PM: 00000843.dll (ID = 159)
7:38 PM: 00000639.dll (ID = 159)
7:39 PM: m4640ejqehoe0.dll (ID = 159)
7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:41 PM: 00000744.dll (ID = 159)
7:43 PM: lvl0093me.dll (ID = 159)
7:45 PM: 00000152.dll (ID = 159)
7:45 PM: dnrawex.dll (ID = 163672)
7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:47 PM: rooc3260.dll (ID = 159)
7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:54 PM: Found Adware: dollarrevenue
7:54 PM: drsmartload46a[1].exe (ID = 325335)
7:54 PM: sylogcfg.dll (ID = 159)
7:55 PM: drsmartload849a[1].exe (ID = 325336)
7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
7:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:00 PM: 00000597.dll (ID = 159)
8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:01 PM: cmdinst.exe (ID = 231664)
8:02 PM: dl3j.dll (ID = 159)
8:04 PM: kdrberos.dll (ID = 159)
8:05 PM: 00000567.dll (ID = 159)
8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:06 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:06 PM: loader[1].exe (ID = 325333)
8:06 PM: rismxs.dll (ID = 163672)
8:07 PM: mkwdat10.dll (ID = 159)
8:07 PM: soredir.dll (ID = 163672)
8:07 PM: d4j00e1meh.dll (ID = 159)
8:07 PM: d00mlad11d0.dll (ID = 163672)
8:07 PM: mdtime.dll (ID = 159)
8:07 PM: 00000591.dll (ID = 159)
8:07 PM: mjoa.dll (ID = 159)
8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:11 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:11 PM: 00002445.exe (ID = 144946)
8:11 PM: 00002692.exe (ID = 231443)
8:11 PM: asappsrv.dll (ID = 144945)
8:12 PM: 00002705.exe (ID = 325652)
8:12 PM: 00002708.exe (ID = 326742)
8:14 PM: miperf.dll (ID = 163672)
8:15 PM: uwat.dll (ID = 159)
8:16 PM: atmtd.dll (ID = 166754)
8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:16 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:17 PM: drsmartload45a[1].exe (ID = 325334)
8:17 PM: drsmartload46a[1].exe (ID = 325335)
8:17 PM: drsmartload849a[1].exe (ID = 325336)
8:17 PM: mte3ndi6odoxng.exe (ID = 185985)
8:17 PM: ktp8l77u1.dll (ID = 159)
8:18 PM: g8220ifoe82c0.dll (ID = 159)
8:18 PM: lt4027hmg.dll (ID = 159)
8:19 PM: saictrddte.vbs (ID = 185675)
8:20 PM: File Sweep Complete, Elapsed Time: 01:08:42
8:20 PM: Full Sweep has completed. Elapsed time 01:27:46
8:20 PM: Traces Found: 67
8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:21 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
8:22 PM: Removal process initiated
8:23 PM: Quarantining All Traces: look2me
8:24 PM: Quarantining All Traces: command
8:24 PM: Quarantining All Traces: findthewebsiteyouneed hijack
8:24 PM: Quarantining All Traces: dollarrevenue
8:24 PM: Removal process completed. Elapsed time 00:01:45
********
10:30 PM: | Start of Session, Monday, July 24, 2006 |
10:30 PM: Spy Sweeper started
10:30 PM: Sweep initiated using definitions version 725
10:30 PM: Found Adware: dollarrevenue
10:30 PM: HKLM\software\microsoft\windows\currentversion\run\ || newname (ID = 1231926)
10:30 PM: nwnmed_7.exe (ID = 1231926)
10:30 PM: Starting Memory Sweep
10:43 PM: Found Adware: command
10:43 PM: Detected running threat: C:\Program Files\Network Monitor\netmon.exe (ID = 231443)
10:45 PM: Detected running threat: C:\dfndrdd_6.exe (ID = 325652)
10:48 PM: Memory Sweep Complete, Elapsed Time: 00:17:47
10:48 PM: Starting Registry Sweep
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ (7 subtraces) (ID = 892523)
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || nomodify (ID = 958653)
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || noremove (ID = 958654)
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || norepair (ID = 958655)
10:49 PM: HKLM\system\currentcontrolset\services\cmdservice\ (12 subtraces) (ID = 958670)
10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (6 subtraces) (ID = 1016064)
10:49 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (8 subtraces) (ID = 1016072)
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be}\ (7 subtraces) (ID = 1110756)
10:49 PM: HKLM\software\microsoft\drsmartload2\ (1 subtraces) (ID = 1134137)
10:49 PM: HKLM\software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}\ || uninstallstring (ID = 1134952)
10:49 PM: Found Trojan Horse: trojan-backdoor-ranky
10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || windows core kernel update (ID = 1382092)
10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || defender (ID = 1558788)
10:49 PM: HKLM\software\microsoft\windows\currentversion\run\ || keyboard (ID = 1558789)
10:49 PM: Registry Sweep Complete, Elapsed Time:00:01:29
10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:49 PM: Starting Cookie Sweep
10:49 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
10:49 PM: Starting File Sweep
10:49 PM: c:\program files\network monitor (1 subtraces) (ID = -2147459771)
10:49 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:50 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:51 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:52 PM: Found Adware: look2me
10:52 PM: l46o0ej3eho.dll (ID = 159)
10:52 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:52 PM: 00000601.dll (ID = 159)
10:53 PM: 00002443.dll (ID = 159)
10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:53 PM: 00000809.dll (ID = 159)
10:53 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:55 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:56 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:58 PM: hrnq0555e.dll (ID = 159)
10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
10:59 PM: hrpu0579e.dll (ID = 159)
10:59 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:00 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:01 PM: warebundle3.exe (ID = 168558)
11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied
11:01 PM: Spy Installation Shield: found: Adware: dollarrevenue, version 1.0.0.0 -- Execution Denied
11:01 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:02 PM: n4p40e7qeh.dll (ID = 159)
11:03 PM: 00000743.dll (ID = 159)
11:03 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:04 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:05 PM: k4620ejoehoc0.dll (ID = 159)
11:07 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:08 PM: sdrmdll.dll (ID = 159)
11:08 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:09 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:10 PM: 00000808.dll (ID = 159)
11:11 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
11:16 PM: 00000770.dll (ID = 159)
11:17 PM: 00001516.dll (ID = 159)
11:17 PM: 00000750.dll (ID = 159)
11:17 PM: wjhcon.dll (ID = 159)
11:18 PM: fsclient.dll (ID = 159)
11:19 PM: crmodem.dll (ID = 163672)
11:19 PM: padx5016.dll (ID = 159)
11:19 PM: p06s0aj7edo.dll (ID = 159)
11:19 PM: d40m0ed1eh0.dll (ID = 159)
11:19 PM: nwnmed_7[1].exe (ID = 326742)
11:19 PM: mgjetoledb40.dll (ID = 159)
11:19 PM: 00000592.dll (ID = 159)
11:20 PM: 00000599.dll (ID = 159)
11:21 PM: hr8605lse.dll (ID = 159)
11:24 PM: Sweep Canceled
11:24 PM: File Sweep Complete, Elapsed Time: 00:34:29
11:24 PM: Traces Found: 86
11:24 PM: Processing Startup Alerts
11:24 PM: Removed Startup entry: newname
11:24 PM: Removed Startup entry: defender
11:24 PM: Removed Startup entry: keyboard
11:25 PM: Removal process initiated
11:25 PM: Quarantining All Traces: look2me
11:26 PM: Quarantining All Traces: trojan-backdoor-ranky
11:26 PM: Quarantining All Traces: command
11:27 PM: Quarantining All Traces: dollarrevenue
11:27 PM: Removal process completed. Elapsed time 00:01:42
1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:28 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:31 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:36 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:41 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:46 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:54 PM: IE Tracking Cookies Shield: Removed yieldmanager cookie
1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:56 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
1:58 PM: IE Tracking Cookies Shield: Removed yadro cookie
1:59 PM: IE Tracking Cookies Shield: Removed rambler cookie
1:59 PM: IE Tracking Cookies Shield: Removed yadro cookie
2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
2:01 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:45 PM: Processing Startup Alerts
6:45 PM: Removed Startup entry: MSMSGS
6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:47 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:51 PM: The Spy Communication shield has blocked access to: promo.dollarrevenue.com
6:52 PM: Deletion from quarantine initiated
6:52 PM: Processing: command
6:52 PM: Processing: dollarrevenue
6:52 PM: Processing: findthewebsiteyouneed hijack
6:52 PM: Processing: icannnews
6:52 PM: Processing: isearch desktop search
6:52 PM: Processing: look2me
6:52 PM: Processing: trojan-backdoor-ranky
6:52 PM: Deletion from quarantine completed. Elapsed time 00:00:01
6:52 PM: | End of Session, Tuesday, July 25, 2006 |
********
9:33 PM: | Start of Session, Monday, July 24, 2006 |
9:33 PM: Spy Sweeper started
9:33 PM: Sweep initiated using definitions version 547
9:33 PM: Starting Memory Sweep
9:34 PM: Found Adware: icannnews
9:34 PM: Detected running threat: C:\WINDOWS\system32\n06q0aj5edo.dll (ID = 83)
9:36 PM: Detected running threat: C:\WINDOWS\system32\tBpiui.dll (ID = 83)
9:36 PM: Found Adware: isearch desktop search
9:36 PM: Detected running threat: C:\WINDOWS\YmF5ZXppZA\command.exe (ID = 144946)
9:38 PM: Memory Sweep Complete, Elapsed Time: 00:05:10
9:38 PM: Starting Registry Sweep
9:39 PM: Found Adware: findthewebsiteyouneed hijacker
9:39 PM: HKU\.default\software\microsoft\internet explorer\search\searchassistant explorer\main\ || default_search_url (ID = 555438)
9:39 PM: Registry Sweep Complete, Elapsed Time:00:00:32
9:39 PM: Starting Cookie Sweep
9:39 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
9:39 PM: Starting File Sweep
9:41 PM: Found Adware: look2me
9:41 PM: appwrap[1].exe (ID = 65721)
9:41 PM: command.exe (ID = 144946)
9:41 PM: bw2.com (ID = 65721)
9:42 PM: File Sweep Complete, Elapsed Time: 00:02:53
9:42 PM: Full Sweep has completed. Elapsed time 00:08:46
9:42 PM: Traces Found: 7
9:44 PM: Removal process initiated
9:45 PM: Quarantining All Traces: look2me
9:45 PM: Quarantining All Traces: icannnews
9:45 PM: icannnews is in use. It will be removed on reboot.
9:45 PM: C:\WINDOWS\system32\n06q0aj5edo.dll is in use. It will be removed on reboot.
9:45 PM: C:\WINDOWS\system32\tBpiui.dll is in use. It will be removed on reboot.
9:45 PM: Quarantining All Traces: isearch desktop search
9:45 PM: isearch desktop search is in use. It will be removed on reboot.
9:45 PM: command.exe is in use. It will be removed on reboot.
9:45 PM: Quarantining All Traces: findthewebsiteyouneed hijacker
9:45 PM: Warning: Launched explorer.exe
9:45 PM: Warning: Quarantine process could not restart Explorer.
9:45 PM: Preparing to restart your computer. Please wait...
9:45 PM: Removal process completed. Elapsed time 00:00:54
10:19 PM: Processing Startup Alerts
10:19 PM: Removed Startup entry: MSMSGS
10:19 PM: Updating spyware definitions
10:29 PM: Your spyware definitions have been updated.
10:30 PM: Memory Shield: Found: Memory-resident threat command, version 1.0.0.0
10:30 PM: Detected running threat: command
10:30 PM: | End of Session, Monday, July 24, 2006 |
********
9:31 PM: | Start of Session, Monday, July 24, 2006 |
9:31 PM: Spy Sweeper started
9:32 PM: IE Tracking Cookies Shield: Removed com.com cookie
9:33 PM: | End of Session, Monday, July 24, 2006 |



thanx 4 ur cooperation
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > spywares n adwarez in my pc plz...help ,me
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork