WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Unable to delete virus'.
Started by
jay_white_69
, May 13 2006 01:43 AM
-
This topic is locked
9 replies to this topic
#1
jay_white_69
-
- Authentic Member
-
- 7 posts
New Member
Posted 13 May 2006 - 01:43 AM
Register to Remove
#2
Doug
-
- Tech Team
-
- 10,057 posts
Retired Administrator -Tech Team
Posted 13 May 2006 - 08:31 AM
Hi Jay White 69,
The Druogna family of trojans is associated with fraudulent offers to rid your machine of malware, but is actually malware itself. Users sometimes encounter it when browsing and clicking on interesting or alarming offers that recommend that the offered program will clean your machine that it suggests is infected.
The w32/Alemod.f.dll infection is a mean infection, one of which mean activities is to change/corrupt the C:\windows\system32\wininet.dll file.
Since C:\windows\system32\wininet.dll is a required System File, the users attempt to remove/replace/repair it are frustrated by the Windows Operating System, which MS does not allow the required/needed C:\windows\system32\wininet.dll to be deleted.
Kinda a "catch-22".
There are a couple of reasons that argue in favor of you using HighJackThis! and submitting your log to the HighJackThis! forum here at TomCoyote.
1. While a relatively capable user can walk through the instructions for a manual "fix" for C:\windows\system32\wininet.dll, there are several problems that can be encountered in the "fix" that may cause even more problems, unless the user is guided by a knowledgeable expert.
2. The existance of the second item, Druogna, suggests a "blended threat". That is, more than one infectious item at work that can be creating problems during the "fix" of the other problem.
3. Since Druogna is a trojan (conveys malware to the user's machine) there may be other malware of the spyware variety that exist on the machine, but have not been detected by your anti-virus.
Therefore a comprehesive and guided approach is recommended, with the assistance of a Trusted Advisor in the TomCoyote HighJackThis! Forum. The HJT tool will give you and your Trusted Advisor an excellent overview of what's running on your machine and allow a comprehensive approach to repair.
You can download HighJackThis! (HJT.exe) from a variety of sources, but let's keep it simple and do all of your work in the TomCoyote Forum, Get Started here:
http://forums.tomcoy...showtopic=14401
Note: Sometimes people get frustrated with their paid-product Anti-Virus (for instance McAfee) and think it should have automatically fixed the problem. Then they want to dump their current program and run off to purchase a "better" one. Don't get stampeded into this kind of thinking! McAfee is a fine anti-virus and did its job "by identifying and NOT removing this treat" because to "remove it" would have caused your machines system to fail.
I encourage you to use the fine advanced services of the TomCoyote HJT Forum to rid yourself of this infection. And after your machine is "Clean", follow the advice of your Trusted Advisor about how to keep your machine secure and clean.
Best Regards
The Druogna family of trojans is associated with fraudulent offers to rid your machine of malware, but is actually malware itself. Users sometimes encounter it when browsing and clicking on interesting or alarming offers that recommend that the offered program will clean your machine that it suggests is infected.
The w32/Alemod.f.dll infection is a mean infection, one of which mean activities is to change/corrupt the C:\windows\system32\wininet.dll file.
Since C:\windows\system32\wininet.dll is a required System File, the users attempt to remove/replace/repair it are frustrated by the Windows Operating System, which MS does not allow the required/needed C:\windows\system32\wininet.dll to be deleted.
Kinda a "catch-22".
There are a couple of reasons that argue in favor of you using HighJackThis! and submitting your log to the HighJackThis! forum here at TomCoyote.
1. While a relatively capable user can walk through the instructions for a manual "fix" for C:\windows\system32\wininet.dll, there are several problems that can be encountered in the "fix" that may cause even more problems, unless the user is guided by a knowledgeable expert.
2. The existance of the second item, Druogna, suggests a "blended threat". That is, more than one infectious item at work that can be creating problems during the "fix" of the other problem.
3. Since Druogna is a trojan (conveys malware to the user's machine) there may be other malware of the spyware variety that exist on the machine, but have not been detected by your anti-virus.
Therefore a comprehesive and guided approach is recommended, with the assistance of a Trusted Advisor in the TomCoyote HighJackThis! Forum. The HJT tool will give you and your Trusted Advisor an excellent overview of what's running on your machine and allow a comprehensive approach to repair.
You can download HighJackThis! (HJT.exe) from a variety of sources, but let's keep it simple and do all of your work in the TomCoyote Forum, Get Started here:
http://forums.tomcoy...showtopic=14401
Note: Sometimes people get frustrated with their paid-product Anti-Virus (for instance McAfee) and think it should have automatically fixed the problem. Then they want to dump their current program and run off to purchase a "better" one. Don't get stampeded into this kind of thinking! McAfee is a fine anti-virus and did its job "by identifying and NOT removing this treat" because to "remove it" would have caused your machines system to fail.
I encourage you to use the fine advanced services of the TomCoyote HJT Forum to rid yourself of this infection. And after your machine is "Clean", follow the advice of your Trusted Advisor about how to keep your machine secure and clean.
Best Regards
The help you receive here is free.
If you wish, you may Donate to help keep us online.
If you wish, you may Donate to help keep us online.
#3
Eumic
-
- Authentic Member
-
- 33 posts
Authentic Member
- Interests:Fixing and Improving my computer performance.<br />To Learn more bout computers from other people knowledges.
Posted 14 May 2006 - 09:57 AM
Hmm thats pretty serious problem that needs a pretty serious solution.
Maybe your anti-virus wont work well or maybe its not strong.
I suggest instaling Panda Platinum Internet Security 2006
This anti-virus software is almost perfect for me coz I have a virus before that cant be deleted.
Its also detect all spyware from your computer and disinfect it..
It also blocked some trojans that trying to enter your computer..Even a DNS attacks..
Updating automatically so your not be disturb to update it manually...
I used many kind of anti-virus like Pcclin but only Panda works best....
If you wish to try it then you should :
1.) Download it at http://www.pandasoft...nload/Software/
2.) After that, Install it.. It will scan your machine for a while......
3.) After installation finished...Register now for a quick update of the software
4.) After you updated your panda, Have a Full System Scan because you already now have new signatures of virus..
5.) After scanning, youll see the results..I am sure that this could solve your problem.. The viruses Neutralized
Remember that when connecting to the internet, expect that the virus are everywhere.
Hope I could Help
Maybe your anti-virus wont work well or maybe its not strong.
I suggest instaling Panda Platinum Internet Security 2006
This anti-virus software is almost perfect for me coz I have a virus before that cant be deleted.
Its also detect all spyware from your computer and disinfect it..
It also blocked some trojans that trying to enter your computer..Even a DNS attacks..
Updating automatically so your not be disturb to update it manually...
I used many kind of anti-virus like Pcclin but only Panda works best....
If you wish to try it then you should :
1.) Download it at http://www.pandasoft...nload/Software/
2.) After that, Install it.. It will scan your machine for a while......
3.) After installation finished...Register now for a quick update of the software
4.) After you updated your panda, Have a Full System Scan because you already now have new signatures of virus..
5.) After scanning, youll see the results..I am sure that this could solve your problem.. The viruses Neutralized
Remember that when connecting to the internet, expect that the virus are everywhere.
Hope I could Help
#4
Siggyx
-
- Authentic Member
-
- 6,776 posts
SuperHelper
Posted 14 May 2006 - 04:26 PM
If you have not already the best thing to do is post a hijackthis log in this forum >>>> http://forums.tomcoy...hp?showforum=27
#5
jay_white_69
-
- Authentic Member
-
- 7 posts
New Member
Posted 20 May 2006 - 05:03 AM
Kinda a "catch-22".
There are a couple of reasons that argue in favor of you using HighJackThis! and submitting your log to the HighJackThis! forum here at TomCoyote.
I posted a log in there before I did this one, however didn't recieve any replies. I thought this was maybe because it wasn't a hijackhis! problem.
I know I can't post a log here as a main thread, but it's ok to post one in a sub thread right?
Here is my log, are you able to use these logs to identify problems? I would greatly appreciated any help.
Logfile of HijackThis v1.99.1
Scan saved at 11:40:20 PM, on 05/08/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\easy.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\WINDOWS\easy.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jamie\My Documents\Unzipped\hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [symwsc.exe] C:\asue.exe
O4 - HKLM\..\Run: [easyadvertisement] C:\WINDOWS\easy.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclu...elper/Nyoko.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1131038396024
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://207.226.177.98/gba1402.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: IEFilter - {CBEC448D-81B6-49CC-A972-7E502B31AE06} - C:\WINDOWS\system32\IEFilter.dll
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
(P.S. If you aren't allowed to post these logs even in subthreads, just let me know and I will delete it, if I can.)
#6
Siggyx
-
- Authentic Member
-
- 6,776 posts
SuperHelper
Posted 20 May 2006 - 10:16 AM
Step # 1
Please download and run CWShredder. Make sure that all browser windows are closed with the exception of Cwshredder and choose FIX.
http://www.majorgeek...7fd6b3ff02edc90
REBOOT
Step #2
Please download and run Spybot 1.4 & AdAware SE Then follow the instructions in the link below to run.
Spybot & Adaware Tutorial
REBOOT
Step # 3
Then do a virus scan here >>> Trend Micro
Step # 4
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files.
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
Then please run Ewido, and run a full scan. Save the logfile from the scan.
Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
Please download and run CWShredder. Make sure that all browser windows are closed with the exception of Cwshredder and choose FIX.
http://www.majorgeek...7fd6b3ff02edc90
REBOOT
Step #2
Please download and run Spybot 1.4 & AdAware SE Then follow the instructions in the link below to run.
Spybot & Adaware Tutorial
REBOOT
Step # 3
Then do a virus scan here >>> Trend Micro
Step # 4
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files.
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
Then please run Ewido, and run a full scan. Save the logfile from the scan.
Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
#7
jay_white_69
-
- Authentic Member
-
- 7 posts
New Member
Posted 23 May 2006 - 12:50 AM
Thanks a lot for the reply.
I did exactly as you said, and here are the new logs:
HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 7:43:17 AM, on 05/23/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Jamie\My Documents\Unzipped\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclu...elper/Nyoko.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1131038396024
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://207.226.177.98/gba1402.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: IEFilter - {CBEC448D-81B6-49CC-A972-7E502B31AE06} - IEFilter1.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 7:34:36 AM, 05/23/2006
+ Report-Checksum: 83C72837
+ Scan result:
HKLM\SOFTWARE\iGlobalMedia -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\Installer -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\upgrades -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\blackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\boardbabe -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\caribbeanpoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\coolbananas -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\funkychicken -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\games -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goannagold -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goldeneagle -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goldengopher -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\highlimitblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\hotroller -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\junglerumble -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\kenodll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\kookakeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\letitride -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\megaeuropeanroulette -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\metropolis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\multiplayerblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\multiplayerblackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\nextgenvpdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\piggypayback -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\pokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\roulettedll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\safecrackerkeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\silvercity -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\slotsdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\threecardpoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\tod -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vegasclub -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\videopokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerdw -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerjob -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerjp -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\upgrades -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\blackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\boardbabe -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\cashcruise -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\coolbananas -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\firedrake -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\flamingo -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\funkychicken -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\games -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldeneagle -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldengopher -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldenoasis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\highlimitblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\hotroller -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kangacash -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kenodll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kookakeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\letitride -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\magicmanslot -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\megaeuropeanroulette -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\metropolis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\multiplayerblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\multiplayerblackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\nextgenvpdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\piggypayback -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\pokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\roulettedll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\safecrackerkeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\silvercity -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\slotsdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superfortunewheel -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superjoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\supermystic -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superstar -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\sweethawaii -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\tod -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vegasclub -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\videopokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerdw -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerjob -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerjp -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckitalia -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckitalia\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\PSGuard.com -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard\License -> Adware.PSGuard : Cleaned with backup
HKLM\SOFTWARE\WinHound.com -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound\License -> Adware.WinHound : Cleaned with backup
C:\asue.exe -> Proxy.Agent.if : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\StartMenuAllUsers -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\StartMenuCurrentUser -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\BrowserObjects -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4cjczkhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4kod5mkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4qjazgao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4sodzako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4wpczaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkickczolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkickd5olp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkikod5kbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkioiazogo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiood5ako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwgazgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwjazgao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwpdjclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkoandzcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkocldjobq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkoogdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkosicpcdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkosmdjalq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkouodzobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyajdzaeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyegajsbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyghajwap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkykmd5acp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkykocpego.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyond5mao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyooczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyshc5cfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyuhcpobp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4cpazibo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4ekczibp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4elc5ihq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4qmcpwao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wflikiczgkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wflioidzmkp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfliqldzkcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfloqkajabq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfloqlajmco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmichcjeap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmieoajodo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyepdpako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyohd5mbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyqpcpgap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkicgajscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkienc5iaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkiooajwgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkiqhazcho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkisnajmao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkocmczckq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkouodzkko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkyemc5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkyukd5mhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkywnajoaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgl4agdjwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wglokoczoeq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wglyujdzeeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgmiagcpgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgmisoczgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjk4kpd5gao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkoegajofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkogncjeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkokgdzmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4gkcpmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4sod5afo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4ukc5sdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4uoazgep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4uoc5kdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4wpajgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlieldjehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjliggcpcaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlikiazsgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlikidpokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlioocpihp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjliqpajseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjloegcpgaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlogkazkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlogodzcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlosjcjkeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyagcjaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyahczgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyancjsfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyehdpgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyenc5elo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyqpd5ebq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlysgdjkbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyuidzido.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiahczalp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmigod5sgq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiogczwdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiolcpabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiooczodq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiuhd5meo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyandpgfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyckczogp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyejd5whp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyeodpalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmykhdpado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmykoczoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjnygoazgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Jamie\Local Settings\Temp\TempInstaller.exe -> Adware.Casino : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\DC\Finished\Poker.Tracker.v2.06.02.WinALL.Incl.Keymaker-CORE\CORE10k.EXE -> Dropper.Delf.np : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\DC\Finished\Poker.Tracker.v2.06.02.WinALL.Incl.Keymaker-CORE\pt2.exe -> Dropper.Delf.np : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\Programmes\Bet365.exe -> Adware.Casino : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\Unzipped\Football Manager 2006 trainer\Football Manager 2006 trainer.exe -> Hijacker.Delf.ea : Cleaned with backup
C:\Installer\starluckinstaller.exe -> Adware.Casino : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc75.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc78.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc79.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc80.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc81.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc82.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc83.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc84.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc86.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc87.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc88.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc89.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\suhe.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\bet365casino setup.exe -> Adware.Casino : Cleaned with backup
C:\WINDOWS\system32\arfcevdn.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\byifnjxg.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\jrto.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\mnhialc.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\oleext.dll -> Trojan.Small.ev : Cleaned with backup
C:\WINDOWS\system32\xibjkgev.exe -> Proxy.Agent.if : Cleaned with backup
::Report End
I did exactly as you said, and here are the new logs:
HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 7:43:17 AM, on 05/23/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Jamie\My Documents\Unzipped\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.medway.o...pts/webmail.cgi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclu...elper/Nyoko.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1131038396024
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://207.226.177.98/gba1402.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: IEFilter - {CBEC448D-81B6-49CC-A972-7E502B31AE06} - IEFilter1.dll (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 7:34:36 AM, 05/23/2006
+ Report-Checksum: 83C72837
+ Scan result:
HKLM\SOFTWARE\iGlobalMedia -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\Installer -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\upgrades -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\blackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\boardbabe -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\caribbeanpoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\coolbananas -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\funkychicken -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\games -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goannagold -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goldeneagle -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\goldengopher -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\highlimitblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\hotroller -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\junglerumble -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\kenodll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\kookakeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\letitride -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\megaeuropeanroulette -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\metropolis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\multiplayerblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\multiplayerblackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\nextgenvpdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\piggypayback -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\pokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\roulettedll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\safecrackerkeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\silvercity -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\slotsdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\threecardpoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\tod -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vegasclub -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\videopokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerdw -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerjob -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\planetluckcasino\casino\version\vpokerjp -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\upgrades -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\blackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\boardbabe -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\cashcruise -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\coolbananas -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\firedrake -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\flamingo -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\funkychicken -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\games -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldeneagle -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldengopher -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\goldenoasis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\highlimitblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\hotroller -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kangacash -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kenodll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\kookakeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\letitride -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\magicmanslot -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\megaeuropeanroulette -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\metropolis -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\multiplayerblackjack -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\multiplayerblackjackdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\nextgenvpdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\piggypayback -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\pokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\roulettedll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\safecrackerkeno -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\silvercity -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\slotsdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superfortunewheel -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superjoker -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\supermystic -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\superstar -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\sweethawaii -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\tod -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vegasclub -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\videopokerdll -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerdw -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerjob -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckcasino\casino\version\vpokerjp -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckitalia -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\iGlobalMedia\starluckitalia\casino -> Adware.AceClubCasino : Cleaned with backup
HKLM\SOFTWARE\PSGuard.com -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard -> Adware.PSGuard : Error during cleaning
HKLM\SOFTWARE\PSGuard.com\PSGuard\P.S.Guard\License -> Adware.PSGuard : Cleaned with backup
HKLM\SOFTWARE\WinHound.com -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound -> Adware.WinHound : Error during cleaning
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound\License -> Adware.WinHound : Cleaned with backup
C:\asue.exe -> Proxy.Agent.if : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\StartMenuAllUsers -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\Autorun\StartMenuCurrentUser -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Application Data\WinHound.com\WinHound\BrowserObjects -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4cjczkhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4kod5mkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4qjazgao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4sodzako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfk4wpczaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkickczolo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkickd5olp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkikod5kbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkioiazogo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiood5ako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwgazgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwjazgao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkiwpdjclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkoandzcko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkocldjobq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkoogdpobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkosicpcdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkosmdjalq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkouodzobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyajdzaeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyegajsbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyghajwap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkykmd5acp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkykocpego.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyond5mao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyooczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyshc5cfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfkyuhcpobp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4cpazibo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4ekczibp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4elc5ihq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfl4qmcpwao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wflikiczgkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wflioidzmkp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfliqldzkcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfloqkajabq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfloqlajmco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmichcjeap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmieoajodo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyepdpako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyohd5mbp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wfmyqpcpgap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkicgajscp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkienc5iaq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkiooajwgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkiqhazcho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkisnajmao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkocmczckq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkouodzkko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkyemc5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkyukd5mhq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgkywnajoaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgl4agdjwbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wglokoczoeq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wglyujdzeeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgmiagcpgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wgmisoczgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjk4kpd5gao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkoegajofp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkogncjeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjkokgdzmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4gkcpmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4sod5afo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4ukc5sdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4uoazgep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4uoc5kdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjl4wpajgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlieldjehp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjliggcpcaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlikiazsgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlikidpokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlioocpihp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjliqpajseo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjloegcpgaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlogkazkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlogodzcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlosjcjkeo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyagcjaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyahczgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyancjsfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyehdpgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyenc5elo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyqpd5ebq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlysgdjkbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjlyuidzido.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiahczalp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmigod5sgq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiogczwdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiolcpabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiooczodq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmiuhd5meo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyandpgfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyckczogp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyejd5whp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmyeodpalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmykhdpado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjmykoczoap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@e-2dj6wjnygoazgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@h.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@try.starware[1].txt -> TrackingCookie.Starware : Cleaned with backup
C:\Documents and Settings\Jamie\Cookies\jamie@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Jamie\Local Settings\Temp\TempInstaller.exe -> Adware.Casino : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\DC\Finished\Poker.Tracker.v2.06.02.WinALL.Incl.Keymaker-CORE\CORE10k.EXE -> Dropper.Delf.np : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\DC\Finished\Poker.Tracker.v2.06.02.WinALL.Incl.Keymaker-CORE\pt2.exe -> Dropper.Delf.np : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\Programmes\Bet365.exe -> Adware.Casino : Cleaned with backup
C:\Documents and Settings\Jamie\My Documents\Unzipped\Football Manager 2006 trainer\Football Manager 2006 trainer.exe -> Hijacker.Delf.ea : Cleaned with backup
C:\Installer\starluckinstaller.exe -> Adware.Casino : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc75.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc78.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc79.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc80.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc81.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc82.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc83.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc84.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc86.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc87.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc88.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\RECYCLER\S-1-5-21-1229272821-113007714-725345543-1003\Dc89.exe -> Dialer.GBDialer.d : Cleaned with backup
C:\suhe.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\bet365casino setup.exe -> Adware.Casino : Cleaned with backup
C:\WINDOWS\system32\arfcevdn.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\byifnjxg.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\jrto.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\mnhialc.exe -> Proxy.Agent.if : Cleaned with backup
C:\WINDOWS\system32\oleext.dll -> Trojan.Small.ev : Cleaned with backup
C:\WINDOWS\system32\xibjkgev.exe -> Proxy.Agent.if : Cleaned with backup
::Report End
Edited by jay_white_69, 23 May 2006 - 12:56 AM.
#8
Siggyx
-
- Authentic Member
-
- 6,776 posts
SuperHelper
Posted 23 May 2006 - 02:49 PM
Scan with hijackthis and put a check beside these lines and choose FIX
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://207.226.177.98/gba1402.exe
O21 - SSODL: IEFilter - {CBEC448D-81B6-49CC-A972-7E502B31AE06} - IEFilter1.dll (file missing)
Then reboot and post a new log please.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [rpcc] rpcc.exe
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://207.226.177.98/gba1402.exe
O21 - SSODL: IEFilter - {CBEC448D-81B6-49CC-A972-7E502B31AE06} - IEFilter1.dll (file missing)
Then reboot and post a new log please.
#9
jay_white_69
-
- Authentic Member
-
- 7 posts
New Member
Posted 23 May 2006 - 03:00 PM
Logfile of HijackThis v1.99.1
Scan saved at 9:57:21 PM, on 05/23/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Jamie\My Documents\Unzipped\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclu...elper/Nyoko.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1131038396024
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Service - Unknown owner - C:\WINDOWS\System32\Service.exe (file missing)
Scan saved at 9:57:21 PM, on 05/23/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Jamie\My Documents\Unzipped\hijackthis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\Windows Registry Repair Pro.exe -X
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {360E40AA-EE8B-4101-BA67-0CAD3F7A48DD} (Nyoko Downloader Class) - http://www.gamingclu...elper/Nyoko.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1131038396024
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Service - Unknown owner - C:\WINDOWS\System32\Service.exe (file missing)
#10
Siggyx
-
- Authentic Member
-
- 6,776 posts
SuperHelper
Posted 23 May 2006 - 03:09 PM
Looking better
Please do an online scan with Kaspersky Online Scanner
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
Please do an online scan with Kaspersky Online Scanner
You will be promted to install an ActiveX component from Kaspersky, Click Yes.
- The program will launch and then start to download the latest definition files.
- Once the scanner is installed and the definitions downloaded, click Next.
- Now click on Scan Settings
- In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Extended (If available otherwise Standard)
- Scan Options:
- Scan Archives
- Scan Mail Bases
- Scan using the following Anti-Virus database:
- Click OK
- Now under select a target to scan select My Computer
- The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
- Save the file to your desktop.
- Copy and paste that information in your next post as well as a bew hijackthis log please.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
