WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Virus-i Need Someone To Check!
Started by
B3NV3NUT0
, Aug 13 2007 02:21 PM
-
This topic is locked
5 replies to this topic
#1
B3NV3NUT0
-
- Authentic Member
-
- 6 posts
New Member
Posted 13 August 2007 - 02:21 PM
Register to Remove
#2
B3NV3NUT0
-
- Authentic Member
-
- 6 posts
New Member
Posted 13 August 2007 - 02:24 PM
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/12/2007 at 07:48 PM
Application Version : 3.9.1008
Core Rules Database Version : 3284
Trace Rules Database Version: 1295
Scan type : Complete Scan
Total Scan Time : 01:41:51
Memory items scanned : 469
Memory threats detected : 1
Registry items scanned : 9131
Registry threats detected : 13
File items scanned : 127652
File threats detected : 235
Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINXTM32.DLL
C:\WINDOWS\SYSTEM32\WINXTM32.DLL
Unclassified.SpywareBot (Not A Threat)
[SpywareBot] C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
HKU\S-1-5-21-1128231962-1286236205-4032908209-1013\Software\SpywareBot
C:\Program Files\SpywareBot\Databases\Spy.ref
C:\Program Files\SpywareBot\Databases
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.amd64.sys
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.cat
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.inf
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.x86.sys
C:\Program Files\SpywareBot\FilterDrv
C:\Program Files\SpywareBot\Launcher.exe
C:\Program Files\SpywareBot\Log\2007 Aug 08 - 11_14_56 AM.log
C:\Program Files\SpywareBot\Log
C:\Program Files\SpywareBot\Microsoft.VC80.ATL\atl80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.ATL
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT
C:\Program Files\SpywareBot\SpyCleaner.plg.dll
C:\Program Files\SpywareBot\SpywareBot.url
C:\Program Files\SpywareBot\SpywareBotSrv.srv.exe
C:\Program Files\SpywareBot\vistaCPtasks.xml
C:\Program Files\SpywareBot
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot
C:\WINDOWS\Prefetch\LAUNCHER.EXE-199899CD.pf
C:\WINDOWS\Prefetch\SPYWAREBOT.EXE-28EB75DE.pf
C:\WINDOWS\Prefetch\SPYWAREBOTSRV.SRV.EXE-0CCDCC99.pf
Trojan.Downloader-Win/GHY
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\winxtm32
Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR
HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd
HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#Data
HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST
Adware.Tracking Cookie
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@247realmedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@a.tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ad.yieldmanager[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adbrite[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adcentriconline[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adecn[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adlegend[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adopt.specificclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.mouseplanet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.pointroll[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.vertmarkets[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@anad.tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@atdmt[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@atwola[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@bluestreak[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@casalemedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@doubleclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@fastclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@h.starware[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@highbeam.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@media.fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@mediaplex[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@msnportal.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@revsci[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@sexytang33.spaces.live[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@stat.onestat[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@statcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@stats1.reliablestats[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@statse.webtrendslive[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@try.starware[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@www.burstnet[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@zedo[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@247realmedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@88clicks[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adcentriconline[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adinterax[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adknowledge[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adopt.hbmediapro[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adopt.specificclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adrevolver[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.addynamix[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.contactmusic[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.jackpot[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.pointroll[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.thestar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.uproar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adultfriendfinder[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adultrevenueservice[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@advert.travlang[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@anad.tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@apmebf[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@as-us.falkag[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@atdmt[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@atwola[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@azjmp[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@banner[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@belnk[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bizrate[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bluestreak[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bs.serving-sys[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@c.enhance[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@casalemedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cbs.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@chumtv.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@clicks.jackpot[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@clicks.uproar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter.auctionworks[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter13.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter15.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter2.hitslink[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter6.sextracker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter7.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter9.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cs.sexcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cz5.clickzs[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@data1.perf.overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@data4.perf.overture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@dist.belnk[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@dnsstuff.adbureau[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@doubleclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wfkigpczabo.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wfloqndpiep.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wgkyagdjkcq.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6whk4kkd5kcp.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wjkoqkdjmep.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wjmyehajgbo.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@edge.ru4[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-atariinc.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-bestbuy.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-corusentertainment.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-inforspaceinc.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-learningco.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-tigerdirect2.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-topps.hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg.hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@fortunecity[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@goclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@hc2.humanclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@i.screensavers[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@image.masterstats[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@indexstats[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@leadgenetwork[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@linksynergy[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@lov.valueclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mailtrack.rnm[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@maxserving[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media.fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media101.sitebrand[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media3.sitebrand[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mediaplex[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@metareward[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@myfirstsexteacher[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mywebsearch[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@nbcuniversal.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@nextag[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ostg.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partners.webmasterplan[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partygaming.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partypoker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@paycounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@perf.overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@qksrv[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@questionmarket[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@rb4.worldsex[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@realmedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@revenue[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@roiservice[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@servedby.advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@server.cpmstar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@server.iad.liveperson[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@serving-sys[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sexlist[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sextracker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@starware[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@stat.onestat[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@statcounter[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@statse.webtrendslive[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sunporno.axelsfun[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@targetnet[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@thebigo.inadult[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@toplist[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tracking.g3x[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@trafficmp[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tripod[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tsn.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@valueclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@valueclick[3].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@web4.realtracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@windowsmedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ww3.shoshkeles[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.burstbeacon[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.screensavers[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.xxx69[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@xiti[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@xxxcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@z1.adserver[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@zedo[1].txt
Adware.MyWebSearch
C:\DOCUMENTS AND SETTINGS\USER\DESKTOP\BACKUP\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSOEMON.EXE
Background Agent Application by Broderbund Software
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
Trace.Known Threat Sources
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Temporary Internet Files\Content.IE5\H9GEBFHD\lc[1].js
http://www.superantispyware.com
Generated 09/12/2007 at 07:48 PM
Application Version : 3.9.1008
Core Rules Database Version : 3284
Trace Rules Database Version: 1295
Scan type : Complete Scan
Total Scan Time : 01:41:51
Memory items scanned : 469
Memory threats detected : 1
Registry items scanned : 9131
Registry threats detected : 13
File items scanned : 127652
File threats detected : 235
Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINXTM32.DLL
C:\WINDOWS\SYSTEM32\WINXTM32.DLL
Unclassified.SpywareBot (Not A Threat)
[SpywareBot] C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
C:\PROGRAM FILES\SPYWAREBOT\SPYWAREBOT.EXE
HKU\S-1-5-21-1128231962-1286236205-4032908209-1013\Software\SpywareBot
C:\Program Files\SpywareBot\Databases\Spy.ref
C:\Program Files\SpywareBot\Databases
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.amd64.sys
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.cat
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.inf
C:\Program Files\SpywareBot\FilterDrv\antispyfilter.x86.sys
C:\Program Files\SpywareBot\FilterDrv
C:\Program Files\SpywareBot\Launcher.exe
C:\Program Files\SpywareBot\Log\2007 Aug 08 - 11_14_56 AM.log
C:\Program Files\SpywareBot\Log
C:\Program Files\SpywareBot\Microsoft.VC80.ATL\atl80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.ATL\Microsoft.VC80.ATL.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.ATL
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcp80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT\msvcr80.dll
C:\Program Files\SpywareBot\Microsoft.VC80.CRT
C:\Program Files\SpywareBot\SpyCleaner.plg.dll
C:\Program Files\SpywareBot\SpywareBot.url
C:\Program Files\SpywareBot\SpywareBotSrv.srv.exe
C:\Program Files\SpywareBot\vistaCPtasks.xml
C:\Program Files\SpywareBot
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot on the Web.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot\SpywareBot.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\SpywareBot
C:\WINDOWS\Prefetch\LAUNCHER.EXE-199899CD.pf
C:\WINDOWS\Prefetch\SPYWAREBOT.EXE-28EB75DE.pf
C:\WINDOWS\Prefetch\SPYWAREBOTSRV.SRV.EXE-0CCDCC99.pf
Trojan.Downloader-Win/GHY
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\winxtm32
Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR
HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd
HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#Data
HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST
Adware.Tracking Cookie
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@247realmedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@a.tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ad.yieldmanager[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adbrite[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adcentriconline[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adecn[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adlegend[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@adopt.specificclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.mouseplanet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.pointroll[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@ads.vertmarkets[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@anad.tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@atdmt[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@atwola[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@bluestreak[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@casalemedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@doubleclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@fastclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@h.starware[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@highbeam.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@media.fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@mediaplex[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@msnportal.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@revsci[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@sexytang33.spaces.live[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@stat.onestat[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@statcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@stats1.reliablestats[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@statse.webtrendslive[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@try.starware[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@www.burstnet[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Cookies\user@zedo[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@247realmedia[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@88clicks[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adcentriconline[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adinterax[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adknowledge[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adopt.hbmediapro[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adopt.specificclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adrevolver[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.addynamix[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.contactmusic[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.jackpot[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.pointroll[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.thestar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ads.uproar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adultfriendfinder[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@adultrevenueservice[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@advert.travlang[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@anad.tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@apmebf[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@as-us.falkag[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@atdmt[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@atwola[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@azjmp[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@banner[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@belnk[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bizrate[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bluestreak[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@bs.serving-sys[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@c.enhance[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@casalemedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cbs.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@chumtv.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@clicks.jackpot[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@clicks.uproar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter.auctionworks[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter13.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter15.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter2.hitslink[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter6.sextracker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter7.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@counter9.sextracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cs.sexcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@cz5.clickzs[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@data1.perf.overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@data4.perf.overture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@dist.belnk[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@dnsstuff.adbureau[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@doubleclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wfkigpczabo.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wfloqndpiep.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wgkyagdjkcq.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6whk4kkd5kcp.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wjkoqkdjmep.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@e-2dj6wjmyehajgbo.stats.esomniture[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@edge.ru4[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-atariinc.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-bestbuy.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-corusentertainment.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-inforspaceinc.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-learningco.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-tigerdirect2.hitbox[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg-topps.hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ehg.hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@fortunecity[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@goclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@hc2.humanclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@hitbox[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@i.screensavers[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@image.masterstats[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@indexstats[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@leadgenetwork[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@linksynergy[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@lov.valueclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mailtrack.rnm[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@maxserving[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media.fastclick[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media101.sitebrand[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@media3.sitebrand[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mediaplex[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@metareward[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@myfirstsexteacher[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@mywebsearch[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@nbcuniversal.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@nextag[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ostg.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partners.webmasterplan[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partygaming.122.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@partypoker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@paycounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@perf.overture[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@qksrv[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@questionmarket[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@rb4.worldsex[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@realmedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@revenue[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@roiservice[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@servedby.advertising[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@server.cpmstar[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@server.iad.liveperson[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@serving-sys[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sexlist[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sextracker[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@starware[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@stat.onestat[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@statcounter[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@statse.webtrendslive[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@sunporno.axelsfun[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tacoda[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@targetnet[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@thebigo.inadult[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@toplist[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tracking.g3x[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@trafficmp[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tribalfusion[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tripod[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@tsn.112.2o7[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@valueclick[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@valueclick[3].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@web4.realtracker[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@windowsmedia[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@ww3.shoshkeles[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.burstbeacon[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.burstnet[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.screensavers[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@www.xxx69[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@xiti[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@xxxcounter[2].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@z1.adserver[1].txt
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Cookies\user@zedo[1].txt
Adware.MyWebSearch
C:\DOCUMENTS AND SETTINGS\USER\DESKTOP\BACKUP\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSOEMON.EXE
Background Agent Application by Broderbund Software
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
Trace.Known Threat Sources
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Local Settings\Temp\Temporary Internet Files\Content.IE5\H9GEBFHD\lc[1].js
Edited by B3NV3NUT0, 13 August 2007 - 02:25 PM.
#3
B3NV3NUT0
-
- Authentic Member
-
- 6 posts
New Member
Posted 13 August 2007 - 02:26 PM
SDFix: Version 1.98
Run by user on Wed 09/12/2007 at 04:53 PM
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\MSPNT3~1.DLL - Deleted
C:\Documents and Settings\user\Local Settings\Temp\win564C.tmp.exe - Deleted
C:\WINDOWS\avp.exe - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Kingpin\\kingpin.exe"="C:\\Program Files\\Kingpin\\kingpin.exe:*:Enabled:kingpin"
"C:\\Program Files\\Kingpin\\hl.exe"="C:\\Program Files\\Kingpin\\hl.exe:*:Enabled:hl"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\user\\Desktop\\kingpinfp.exe"="C:\\Documents and Settings\\user\\Desktop\\kingpinfp.exe:*:Enabled:kingpinfp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files:
---------------
Backups Folder: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes:
C:\Documents and Settings\user\Desktop\backup\Program Files\DssEvolution.com\KeyRipper\Setup.exe
C:\Documents and Settings\user\Desktop\backup\Program Files\DssEvolution.com\KeyRipper\Setup.ini
C:\Documents and Settings\user\Desktop\backup\Program Files\Uninstall Information\IE40.Comctl32\AINF0000
C:\Documents and Settings\user\Desktop\backup\Documents and Settings\user\Desktop\BackUp Files\Nathan JumpDrive\PocketCache Trial Version\BackupRestoreBus.dll
C:\Documents and Settings\user\Desktop\backup\Program Files\Accessories\mspcx32.dll
C:\Documents and Settings\user\Desktop\backup\Program Files\Uninstall Information\mshtml.DllReg\AINF0000
C:\Documents and Settings\user\Desktop\backup\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe
C:\Documents and Settings\user\Desktop\backup\Program Files\DssEvolution.com\KeyRipper\Setup.exe
C:\redir.sys
C:\WINDOWS\page files\maxmeg.sys
C:\Documents and Settings\All Users\Application Data\Microsoft\VisualStudio\7.1\vs000223.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp
Finished
#4
B3NV3NUT0
-
- Authentic Member
-
- 6 posts
New Member
Posted 13 August 2007 - 02:27 PM
Final HiJackThis Log....after i did the spyware and sdfix scan
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:01:09 PM, on 9/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [mwc] C:\Program Files\Mouse Wheel Control\MWC.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZKxdm022YYCA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00000005-0000-0000-0000-100011000004} - http://c.imputati.co...71b02fa2_35.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx...owserPlugin.cab
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} (NetCamPlayerWeb11gv2 Control) - http://192.168.1.200...yerWeb11gv2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS1\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS2\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS3\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 9211 bytes
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:01:09 PM, on 9/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Eraser\eraser.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [MMTray] MMTray.exe
O4 - HKLM\..\Run: [mwc] C:\Program Files\Mouse Wheel Control\MWC.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\eraser.exe -hide
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZKxdm022YYCA
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {00000005-0000-0000-0000-100011000004} - http://c.imputati.co...71b02fa2_35.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx...owserPlugin.cab
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} (NetCamPlayerWeb11gv2 Control) - http://192.168.1.200...yerWeb11gv2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS1\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS2\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O17 - HKLM\System\CS3\Services\Tcpip\..\{05A3B52C-5571-45FC-9CF6-95B627E90634}: NameServer = 64.59.176.13,64.59.176.15
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
--
End of file - 9211 bytes
#5
B3NV3NUT0
-
- Authentic Member
-
- 6 posts
New Member
Posted 13 August 2007 - 02:29 PM
If anyone can check these logs and see if everything is clean or have another alternative/ program too fix my computer....thnx to anyone who has read my logs...much appreciated!!!!!!!! 
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
