Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93105 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

my computer sends spam email

Started by notsniw , Jan 02 2008 04:22 PM

  • This topic is locked This topic is locked
No replies to this topic

#1 notsniw

notsniw

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 02 January 2008 - 04:22 PM

Hi...

I am infected with a spamware or malware, which sends spam email from my computer.
I get suspicious because when I connect my pc to internet, I receive returned mail reports
from many postmasters, mail administrators, subject "returned mail etc". I am receiving
150-200 emails per hour, which are all "returned mail" .

I request your help to solve my problem,

Below :

1- HJT log before AVG scan in safe mode,
2- AVG report
3- HJT log after AVG scan

Thank you for your help.

Here they come:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:27, on 02.01.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Network Associates\VirusScan\McaUpdate.exe
C:\WINDOWS\etMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....cid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 89.149.232.87 www.sharebus.com #27.09.2007
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [McaFee virus detect program.] c:\Program Files\Network Associates\VirusScan\McaUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D88A762-9BE5-436D-A510-850D003AAB3F}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA8838B-7A33-4DE8-ACDF-A03E9BC1FBCD}: NameServer = 4.2.2.1,4.2.2.2
O18 - Protocol: ezpp - {810403FA-E82E-11D5-8AAB-0010A404A3DE} - C:\WINDOWS\system32\EZTOOL~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9755 bytes

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 23:59:07 02.01.2008

+ Scan result:



C:\Documents and Settings\IBM\Desktop\Desktop\program arşivi\programs\Advanced_Email_Extractor_All_Versions.zip/AEE All versions.exe -> Dropper.Lomaka : No action taken.
C:\Program Files\Radmin\AdmDll.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : No action taken.
C:\Program Files\Radmin\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : No action taken.
C:\WINDOWS\system32\admdll.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : No action taken.
C:\Program Files\Radmin\r_server.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.21 : No action taken.
C:\Program Files\Radmin\radmin.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.21 : No action taken.
C:\WINDOWS\system32\r_server.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.21 : No action taken.
:mozilla.118:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.119:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.121:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.122:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.123:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.124:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.125:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.126:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.383:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.574:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.665:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.10:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.11:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.22:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.23:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.24:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.25:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.26:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.27:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.28:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.29:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.30:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.31:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.49:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.6:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.7:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.8:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.9:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.456:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.457:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.459:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.460:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.461:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.187:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.422:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Billboard : No action taken.
:mozilla.624:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.625:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.325:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.326:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.327:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.328:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.329:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.359:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.401:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.406:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.407:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.331:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.332:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.333:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.225:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.396:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.397:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.232:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.233:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.234:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.235:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.236:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.432:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.477:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.841:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.139:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.140:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.141:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.750:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.751:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.752:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.800:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.807:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.808:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Hitbox : No action taken.
:mozilla.611:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Information : No action taken.
:mozilla.741:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.742:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.663:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.664:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.452:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.455:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.641:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.642:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Overture : No action taken.
:mozilla.203:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.204:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Qksrv : No action taken.
:mozilla.294:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Real : No action taken.
:mozilla.295:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Real : No action taken.
:mozilla.298:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Real : No action taken.
:mozilla.418:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Real : No action taken.
:mozilla.419:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Real : No action taken.
:mozilla.188:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.58:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.59:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Realmedia : No action taken.
:mozilla.612:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.307:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.310:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.597:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.598:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.600:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.601:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.602:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Revsci : No action taken.
:mozilla.370:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.371:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.372:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.373:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.374:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.375:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.376:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.294:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.295:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.392:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.844:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.845:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.287:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Skype : No action taken.
:mozilla.299:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Skype : No action taken.
:mozilla.142:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.143:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.144:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.145:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.146:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.147:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.148:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.149:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.150:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.151:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.152:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.153:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.154:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.155:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.156:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.157:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.158:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.159:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.160:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.210:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.211:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.212:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.213:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.174:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.179:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.180:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.181:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.182:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.183:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.184:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.185:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.186:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Trafficmp : No action taken.
:mozilla.630:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.263:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Webtrends : No action taken.
:mozilla.603:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.360:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies.txt -> TrackingCookie.Yadro : No action taken.
:mozilla.50:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.51:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.52:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.53:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.54:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.55:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.56:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.57:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.765:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.766:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.767:C:\Documents and Settings\IBM\Application Data\Mozilla\Firefox\Profiles\cyofbh3s.default\cookies-1.txt -> TrackingCookie.Zedo : No action taken.


::Report end

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:09:30, on 03.01.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\McaUpdate.exe
C:\WINDOWS\etMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....cid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O1 - Hosts: 89.149.232.87 www.sharebus.com #27.09.2007
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [etMonitor] C:\WINDOWS\etMon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [McaFee virus detect program.] c:\Program Files\Network Associates\VirusScan\McaUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Advanced Email Extractor - {AFA7DB99-3E4D-4396-94F8-B0B135BCB472} - res://C:\Program%20Files\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html (file missing) (HKCU)
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D88A762-9BE5-436D-A510-850D003AAB3F}: NameServer = 4.2.2.5,4.2.2.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA8838B-7A33-4DE8-ACDF-A03E9BC1FBCD}: NameServer = 4.2.2.1,4.2.2.2
O18 - Protocol: ezpp - {810403FA-E82E-11D5-8AAB-0010A404A3DE} - C:\WINDOWS\system32\EZTOOL~1.DLL
O22 - SharedTaskScheduler: IE Component Categories cache daemon - {553858A7-4922-4e7e-B1C1-97140C1C16EF} - C:\WINDOWS\system32\ieframe.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 9720 bytes

    Advertisements

Register to Remove

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·