Jump to content

svajunas

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

Reputation

0 Neutral

Contact Methods

  • ICQ
    0
  • Yahoo
    svajunasxp@yahoo.com

Profile Information

  • Location
    Lithuania
  1. svajunas
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:09:00, on 2008.01.15 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [bM7b60f704] Rundll32.exe "C:\WINDOWS\system32\kopjjata.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 6596 bytes And one more thing When I try to play games or work with microsoft office programs my comp forzes after 45 min what should I do ???
  2. svajunas
    My computer start a little faster but not so fast I have to wait about ~1min to start SdFix log_____-----''''''----_____-----'''''''-------- SDFix: Version 1.126 Run by Virgis on 2008.01.14 at 13:41 Microsoft Windows XP [Version 5.1.2600] Running From: C:\DOCUME~1\Virgis\Desktop\UNUSED~1\Antivir\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\WINDOWS\system32\inst.dat - Deleted C:\WINDOWS\system32\web.dat - Deleted Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-14 13:51:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:88cee10d "s2"=dword:09a0785a "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:db,c4,fd,6c,a7,8d,e0,6d,19,82,86,de,75,92,0a,00,ad,21,56,9d,55,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,e8,5c,8c,17,d9,c7,72,24,70,ec,96,b3,8c,ef,83,f5,ee,.. "khjeh"=hex:1d,c6,e8,bd,0c,af,11,97,72,21,00,a9,ea,ad,d5,4f,27,e4,d7,6d,c7,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:64,62,02,00,38,52,40,00,c8,4d,40,00,d0,ff,ff,ff,76,6b,15,00,10,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:db,c4,fd,6c,a7,8d,e0,6d,19,82,86,de,75,92,0a,00,ad,21,56,9d,55,.. "p0"="C:\Program Files\DAEMON Tools\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,e8,5c,8c,17,d9,c7,72,24,70,ec,96,b3,8c,ef,83,f5,ee,.. "khjeh"=hex:1d,c6,e8,bd,0c,af,11,97,72,21,00,a9,ea,ad,d5,4f,27,e4,d7,6d,c7,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:64,62,02,00,48,58,2b,00,00,00,00,00,d8,ff,ff,ff,76,6b,0a,00,30,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\E\1+\1#\1 ] "SlowInfoCache"=hex:28,02,00,00,01,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,6e,00,25,4c,69,.. "Changed"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7091574B-11EC-951E-7535-2909270440C5}] "oafgldnnfhfbnfhkaiencofcgngcpl"=hex:6b,61,63,62,6c,6e,62,66,6b,64,6b,6c,67,63,66,64,6f,66,67,6d,6e,.. "nalgjllpoehokafgpgkdfgpagpdk"=hex:6b,61,63,62,6c,6e,62,66,6b,64,6b,6c,67,63,66,64,6f,66,67,6d,6e,.. scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Disabled:Firefox" "D:\\Svajuno\\Warzone 2100\\warzone.exe"="D:\\Svajuno\\Warzone 2100\\warzone.exe:*:Disabled:warzone" "C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"="C:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe:*:Disabled:CrazyTalk" "C:\\Documents and Settings\\Virgis\\Desktop\\lancraft101b\\lancraft.exe"="C:\\Documents and Settings\\Virgis\\Desktop\\lancraft101b\\lancraft.exe:*:Disabled:lancraft" "D:\\Reikalinga\\New Folder\\game.dat"="D:\\Reikalinga\\New Folder\\game.dat:*:Enabled:The Battle for Middle-earth II" "D:\\Reikalinga\\New Folder\\patchget.dat"="D:\\Reikalinga\\New Folder\\patchget.dat:*:Disabled:patchgrabber" "C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\game.dat"="C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\game.dat:*:Enabled:The Battle for Middle-earth II" "C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\patchget.dat"="C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\patchget.dat:*:Disabled:patchgrabber" "C:\\WINDOWS\\system32\\dxdiag.exe"="C:\\WINDOWS\\system32\\dxdiag.exe:*:Disabled:Microsoft DirectX Diagnostic Tool" "C:\\WINDOWS\\system32\\dpnsvr.exe"="C:\\WINDOWS\\system32\\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server" "C:\\Documents and Settings\\Virgis\\Desktop\\wowclient-downloader.exe"="C:\\Documents and Settings\\Virgis\\Desktop\\wowclient-downloader.exe:*:Disabled:Blizzard Downloader" "D:\\Svajuno\\LimeWire\\LimeWire.exe"="D:\\Svajuno\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "D:\\Svajuno\\DOGAS\\cstrike.exe"="D:\\Svajuno\\DOGAS\\cstrike.exe:*:Enabled:XTCS Counter-Strike 1.6 Final Release" "C:\\DOCUME~1\\Virgis\\LOCALS~1\\Temp\\win11B.tmp.exe"="C:\\DOCUME~1\\Virgis\\LOCALS~1\\Temp\\win11B.tmp.exe:*:Enabled:win11B.tmp" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "D:\\Svajuno\\cs 1.6\\hl.exe"="D:\\Svajuno\\cs 1.6\\hl.exe:*:Disabled:Half-Life Launcher" "D:\\Svajuno\\cs 1.6\\hlds.exe"="D:\\Svajuno\\cs 1.6\\hlds.exe:*:Disabled:HLDS Launcher" "C:\\WINDOWS\\Temp\\NavBrowser.exe"="C:\\WINDOWS\\Temp\\NavBrowser.exe:*:Enabled:NAVBrowser" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Documents and Settings\\Virgis\\Desktop\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe"="C:\\Documents and Settings\\Virgis\\Desktop\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe:*:Enabled:LDC++" "C:\\Documents and Settings\\Virgis\\Desktop\\Unused Desktop Shortcuts\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe"="C:\\Documents and Settings\\Virgis\\Desktop\\Unused Desktop Shortcuts\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe:*:Enabled:LDC++" "C:\\Documents and Settings\\Virgis\\Desktop\\utorrent(2).exe"="C:\\Documents and Settings\\Virgis\\Desktop\\utorrent(2).exe:*:Disabled:ęTorrent" "C:\\Documents and Settings\\Virgis\\Desktop\\bc.exe"="C:\\Documents and Settings\\Virgis\\Desktop\\bc.exe:*:Disabled:bc" "D:\\Svajuno\\wow\\World of Warcraft\\WoW-2.1.0-enUS-downloader.exe"="D:\\Svajuno\\wow\\World of Warcraft\\WoW-2.1.0-enUS-downloader.exe:*:Disabled:Blizzard Downloader" "D:\\Svajuno\\Command and conquer\\RetailExe\\1.0\\cnc3game.dat"="D:\\Svajuno\\Command and conquer\\RetailExe\\1.0\\cnc3game.dat:*:Disabled:Command & Conquer 3 Tiberium Wars" "D:\\Svajuno\\Diablo II\\Diablo II.exe"="D:\\Svajuno\\Diablo II\\Diablo II.exe:*:Disabled:Diablo II - Lord of Destruction" "C:\\Program Files\\FlashFXP\\flashfxp.exe"="C:\\Program Files\\FlashFXP\\flashfxp.exe:*:Disabled:FlashFXP v3" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Disabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Disabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Disabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Disabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Disabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Disabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Disabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Disabled:hpqnrs08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Disabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Disabled:hpqste08.exe" "D:\\Muzika \\muzika\\zaidimai\\L2ParadiseAutoUpdater\\system\\l2.exe"="D:\\Muzika B)\\muzika\\zaidimai\\L2ParadiseAutoUpdater\\system\\l2.exe:*:Disabled:L2" "D:\\Svajuno\\Warcraft III\\Warcraft III.exe"="D:\\Svajuno\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III" "D:\\Svajuno\\Warcraft III\\War3.exe"="D:\\Svajuno\\Warcraft III\\War3.exe:*:Enabled:Warcraft III" "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:ęTorrent" "D:\\Svajuno\\LOTR\\game.dat"="D:\\Svajuno\\LOTR\\game.dat:*:Enabled:***FATAL*** String Manager failed to initialized properly" "C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\game.dat"="C:\\Program Files\\Electronic Arts\\The Battle for Middle-earth II\\game.dat:*:Enabled:The Battle for Middle-earth II" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\\Svajuno\\RatioMaster175\\RatioMaster.exe"="D:\\Svajuno\\RatioMaster175\\RatioMaster.exe:*:Enabled:Ratio Master" "C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\GGclient.exe"="C:\\Program Files\\Ocean Technology\\GG E-Sports Platform\\GGclient.exe:*:Enabled:GG E-Sports Platform Client" "D:\\World of Warcraft\\WoW-2.3.0-enUS-downloader.exe"="D:\\World of Warcraft\\WoW-2.3.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\FlashFXP\\flashfxp.exe"="C:\\Program Files\\FlashFXP\\flashfxp.exe:*:Enabled:FlashFXP v3" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" Remaining Files: --------------- File Backups: - C:\DOCUME~1\Virgis\Desktop\UNUSED~1\Antivir\SDFix\backups\backups.zip Files with Hidden Attributes: Sat 3 Apr 2004 4,722,688 A..H. --- "C:\ADCD\ADBCD.EXE" Tue 10 Oct 2006 897,744 A..H. --- "C:\ADCD\SCAPIInterface.DLL" Sun 18 Feb 2007 335,465 A.SH. --- "C:\WINDOWS\system32\onnmp.tmp" Sun 11 Feb 2007 494,268 A.SH. --- "C:\WINDOWS\system32\onnmp.bak1" Sun 18 Feb 2007 492,287 A.SH. --- "C:\WINDOWS\system32\onnmp.bak2" Mon 9 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Thu 15 Nov 2007 888 ...HR --- "C:\Documents and Settings\Virgis\Application Data\SecuROM\UserData\securom_v7_01.bak" Finished! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:08:50, on 2008.01.14 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\filfkxib.dll",b O4 - HKLM\..\Run: [bM7b60f704] Rundll32.exe "C:\WINDOWS\system32\aklmfpmc.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 6752 bytes
  3. svajunas
    VundoFix V6.7.7 Checking Java version... Scan started at 18:28:04 2008.01.12 Listing files found while scanning.... C:\WINDOWS\system32\dmawodhg.dll C:\WINDOWS\system32\yqtppxul.dll C:\WINDOWS\system32\jjllm.ini C:\WINDOWS\system32\jjllm.ini2 C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\kkbhwyqj.dll C:\WINDOWS\system32\lfqjkpwb.dll C:\WINDOWS\system32\mdeflneg.dll C:\WINDOWS\system32\mlljj.dll C:\WINDOWS\system32\qscawxdk.dll C:\WINDOWS\system32\rolmyxiv.dll C:\WINDOWS\system32\tooapamw.dll C:\WINDOWS\system32\ubsgqatb.dll C:\WINDOWS\system32\vbnektnv.dll C:\WINDOWS\system32\vuytiwai.dll C:\WINDOWS\system32\xmraooyi.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\dmawodhg.dll C:\WINDOWS\system32\dmawodhg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yqtppxul.dll C:\WINDOWS\system32\yqtppxul.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jjllm.ini C:\WINDOWS\system32\jjllm.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\jjllm.ini2 C:\WINDOWS\system32\jjllm.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\kkbhwyqj.dll C:\WINDOWS\system32\kkbhwyqj.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\lfqjkpwb.dll C:\WINDOWS\system32\lfqjkpwb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\mdeflneg.dll C:\WINDOWS\system32\mdeflneg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\mlljj.dll C:\WINDOWS\system32\mlljj.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\qscawxdk.dll C:\WINDOWS\system32\qscawxdk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rolmyxiv.dll C:\WINDOWS\system32\rolmyxiv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tooapamw.dll C:\WINDOWS\system32\tooapamw.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ubsgqatb.dll C:\WINDOWS\system32\ubsgqatb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vbnektnv.dll C:\WINDOWS\system32\vbnektnv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vuytiwai.dll C:\WINDOWS\system32\vuytiwai.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xmraooyi.dll C:\WINDOWS\system32\xmraooyi.dll Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Performing Repairs to the registry. Done! ________________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:25:52, on 2008.01.13 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\filfkxib.dll",b O4 - HKLM\..\Run: [bM7b60f704] Rundll32.exe "C:\WINDOWS\system32\vuytiwai.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - ?p=ZNfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 6771 bytes __________________________________________________________________
  4. svajunas
    I couldn't find burn 4 free toolbar in hjt log and I couldn't find this ignysiybo.dll",b too but I found this one HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\jxqiaebj.dll",b
  5. svajunas
    Today my nod32 found this adware.ezula.application how did this thing get to my computer?? And here my HJT log B) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:43:38, on 2007.12.31 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\iqnysybo.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - ?p=ZNfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 8028 bytes
  6. svajunas
    I did that already you told me to do this in 5 post and I downloaded the newest java veresion. smitrifroud rapport ________________________________________________________________________________ _____________________ SmitFraudFix v2.274 Scan done at 20:06:39,39, 2007.12.30 Run from C:\Documents and Settings\Virgis\Desktop\Unused Desktop Shortcuts\Antivir\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode
  7. svajunas
    Start Time= 2007.12.30 12:41:47,84 QuickScan did not find any signs of infected files (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-12-30 11:03:58 3072 ( A.... ) "C:\Program Files\FarStone\VDPPro\FSCFL.Sys" 2007-12-29 23:19:34 4544 ( A.... ) "C:\WINDOWS\system32\tmp.reg" 2007-12-29 13:17:28 328192 ( A.... ) "C:\WINDOWS\system32\mlljj.dll" 2007-12-28 15:18:12 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\Grisoft" 2007-12-28 15:17:30 ( .D... ) "C:\Program Files\Grisoft" 2007-12-28 15:04:44 ( .D... ) "C:\Program Files\Spybot - Search & Destroy" 2007-12-21 17:48:24 ( .D... ) "C:\Program Files\Trend Micro" 2007-12-20 23:11:52 81920 ( A.... ) "C:\WINDOWS\system32\IEDFix.exe" 2007-12-17 21:52:02 ( .D... ) "C:\Program Files\BFG" 2007-12-17 18:35:44 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\GameHouse" 2007-12-17 17:43:48 37376 ( ..... ) "C:\WINDOWS\system32\khfghfg.dll" 2007-12-11 16:13:18 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\Hamachi" 2007-12-11 16:05:42 ( .D... ) "C:\Program Files\Hamachi" 2007-12-10 11:26:06 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\EleFun Games" 2007-12-10 11:22:14 ( .D... ) "C:\Program Files\bfgclient" 2007-12-09 00:18:10 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\Leadertech" 2007-12-09 00:18:06 ( .D... ) "C:\Program Files\Common Files\PocketSoft" 2007-12-08 23:31:14 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\Atari" 2007-12-02 15:00:06 18684536 ( A.... ) "C:\WINDOWS\system32\MRT.exe" 2007-12-01 11:16:14 98304 ( A.... ) "C:\WINDOWS\system32\CmdLineExt.dll" 2007-11-26 20:44:52 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\mIRC" 2007-11-26 20:44:50 ( .D... ) "C:\Program Files\mIRC" 2007-11-22 19:45:32 43520 ( A.... ) "C:\WINDOWS\system32\CmdLineExt03.dll" 2007-11-22 19:04:26 21840 ( A.... ) "C:\WINDOWS\system32\SIntfNT.dll" 2007-11-22 19:04:26 17212 ( A.... ) "C:\WINDOWS\system32\SIntf32.dll" 2007-11-22 19:04:26 12067 ( A.... ) "C:\WINDOWS\system32\SIntf16.dll" 2007-11-20 15:52:48 ( .D... ) "C:\Program Files\uTorrent" 2007-11-20 15:52:22 ( .D... ) "C:\Documents and Settings\Virgis\Application Data\uTorrent" 2007-11-16 17:06:48 ( .D... ) "C:\Program Files\Common Files\Download Manager" 2007-11-16 17:01:36 229728 ( A.... ) "C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_2546.exe" 2007-11-16 17:01:34 ( .D... ) "C:\Program Files\Burn4Free Toolbar" 2007-11-15 20:33:40 98304 ( A.... ) "C:\WINDOWS\system32CmdLineExt.dll" 2007-11-15 20:27:24 ( .D... ) "C:\Program Files\PlayLinc" 2007-11-15 20:11:36 ( .D... ) "C:\Program Files\Steam" 2007-11-14 09:26:56 450560 ( A.... ) "C:\WINDOWS\system32\jscript.dll" 2007-11-13 13:31:12 60416 ( A.... ) "C:\WINDOWS\system32\tzchange.exe" 2007-11-04 21:02:08 ( .D... ) "C:\Program Files\AV Vcs 6.0 DIAMOND" 2007-11-03 22:35:00 ( .D... ) "C:\Program Files\Ocean Technology" 2007-11-02 16:06:38 ( .D... ) "C:\Program Files\Evisoft" 2007-10-30 11:55:22 3065856 ( A.... ) "C:\WINDOWS\system32\mshtml.dll" 2007-10-30 00:43:04 1287680 ( A.... ) "C:\WINDOWS\system32\quartz.dll" 2007-10-29 12:04:04 350720 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll" 2007-10-27 17:40:30 222720 ( A.... ) "C:\WINDOWS\system32\wmasf.dll" 2007-10-26 05:34:02 8460288 ( A.... ) "C:\WINDOWS\system32\shell32.dll" 2007-10-11 07:57:42 666112 ( A.... ) "C:\WINDOWS\system32\wininet.dll" 2007-10-11 07:57:40 1498112 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll" 2007-10-11 07:57:40 617984 ( A.... ) "C:\WINDOWS\system32\urlmon.dll" 2007-10-11 07:57:40 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll" 2007-10-11 07:57:38 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll" 2007-10-11 07:57:38 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll" 2007-10-11 07:57:36 449024 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll" 2007-10-11 07:57:36 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll" 2007-10-11 07:57:32 251904 ( A.... ) "C:\WINDOWS\system32\iepeers.dll" 2007-10-11 07:57:32 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll" 2007-10-11 07:57:32 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll" 2007-10-11 07:57:30 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll" 2007-10-11 07:57:30 1024000 ( A.... ) "C:\WINDOWS\system32\browseui.dll" 2007-10-11 07:57:30 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll" 2007-10-11 07:57:30 205824 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll" 2007-10-11 07:57:30 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll" 2007-10-11 07:57:30 55808 ( A.... ) "C:\WINDOWS\system32\extmgr.dll" 2007-10-03 23:36:46 25600 ( A.... ) "C:\WINDOWS\system32\WS2Fix.exe" 2007-04-04 19:04:38 702212 ( A.... ) "C:\Program Files\APR2007_d3dx10_33_x64.cab" 2007-04-04 19:04:38 100417 ( A.... ) "C:\Program Files\APR2007_xinput_x64.cab" 2007-04-04 19:04:38 56902 ( A.... ) "C:\Program Files\APR2007_xinput_x86.cab" 2007-04-04 19:04:36 1610958 ( A.... ) "C:\Program Files\APR2007_d3dx9_33_x64.cab" 2007-04-04 19:04:36 699465 ( A.... ) "C:\Program Files\APR2007_d3dx10_33_x86.cab" 2007-04-04 19:04:34 1609639 ( A.... ) "C:\Program Files\APR2007_d3dx9_33_x86.cab" 2007-04-04 19:04:34 199366 ( A.... ) "C:\Program Files\APR2007_XACT_x64.cab" 2007-04-04 19:04:34 154825 ( A.... ) "C:\Program Files\APR2007_XACT_x86.cab" 2007-04-04 19:04:32 45305 ( A.... ) "C:\Program Files\dxdllreg_x86.cab" 2007-04-04 18:48:34 1673576 ( A.... ) "C:\Program Files\dsetup32.dll" 2007-04-04 18:48:34 503144 ( A.... ) "C:\Program Files\DXSETUP.exe" 2007-04-04 18:48:34 85881 ( A.... ) "C:\Program Files\dxupdate.cab" 2007-04-04 18:48:32 1575336 ( ..... ) "C:\Program Files\DEC2006_d3dx9_32_x86.cab" 2007-04-04 18:48:32 1572114 ( ..... ) "C:\Program Files\DEC2006_d3dx9_32_x64.cab" 2007-04-04 18:48:32 1413862 ( ..... ) "C:\Program Files\OCT2006_d3dx9_31_x64.cab" 2007-04-04 18:48:32 1363684 ( ..... ) "C:\Program Files\Feb2006_d3dx9_29_x64.cab" 2007-04-04 18:48:32 1336890 ( ..... ) "C:\Program Files\Jun2005_d3dx9_26_x64.cab" 2007-04-04 18:48:32 1248387 ( ..... ) "C:\Program Files\Feb2005_d3dx9_24_x64.cab" 2007-04-04 18:48:32 1128177 ( ..... ) "C:\Program Files\OCT2006_d3dx9_31_x86.cab" 2007-04-04 18:48:32 1085608 ( ..... ) "C:\Program Files\Feb2006_d3dx9_29_x86.cab" 2007-04-04 18:48:32 1080344 ( ..... ) "C:\Program Files\Dec2005_d3dx9_28_x86.cab" 2007-04-04 18:48:32 1065813 ( ..... ) "C:\Program Files\Jun2005_d3dx9_26_x86.cab" 2007-04-04 18:48:32 1014113 ( ..... ) "C:\Program Files\Feb2005_d3dx9_24_x86.cab" 2007-04-04 18:48:32 213767 ( ..... ) "C:\Program Files\DEC2006_d3dx10_00_x64.cab" 2007-04-04 18:48:32 198275 ( ..... ) "C:\Program Files\FEB2007_XACT_x64.cab" 2007-04-04 18:48:32 193435 ( ..... ) "C:\Program Files\DEC2006_XACT_x64.cab" 2007-04-04 18:48:32 192680 ( ..... ) "C:\Program Files\DEC2006_d3dx10_00_x86.cab" 2007-04-04 18:48:32 183321 ( ..... ) "C:\Program Files\OCT2006_XACT_x64.cab" 2007-04-04 18:48:32 181745 ( ..... ) "C:\Program Files\JUN2006_XACT_x64.cab" 2007-04-04 18:48:32 179247 ( ..... ) "C:\Program Files\Feb2006_XACT_x64.cab" 2007-04-04 18:48:32 151583 ( ..... ) "C:\Program Files\FEB2007_XACT_x86.cab" 2007-04-04 18:48:32 146559 ( ..... ) "C:\Program Files\DEC2006_XACT_x86.cab" 2007-04-04 18:48:32 138977 ( ..... ) "C:\Program Files\OCT2006_XACT_x86.cab" 2007-04-04 18:48:32 134631 ( ..... ) "C:\Program Files\JUN2006_XACT_x86.cab" 2007-04-04 18:48:32 133297 ( ..... ) "C:\Program Files\Feb2006_XACT_x86.cab" 2007-04-04 18:48:32 86925 ( ..... ) "C:\Program Files\Oct2005_xinput_x64.cab" 2007-04-04 18:48:32 77160 ( A.... ) "C:\Program Files\DSETUP.dll" 2007-04-04 18:48:32 46247 ( ..... ) "C:\Program Files\Oct2005_xinput_x86.cab" 2007-04-04 18:48:30 13265040 ( ..... ) "C:\Program Files\dxnt.cab" 2007-04-04 18:48:30 4163518 ( ..... ) "C:\Program Files\Apr2006_MDX1_x86_Archive.cab" 2007-04-04 18:48:30 1398718 ( ..... ) "C:\Program Files\Apr2006_d3dx9_30_x64.cab" 2007-04-04 18:48:30 1358864 ( ..... ) "C:\Program Files\Dec2005_d3dx9_28_x64.cab" 2007-04-04 18:48:30 1351430 ( ..... ) "C:\Program Files\Aug2005_d3dx9_27_x64.cab" 2007-04-04 18:48:30 1348242 ( ..... ) "C:\Program Files\Apr2005_d3dx9_25_x64.cab" 2007-04-04 18:48:30 1116109 ( ..... ) "C:\Program Files\Apr2006_d3dx9_30_x86.cab" 2007-04-04 18:48:30 1079850 ( ..... ) "C:\Program Files\Apr2005_d3dx9_25_x86.cab" 2007-04-04 18:48:30 1078532 ( ..... ) "C:\Program Files\Aug2005_d3dx9_27_x86.cab" 2007-04-04 18:48:30 917318 ( ..... ) "C:\Program Files\Apr2006_MDX1_x86.cab" 2007-04-04 18:48:30 183863 ( ..... ) "C:\Program Files\AUG2006_XACT_x64.cab" 2007-04-04 18:48:30 180021 ( ..... ) "C:\Program Files\Apr2006_XACT_x64.cab" 2007-04-04 18:48:30 138195 ( ..... ) "C:\Program Files\AUG2006_XACT_x86.cab" 2007-04-04 18:48:30 133991 ( ..... ) "C:\Program Files\Apr2006_XACT_x86.cab" 2007-04-04 18:48:30 88102 ( ..... ) "C:\Program Files\AUG2006_xinput_x64.cab" 2007-04-04 18:48:30 87989 ( ..... ) "C:\Program Files\Apr2006_xinput_x64.cab" 2007-04-04 18:48:30 47018 ( ..... ) "C:\Program Files\AUG2006_xinput_x86.cab" 2007-04-04 18:48:30 46898 ( ..... ) "C:\Program Files\Apr2006_xinput_x86.cab" 2007-04-04 18:48:28 1156363 ( ..... ) "C:\Program Files\BDANT.cab" 2007-04-04 18:48:28 976020 ( ..... ) "C:\Program Files\BDAXP.cab" 2006-09-28 15:22:04 91265 ( A.... ) "C:\Program Files\OCT2006_xinput_x64.cab" 2006-09-28 15:22:02 49149 ( A.... ) "C:\Program Files\OCT2006_xinput_x86.cab" 2006-09-28 14:55:34 15493481 ( A.... ) "C:\Program Files\DirectX.cab" 2006-09-28 14:55:34 703080 ( A.... ) "C:\Program Files\BDA.cab" 2004-04-03 00:05:38 4722688 ( A.... ) "C:\Program Files\Adbcd.exe" ((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "CHotkey"="mHotkey.exe" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start" "My Web Search Bar"="rundll32 C:\\PROGRA~1\\MYWEBS~1\\bar\\3.bin\\MWSBAR.DLL,S" "PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE" "NetworkMechanic"="C:\\Program Files\\Network Mechanic\\NetworkMechanic.exe /startup" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "DC6_check"="\"C:\\Program Files\\Common Files\\WinAntiVirus Pro 2006\\dc6_startupmon.exe\"" "ERS_check"="\"C:\\Program Files\\Common Files\\WinAntiVirus Pro 2006\\ers_startupmon.exe\"" "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe" "RAMDrive"="\"C:\\Program Files\\FarStone\\VDPPro\\VHD\\RDTask.exe\"" @="" "DVDCTray"="C:\\Program Files\\FarStone\\VDPPro\\dvdcreator\\DVDCTrayIconShl.exe" "VirtualDrive"="C:\\Program Files\\FarStone\\VDPPro\\VDP\\vdtask.exe /AutoRestore" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033" "7853c498"="rundll32.exe \"C:\\WINDOWS\\system32\\lfdkbekw.dll\",b" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoDriveAutoRun"=dword:00000100 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background" "Steam"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "RunNarrator"="Narrator.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce] "RunNarrator"="Narrator.exe" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{7BED1F14-57E9-4E35-943F-CE1688F6CB4E}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\Norton Security Scan.job Completion time: 2007.12.30 12:43:00,54 ComboFix ver 06.06.17 - This logfile is located at C:\ComboFix.txt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:45:21, on 2007.12.30 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\lfdkbekw.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - ?p=ZNfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 7859 bytes
  8. svajunas
    VundoFix V6.7.7 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Scan started at 12:20:26 2007.12.29 Listing files found while scanning.... VundoFix V6.7.7 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Scan started at 12:32:09 2007.12.29 Listing files found while scanning.... C:\WINDOWS\system32\akklphtx.dll C:\WINDOWS\system32\awtsrst.dll C:\WINDOWS\system32\hhhkj.ini C:\WINDOWS\system32\hhhkj.ini2 C:\WINDOWS\system32\itkhhktb.dll C:\WINDOWS\system32\jkhhh.dll C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\lfdkbekw.dll C:\WINDOWS\system32\pqlnokyt.dll C:\WINDOWS\system32\tkxhfchq.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\akklphtx.dll C:\WINDOWS\system32\akklphtx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\awtsrst.dll C:\WINDOWS\system32\awtsrst.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hhhkj.ini C:\WINDOWS\system32\hhhkj.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\hhhkj.ini2 C:\WINDOWS\system32\hhhkj.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\itkhhktb.dll C:\WINDOWS\system32\itkhhktb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jkhhh.dll C:\WINDOWS\system32\jkhhh.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\lfdkbekw.dll C:\WINDOWS\system32\lfdkbekw.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\pqlnokyt.dll C:\WINDOWS\system32\pqlnokyt.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tkxhfchq.dll C:\WINDOWS\system32\tkxhfchq.dll Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Performing Repairs to the registry. Done! VundoFix V6.7.7 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Scan started at 12:52:52 2007.12.29 Listing files found while scanning.... C:\WINDOWS\system32\gebyx.dll C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\xybeg.ini C:\WINDOWS\system32\xybeg.ini2 Beginning removal... Attempting to delete C:\WINDOWS\system32\gebyx.dll C:\WINDOWS\system32\gebyx.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\xybeg.ini C:\WINDOWS\system32\xybeg.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xybeg.ini2 C:\WINDOWS\system32\xybeg.ini2 Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\gebyx.dll C:\WINDOWS\system32\gebyx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\khfghfg.dll C:\WINDOWS\system32\khfghfg.dll Could not be deleted. Attempting to delete C:\WINDOWS\system32\xybeg.ini C:\WINDOWS\system32\xybeg.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xybeg.ini2 C:\WINDOWS\system32\xybeg.ini2 Has been deleted! Performing Repairs to the registry. Done! Beginning removal... SmitFraudFix v2.274 Scan done at 23:19:24,25, 2007.12.29 Run from C:\Documents and Settings\Virgis\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode
  9. svajunas
    I cant delete some files with VundoFix even after restart and some files were deleted but after reboot it gives me a log that says some .dll unable to run Here is few samples Error loading C:\WINDOWS\system32\lfdkbekw.dll The specified module could not be found. __________________________________________ Error loading C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL The specified module could not be found.
  10. svajunas
    --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 20:19:55 2007.12.28 + Scan result: C:\Program Files\Common Files\Companion Wizard\WapCHK.dll -> Adware.Companion : Ignored. C:\System Volume Information\_restore{FFDDF4EF-7B69-4C24-9CE8-0452B0D97693}\RP343\A0417920.dll -> Adware.Companion : Ignored. HKLM\SOFTWARE\Clickspring -> Adware.PurityScan : Ignored. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow -> Adware.SaveNow : Ignored. D:\System Volume Information\_restore{866E244E-940A-43E8-94FC-3A803454B152}\RP233\A0267876.EXE -> Backdoor.Hupigon.kg : Ignored. C:\Documents and Settings\Virgis\Desktop\Unused Desktop Shortcuts\roc_tft_cdkey_generators\w3-TFT-cdkey-generator.exe -> Dropper.PT : Ignored. :mozilla.100:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.101:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.102:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.103:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.104:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.105:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.106:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.107:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.108:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.109:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.110:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.111:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.112:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.113:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.114:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.71:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.72:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.73:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.74:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.75:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.76:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.77:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.78:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.79:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.80:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.81:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.82:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.83:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.848:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.84:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.85:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.86:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.87:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.887:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.88:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.89:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.90:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.91:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.92:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.93:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.94:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.95:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.96:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.97:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.98:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. :mozilla.99:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@2o7[1].txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@drugstore.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@ice.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@pandasoftware.112.2o7[1].txt -> TrackingCookie.2o7 : Ignored. :mozilla.142:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adbrite : Ignored. :mozilla.143:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adbrite : Ignored. :mozilla.144:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adbrite : Ignored. :mozilla.674:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adbrite : Ignored. :mozilla.675:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adbrite : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@adbrite[2].txt -> TrackingCookie.Adbrite : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Ignored. :mozilla.494:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.495:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.496:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.497:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.498:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.499:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.500:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.501:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored. :mozilla.566:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adtech : Ignored. :mozilla.568:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Adtech : Ignored. :mozilla.254:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Advertising : Ignored. :mozilla.255:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Advertising : Ignored. :mozilla.257:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Advertising : Ignored. :mozilla.258:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Advertising : Ignored. :mozilla.260:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Advertising : Ignored. :mozilla.432:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Atdmt : Ignored. :mozilla.240:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Burstnet : Ignored. :mozilla.242:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Burstnet : Ignored. :mozilla.243:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Burstnet : Ignored. :mozilla.572:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.573:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.574:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.575:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.576:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.577:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.578:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.579:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.580:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.581:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.582:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored. :mozilla.697:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickbank : Ignored. :mozilla.927:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickhype : Ignored. :mozilla.766:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickzs : Ignored. :mozilla.767:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickzs : Ignored. :mozilla.772:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickzs : Ignored. :mozilla.773:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Clickzs : Ignored. :mozilla.720:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Cqcounter : Ignored. :mozilla.123:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored. :mozilla.280:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Estat : Ignored. :mozilla.467:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Euroclick : Ignored. :mozilla.468:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Euroclick : Ignored. :mozilla.259:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Fastclick : Ignored. :mozilla.261:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Fastclick : Ignored. :mozilla.262:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Fastclick : Ignored. :mozilla.265:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Fastclick : Ignored. :mozilla.231:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Gamershell : Ignored. :mozilla.232:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Gamershell : Ignored. :mozilla.233:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Gamershell : Ignored. :mozilla.234:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Gamershell : Ignored. :mozilla.860:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Googleadservices : Ignored. :mozilla.906:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Googleadservices : Ignored. :mozilla.943:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Googleadservices : Ignored. :mozilla.214:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.215:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.216:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.236:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.237:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.900:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.901:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.902:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.903:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hitbox : Ignored. :mozilla.648:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Hotlog : Ignored. :mozilla.168:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignored. :mozilla.169:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignored. :mozilla.662:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Information : Ignored. :mozilla.171:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Ivwbox : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@ie.search.msn[2].txt -> TrackingCookie.Msn : Ignored. :mozilla.817:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Onestat : Ignored. :mozilla.820:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Onestat : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@stat.onestat[1].txt -> TrackingCookie.Onestat : Ignored. :mozilla.618:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Overture : Ignored. :mozilla.437:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.438:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.439:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.440:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.441:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.442:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.443:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Pointroll : Ignored. :mozilla.373:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored. :mozilla.374:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Questionmarket : Ignored. :mozilla.661:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revenue : Ignored. :mozilla.312:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.313:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.314:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.315:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.316:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.317:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.318:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.319:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.320:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.321:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Revsci : Ignored. :mozilla.537:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Ru4 : Ignored. :mozilla.538:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Ru4 : Ignored. :mozilla.539:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Ru4 : Ignored. :mozilla.125:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Safer-networking : Ignored. :mozilla.158:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.159:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.160:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.161:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.162:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.163:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. :mozilla.164:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Serving-sys : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@site.skype[1].txt -> TrackingCookie.Skype : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@skype[1].txt -> TrackingCookie.Skype : Ignored. :mozilla.629:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Spylog : Ignored. :mozilla.379:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.380:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.384:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.385:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.386:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.387:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.388:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.389:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.390:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.391:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.392:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.393:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.394:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.395:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.396:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.397:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.398:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.399:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.400:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.401:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.402:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.403:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.404:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.405:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.406:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.407:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.408:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.409:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.410:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.411:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.412:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.413:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.414:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.415:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.416:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.417:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.418:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.419:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.420:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.421:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.422:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.423:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.424:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.425:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.426:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.427:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.428:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.429:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.430:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.431:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statcounter : Ignored. :mozilla.27:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Statistik-gallup : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Ignored. :mozilla.238:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tacoda : Ignored. :mozilla.239:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tacoda : Ignored. :mozilla.241:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tacoda : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@tacoda[2].txt -> TrackingCookie.Tacoda : Ignored. :mozilla.40:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored. :mozilla.41:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored. :mozilla.42:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored. :mozilla.43:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored. :mozilla.44:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignored. :mozilla.204:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored. :mozilla.684:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Weborama : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@weborama[1].txt -> TrackingCookie.Weborama : Ignored. :mozilla.533:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Webtrends : Ignored. C:\Documents and Settings\Virgis\Cookies\virgis@m.webtrends[1].txt -> TrackingCookie.Webtrends : Ignored. :mozilla.198:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Webtrendslive : Ignored. :mozilla.272:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yadro : Ignored. :mozilla.145:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.146:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.147:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.148:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.149:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.150:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.151:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignored. :mozilla.598:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Zedo : Ignored. :mozilla.599:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Zedo : Ignored. :mozilla.600:C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt -> TrackingCookie.Zedo : Ignored. C:\System Volume Information\_restore{FFDDF4EF-7B69-4C24-9CE8-0452B0D97693}\RP343\A0417914.dll -> Trojan.Keylog : Ignored. ::Report end panda scan Incident Status Location Virus:Generic Malware Disinfected C:\Documents and Settings\Virgis\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\Groove.x32 Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.com.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[fe.lea.lycos.de/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.azjmp.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.burstnet.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.advertising.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.advertising.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.yadro.ru/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.xiti.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.atdmt.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.adrevolver.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.adtech.de/] Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.apmebf.com/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.zedo.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.overture.com/] Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.spylog.com/] Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.hotlog.ru/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.toplist.cz/] Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.revenue.net/] Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[searchportal.information.com/] Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.clickbank.net/] Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.adserver.easyad.info/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[stat.onestat.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.go.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Virgis\Application Data\Mozilla\Firefox\Profiles\dvx9937x.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Virgis\Cookies\virgis@stat.onestat[1].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Virgis\Cookies\virgis@weborama[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Virgis\Cookies\virgis@xiti[1].txt Virus:Generic Malware Disinfected C:\Documents and Settings\Virgis\Local Settings\Temp\NI.UWA6P_0001_N91M1807\setup.exe Adware:Adware/WinAntivirus2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\compwiz.exe Potentially unwanted tool:Application/WinFixer2006 Not disinfected C:\Program Files\Common Files\Companion Wizard\WapCHK.dll Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\ACM.dll Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\ffext.mod Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\Save.exe Adware:Adware/SaveNow Not disinfected C:\Program Files\Save\SaveUninst.exe Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\akklphtx.dll Virus:Trj/Dropper.WF Disinfected D:\JUstes\Kaip taupyti elektra.exe Virus:Generic Trojan Disinfected D:\nfs2\gghz-nfsu2_tr.exe Virus:Generic Trojan Disinfected D:\nfs2\nfsu2_trn.exe Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:27:15, on 2007.12.28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [7853c498] rundll32.exe "C:\WINDOWS\system32\lfdkbekw.dll",b O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - ?p=ZNfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 8113 bytes
  11. svajunas
    I found a lot entries with spy bot should I delete them all??
  12. svajunas
    I got this adware.virtumonde.application how to destroy this virus ?? what it does to my computer pls help B) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:48:37, on 2007.12.21 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\mHotkey.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe D:\nfs2\speed2.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL (file missing) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [NetworkMechanic] C:\Program Files\Network Mechanic\NetworkMechanic.exe /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [DC6_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\dc6_startupmon.exe" O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2006\ers_startupmon.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM\..\Run: [RAMDrive] "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe" O4 - HKLM\..\Run: [DVDCTray] C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe -- End of file - 7676 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.