Jump to content

silverroller

Members
  • Posts

    7
  • Joined

  • Last visited

Everything posted by silverroller

  1. New Hijackthis Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:25:50 PM, on 1/3/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Media Center Magic\FrontView\fvsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\PeerGuardian2\pg2.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\WINDOWS\system32\geede.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0F4D416F-3EE1-4AB8-A09C-C4CD0FA968BE} - C:\WINDOWS\system32\geede.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - C:\WINDOWS\system32\xxyvvwt.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [Glass2k] C:\Torrents\Done\Vista pack for XP by tuningmaniac\Glass Efect for XP by tuningmaniac\Glass2k.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [dc9af4b4] rundll32.exe "C:\WINDOWS\system32\rwpsxeuv.dll",b O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.adoramapix.com/components/aurig...geUploader4.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: xxyvvwt - C:\WINDOWS\SYSTEM32\xxyvvwt.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FrontView Display Interface (fvsvc) - Media Center Magic - C:\Program Files\Media Center Magic\FrontView\fvsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 9828 bytes
  2. VundoFix Log VundoFix V6.7.7 Checking Java version... Scan started at 11:40:16 PM 12/27/2007 Listing files found while scanning.... C:\WINDOWS\system32\edeeg.ini C:\WINDOWS\system32\edeeg.ini2 C:\WINDOWS\system32\geede.dll C:\WINDOWS\system32\rwpsxeuv.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\edeeg.ini C:\WINDOWS\system32\edeeg.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\edeeg.ini2 C:\WINDOWS\system32\edeeg.ini2 Has been deleted! Attempting to delete C:\WINDOWS\system32\geede.dll C:\WINDOWS\system32\geede.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rwpsxeuv.dll C:\WINDOWS\system32\rwpsxeuv.dll Could not be deleted. Performing Repairs to the registry. Done! Beginning removal... Attempting to delete C:\WINDOWS\system32\rwpsxeuv.dll C:\WINDOWS\system32\rwpsxeuv.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.7.7 Checking Java version... Scan started at 11:16:27 PM 1/2/2008 Listing files found while scanning.... No infected files were found. Beginning removal...
  3. Well instead of posting the whole log from the scan which finds the same file in the same place. Ill give you the highlights. "2007/12/28 02:59:47" "Virus" "Ben" "Resident Shield reports Virus found Lop on C:\Documents and Settings\Ben\Local Settings\Temporary Internet Files\Content.IE5\Y0U1K0OZ\hctp[1]." "2007/12/28 02:59:48" "Virus" "Ben" "In C:\Documents and Settings\Ben\Local Settings\Temporary Internet Files\Content.IE5\Y0U1K0OZ\hctp[1] was ""Lop"" virus found." "2007/12/28 05:05:27" "Virus" "Ben" "C:\Documents and Settings\Ben\Local Settings\Temporary Internet Files\Content.IE5\Y0U1K0OZ\hctp[1] was inserted into virus vault." "2007/12/28 05:05:27" "Virus" "Ben" "C:\VundoFix Backups\rwpsxeuv.dll.bad was inserted into virus vault." "2007/12/28 19:23:53" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:28:37" "Virus" "SYSTEM" "Resident Shield reports Virus found Lop on C:\System Volume Information\_restore{610886AC-AFDA-4B65-A167-3358E761B5AB}\RP332\A0063200.dll." And the rest of the log is all "2007/12/28 21:43:27" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:43:58" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:44:29" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:45:00" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:45:31" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:46:02" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." "2007/12/28 21:46:33" "Virus" "SYSTEM" "Resident Shield reports Trojan horse Generic9.AHGK on C:\WINDOWS\system32\xxyvvwt.dll." etc......
  4. Here is my AVG Scan Info. the scan says that it found nothing, but I always get notifications from the program. I will post the notification log below, but the .txt file is 700kb and the board won't allow me to post the whole log together. So I'll have to break to up into smaller pieces. "General properties" "" "Report name" "Complete Test" "Start time" "1/2/2008 11:14:36 PM" "End time" "1/3/2008 1:06:43 AM (total: 1:52:05.7 hrs)" "Launch method" "Scanning launched manually" "Scanning result" "No threats found" "Report status" "Scanning completed successfully" " " "" "Object summary" "" "Scanned" "171006" "Threats Found" "0" "Cleaned" "0" "Moved to vault" "0" "Deleted" "0" "Errors" "0"
  5. I downloaded VundoFix.exe and ran it. It found no instances. I did run this program once, before I found your website. The first time it found some and removed it. I can't find the log from the first attempt and did not provide a log for the sencond attempt when it found nothing. I am currently running AVGscan and will post the results when it finishes. I will do the same with HiJackThis
  6. Sorry for the delay, I was out of town for New Years. Yea, I don't know what happened in the Panda scan post (my doing, I'm sure)!!! I ran it again and got the following: Incident Status Location Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.overture.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/12511569] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/18354542] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/24797217] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/2713995] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/66305761] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/70307935] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/80570461] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/86159690] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/91338698] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.target.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.www.burstbeacon.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.xiti.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.addynamix[1].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.pointroll[1].txt Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@adserver.easyad[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ben\Cookies\ben@advertising[2].txt Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@anm.co[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atwola[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Ben\Cookies\ben@azjmp[2].txt Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bravenet[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bs.serving-sys[2].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ccbill[1].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cdfreaks[2].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@club.cdfreaks[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@com[1].txt Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cs.sexcounter[2].txt Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Ben\Cookies\ben@did-it[2].txt Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Ben\Cookies\ben@fortunecity[1].txt Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Ben\Cookies\ben@gostats[2].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Ben\Cookies\ben@go[1].txt Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Ben\Cookies\ben@i.screensavers[1].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@overture[1].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@perf.overture[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Cookies\ben@questionmarket[1].txt Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@realmedia[1].txt Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ben\Cookies\ben@revenue[2].txt Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ben\Cookies\ben@searchportal.information[1].txt Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Cookies\ben@server.iad.liveperson[3].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@serving-sys[2].txt Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@stat.onestat[1].txt Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Cookies\ben@target[1].txt Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Ben\Cookies\ben@teensforcash[2].txt Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Cookies\ben@toplist[1].txt Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ben\Cookies\ben@trafficmp[2].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Cookies\ben@tribalfusion[1].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Ben\Cookies\ben@weborama[1].txt Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.burstbeacon[2].txt Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.myaffiliateprogram[2].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www2.addfreestats[1].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www3.addfreestats[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Cookies\ben@xiti[1].txt Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Ben\Cookies\ben@yadro[1].txt Spyware:Spyware/Virtumonde Not disinfected C:\VundoFix Backups\geede.dll.bad Potentially unwanted tool:Application/CloseApp Not disinfected C:\WINDOWS\system32\closeapp.exe Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\ssqrpop.dll Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\xxyvvwt.dll Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\xxywvsr.dll
  7. It's been almost three years since I've had a virus on my machine. Guess I've had a decent run.... but all good things must come to an end. Can someone help me get rid of this virus that has decided to infect my computer? I have followed your post and have the logs ready, I will post below. As for the AVG log there I don't see an easy "print log" option so let me know if I don't provide the correct information. THANK YOU IN ADVANCE FOR YOUR HELP, BEN AVG------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Incident Status Location Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.zedo.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.xiti.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.zedo.com/] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.www.burstbeacon.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.target.com/] Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.sexlist.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/66305761] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/24797217] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/24797217] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/70307935] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/2713995] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/80570461] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/91338698] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/12511569] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statse.webtrendslive.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.stat.onestat.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/18354542] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/86159690] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.server.iad.liveperson.net/hc/66305761] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.perf.overture.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.overture.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.phg.hitbox.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ben\Application Data\Mozilla\Firefox\Profiles\nsk8jch9.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@adrevolver[2].txt Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.addynamix[1].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ads.pointroll[2].txt Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@adserver.easyad[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Ben\Cookies\ben@advertising[1].txt Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@anm.co[1].txt Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Ben\Cookies\ben@apmebf[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Ben\Cookies\ben@atwola[2].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Ben\Cookies\ben@azjmp[2].txt Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bluestreak[1].txt Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bravenet[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@bs.serving-sys[2].txt Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Ben\Cookies\ben@burstnet[2].txt Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@casalemedia[1].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ccbill[1].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cdfreaks[2].txt Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Ben\Cookies\ben@clickbank[1].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Ben\Cookies\ben@club.cdfreaks[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@com[1].txt Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Ben\Cookies\ben@counter.hitslink[1].txt Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Ben\Cookies\ben@cs.sexcounter[2].txt Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Ben\Cookies\ben@did-it[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Ben\Cookies\ben@doubleclick[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ehg-dig.hitbox[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@ehg.hitbox[2].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Ben\Cookies\ben@fastclick[1].txt Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Ben\Cookies\ben@fortunecity[1].txt Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Ben\Cookies\ben@gostats[2].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Ben\Cookies\ben@go[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@hg1.hitbox[1].txt Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Ben\Cookies\ben@i.screensavers[1].txt Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Ben\Cookies\ben@linksynergy[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Ben\Cookies\ben@media.adrevolver[2].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Ben\Cookies\ben@mediaplex[2].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@overture[1].txt Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Ben\Cookies\ben@perf.overture[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Ben\Cookies\ben@phg.hitbox[1].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Ben\Cookies\ben@questionmarket[1].txt Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Ben\Cookies\ben@realmedia[1].txt Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Ben\Cookies\ben@revenue[2].txt Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Ben\Cookies\ben@searchportal.information[1].txt Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Ben\Cookies\ben@server.iad.liveperson[3].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Ben\Cookies\ben@serving-sys[2].txt Spyware:Cookie/SexList Not disinfected C:\Documents and Settings\Ben\Cookies\ben@sexlist[2].txt Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Ben\Cookies\ben@spylog[2].txt Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Ben\Cookies\ben@stat.onestat[1].txt Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Ben\Cookies\ben@statcounter[1].txt Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Ben\Cookies\ben@statse.webtrendslive[1].txt Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Ben\Cookies\ben@target[1].txt Spyware:Cookie/TeensForCash Not disinfected C:\Documents and Settings\Ben\Cookies\ben@teensforcash[2].txt Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Ben\Cookies\ben@toplist[1].txt Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Ben\Cookies\ben@tradedoubler[2].txt Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Ben\Cookies\ben@trafficmp[2].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Ben\Cookies\ben@tribalfusion[2].txt Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Ben\Cookies\ben@weborama[1].txt Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.burstbeacon[2].txt Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www.myaffiliateprogram[2].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www2.addfreestats[1].txt Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Ben\Cookies\ben@www3.addfreestats[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Ben\Cookies\ben@xiti[1].txt Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Ben\Cookies\ben@yadro[1].txt Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Ben\Cookies\ben@zedo[2].txt Virus:Trj/Downloader.MDW Disinfected C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\BackgroundRemover\Background.Remover.v1.0 patch.exe Virus:Trj/Downloader.MDW Disinfected C:\Program Files\ImageSkill\BackgroundRemover\Background.Remover.v1.0 patch.exe Potentially unwanted tool:Application/CloseApp Not disinfected C:\WINDOWS\system32\closeapp.exe Virus:Generic Worm Not disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Adobe.CS3.Keygen.Pack\Adobe.CS3.Keygen.Pack.rar[ZWT\Dreamweaver CS3 Keygen + Activation ZWT.exe] Virus:Generic Worm Not disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Adobe.CS3.Keygen.Pack\Adobe.CS3.Keygen.Pack.zip[Adobe.CS3.Keygen.Pack.rar][ZWT\Dreamweaver CS3 Keygen + Activation ZWT.exe] Virus:Trj/Downloader.MDW Disinfected D:\Software\Adobe.Photoshop.Plugin.Collection.100107-forAdobe\Background.Remover.v1.0.for.Adobe.Photoshop.Cracked-SSG\Background.Remover.v1.0 patch.exe PANDA---------(This list was so long that I couldn't post it all)---------------------------------------------------------------------------------------------------------------------------------------------------------------- <history> <!-- 01c848ec1389d160 --> <rec time="2007/12/28 00:53:35" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:53:36" user="SYSTEM" source="Update"> <value>@HL_UpdateOK</value> <attr name="version">avi:1234-1205;iavi:1210-1147;</attr> </rec> <rec time="2007/12/28 00:53:37" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:54:06" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 00:54:09" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:45:46" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:16" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:16" user="Ben" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> <rec time="2007/12/28 18:46:46" user="SYSTEM" source="Virus"> <value>@HL_ReportFindRS</value> <attr name="filename">C:\WINDOWS\system32\xxyvvwt.dll</attr> <attr name="finding">@EID_Id_trj</attr> <attr name="virusname">Generic9.AHGK</attr> </rec> </history> HijackThis------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:51:44 PM, on 12/28/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Media Center Magic\FrontView\fvsvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Grisoft\AVG7\avgwb.dat C:\Program Files\Grisoft\AVG7\avgcc.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F3 - REG:win.ini: load=C:\WINDOWS\system32\geede.exe O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0F4D416F-3EE1-4AB8-A09C-C4CD0FA968BE} - C:\WINDOWS\system32\geede.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - C:\WINDOWS\system32\xxyvvwt.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [Glass2k] C:\Torrents\Done\Vista pack for XP by tuningmaniac\Glass Efect for XP by tuningmaniac\Glass2k.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [dc9af4b4] rundll32.exe "C:\WINDOWS\system32\rwpsxeuv.dll",b O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200707...ex/qtplugin.cab O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.adoramapix.com/components/aurig...geUploader4.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O20 - Winlogon Notify: xxyvvwt - C:\WINDOWS\SYSTEM32\xxyvvwt.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FrontView Display Interface (fvsvc) - Media Center Magic - C:\Program Files\Media Center Magic\FrontView\fvsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 9612 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.