Jump to content

help with "intervalhehehe" problem


Recommended Posts

just like everyone else i got the problem after havin downloaded the WINRAR program..

so ive followed the pre hijack this instuctions ... ive ran the spybot search and destroy scan AND I ALSO IMMUNIZED EVERYTHING.I did the MBAM scan and the panda scan and i just finished with the High Jaack This scan ... so here are the logs in that order...any help will be greatly appreciated!!!

--------------------------------------------------------------MBAM (LOG 1)--------------------------------------------------------------

Malwarebytes' Anti-Malware 1.31

Database version: 1456

Windows 5.1.2600 Service Pack 2

13/12/2008 8:13:46 AM

mbam-log-2008-12-13 (08-13-46).txt

Scan type: Full Scan (C:\|)

Objects scanned: 109651

Time elapsed: 2 hour(s), 12 minute(s), 55 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 3

Registry Data Items Infected: 1

Folders Infected: 7

Files Infected: 20

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{343ce214-9998-4b21-a151-ffe970167297} (Rogue.Installer) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{deceaaa2-370a-49bb-9362-68c3a58ddc62} (Adware.180Solutions) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f09ec4c3-2dd5-4887-cc1e-468317e49555} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f09ec4c3-2dd5-4887-cc1e-468317e49555} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffe41cca-04f0-5789-6be6-f64c7a744af2} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ffe41cca-04f0-5789-6be6-f64c7a744af2} (Adware.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\44163430150637485466217191968204 (Rogue.Antivirus) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\htgnszbrxfrv (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explore (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Folders Infected:

C:\Program Files\SpyShredder (Rogue.SpyShredder) -> Delete on reboot.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009 (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\BASE (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\DELETED (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\SAVED (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

Files Infected:

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110042654236.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110043519240.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110050534513.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110050828220.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110051225582.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110052058932.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110053741113.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081110054231683.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081112011320528.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081112145258205.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081113003746527.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081113015233072.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081113062201171.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081113063115629.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081114014923748.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081114020153826.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users.WINDOWS\Application Data\Solt Lake Software\Pro Antispyware 2009\LOG\20081115153223463.log (Rogue.ProAntispyware2009) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\regsvr32.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ieupdates.exe.tmp (Adware.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\imglog.exe (Rootkit.Agent) -> Quarantined and deleted successfully.

--------------------------------------------------------PANDA SCAN (LOG 2)--------------------------------------------------

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-13 16:32:32

PROTECTIONS: 1

MALWARE: 65

SUSPECTS: 1

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

Services de scurit Vidotron Antivirus 6.0.0 Yes Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00020994 W32/Bagle.pwdzip Virus No 0 Yes No C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\CoolWWWSearchSmartSearch.zip

00020994 W32/Bagle.pwdzip Virus No 0 Yes No C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\SpyShredder1.zip

00035783 dialer.dk Dialers No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91433D86-9F27-402C-B5E3-DEBDD122C339}

00122030 adware/fastvideoplayer Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B5DD9A64-5C4B-4A48-BE56-97C1A8F85708}

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285407.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285238.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281297.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281307.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281298.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281306.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281305.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281304.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281301.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281300.TXT

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281299.TXT

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287096.TXT

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287095.TXT

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285003.TXT

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285169.TXT

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285349.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00280868.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276611.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276610.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276609.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00280867.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276637.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276636.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276612.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276591.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276583.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276584.TXT

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285112.TXT

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285086.TXT

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275985.TXT

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285232.TXT

00145792 Cookie/SexList TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285170.TXT

00145869 Cookie/SpyLog TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284967.TXT

00147806 Cookie/7search TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275978.TXT

00147806 Cookie/7search TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285213.TXT

00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284966.TXT

00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285420.TXT

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281295.TXT

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281294.TXT

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285164.TXT

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Billy\Cookies\billy@com[1].txt

00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285181.TXT

00167706 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285123.TXT

00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\home\Cookies\home@fe.lea.lycos[1].txt

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285074.TXT

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285313.TXT

00167756 Cookie/Sexsuche TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285072.TXT

00167764 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284444.TXT

00167764 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285119.TXT

00167764 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282321.TXT

00167765 Cookie/Hitbox TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284995.TXT

00167770 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285260.TXT

00167783 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285329.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276439.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276445.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276447.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276448.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276449.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276455.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276456.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276457.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276458.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276470.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276387.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276472.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276473.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276483.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276484.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276485.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276486.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276490.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276491.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276492.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276493.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276438.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276527.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276528.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276529.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276536.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276537.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276538.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276539.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276386.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276385.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276384.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276369.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276368.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276367.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276366.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276352.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276351.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276350.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276349.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276073.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276072.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276437.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284983.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276071.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276526.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284631.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275919.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275918.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284630.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276436.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275590.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284629.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275589.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283821.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283820.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283819.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283818.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283750.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283749.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275588.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275587.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275482.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275481.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275480.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275479.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285822.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285823.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285824.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285825.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286260.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283748.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283729.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283728.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283727.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281675.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283726.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276471.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282271.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282270.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282269.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282257.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282258.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282259.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282260.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282263.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282264.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282265.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282266.TXT

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282268.TXT

00168058 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285012.TXT

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285156.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276626.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276627.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276628.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276630.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284941.TXT

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Billy\Cookies\billy@serving-sys[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276629.TXT

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285071.TXT

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Billy\Cookies\billy@bs.serving-sys[1].txt

00168095 Cookie/888 TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285209.TXT

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285202.TXT

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285212.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287412.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281727.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286819.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286610.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287285.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287426.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287309.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287583.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282341.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285258.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287269.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287322.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287293.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282332.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287596.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287608.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284445.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287572.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282322.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287327.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287332.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287362.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287317.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287397.TXT

00169286 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287619.TXT

00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285301.TXT

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285146.TXT

00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285325.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275983.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275984.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284972.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281669.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281350.TXT

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281351.TXT

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284992.TXT

00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285377.TXT

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285040.TXT

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285001.TXT

00172483 Cookie/888 TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285038.TXT

00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285016.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276644.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276618.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276616.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285285.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276607.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276541.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276540.TXT

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276634.TXT

00180154 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285082.TXT

00180246 Cookie/XXXCounter TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285320.TXT

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285185.TXT

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281673.TXT

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285148.TXT

00199983 Cookie/Valueclick TrackingCookie No 0 Yes No C:\Documents and Settings\home\Cookies\home@valueclick[2].txt

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276109.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276111.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284273.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284272.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284271.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283963.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284274.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275940.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275939.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283962.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281183.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276112.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283960.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275937.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284580.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284940.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275725.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275724.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00283959.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284581.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275723.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281185.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275722.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281187.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275356.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275355.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275354.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00276110.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281289.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286414.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286415.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286416.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286417.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286530.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286531.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286532.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00286533.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281290.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281291.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281292.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284582.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287259.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287260.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287261.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287262.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284583.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281182.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00275938.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282928.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282927.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00282926.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281842.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281843.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281844.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287393.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00287394.TXT

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00281845.TXT

00206953 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284964.TXT

00251542 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285437.TXT

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285412.TXT

00262033 adware/emediacodec Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{134F7664-943D-3BB9-65F5-70B91DF46C86}

00452515 Adware/MxLiveMedia Adware No 0 Yes No C:\WINDOWS\system32\zcmpvxqdmnfcidgdi.exe

00452526 Adware/MxLiveMedia Adware No 0 Yes No C:\WINDOWS\system32\cont_mxlivemedia-remove.exe

01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285361.TXT

02261869 Cookie/Sextracker TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00285153.TXT

02890416 Trj/Autorun.KZ Virus/Trojan No 0 Yes No C:\WINDOWS\BACKINF.TAB

02897073 Cookie/Revenue TrackingCookie No 0 Yes No C:\RECYCLER\NPROTECT\00284947.TXT

04335322 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{2E52D870-DDFF-4E89-A323-10F584C418A8}\RP731\A0569583.exe[C:\System Volume Information\_restore{2E52D870-DDFF-4E89-A323-10F584C418A8}\RP731\A0569583.exe][explore.exe]

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location =

;===============================================================================

================================================================================

=

===================

No C:\IBMTOOLS\APPS\RRPC\DATA1.CAB[setup.EXE][HOTVIEW.EXE] =

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description =

;===============================================================================

================================================================================

=

===================

182048 HIGH MS07-069 =

176382 HIGH MS07-057 =

170906 HIGH MS07-045 =

170904 HIGH MS07-043 =

164913 HIGH MS07-033 =

160623 HIGH MS07-027 =

150253 HIGH MS07-016 =

141030 HIGH MS06-072 =

137568 HIGH MS06-067 =

133387 MEDIUM MS06-065 =

126083 HIGH MS06-042 =

120814 HIGH MS06-021 =

;===============================================================================

================================================================================

=

===================

--------------------------------------------------------HighJackThis Scan (LOG 3)------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 4:39:06 PM, on 13/12/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\System32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Vid

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.