Tech Support Forum - View Single Post

zipzappy · 08-07-2007, 06:00 PM

thank you so much for helping me heres what you asked for...

The Panda Scan Log

Incident Status Location

Adware:adware/commad Not disinfected c:\windows\system32\atmtd.dll
Adware:adware/savenow Not disinfected Windows Registry
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\ComboFix\nircmd.exe
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.atdmt.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.247realmedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[ad.yieldmanager.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[statse.webtrendslive.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.doubleclick.net/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ads.pointroll.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.advertising.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.go.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adtech.de/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.2o7.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.realmedia.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[ads.pointroll.com/PRServe/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adrevolver.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.mediaplex.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.questionmarket.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.fastclick.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.atwola.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adultfriendfinder.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.toplist.cz/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.phg.hitbox.com/]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.target.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.overture.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.burstnet.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bfast.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[www.burstbeacon.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.zedo.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.statcounter.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.com.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.yadro.ru/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bluestreak.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bs.serving-sys.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[server.iad.liveperson.net/hc/43770959]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tradedoubler.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[statse.webtrendslive.com/S152628]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.as-eu.falkag.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.casalemedia.com/]
Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.versiontracker.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.atdmt.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.247realmedia.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[ad.yieldmanager.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[statse.webtrendslive.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.doubleclick.net/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ads.pointroll.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.advertising.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.go.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adtech.de/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.2o7.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.realmedia.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[ads.pointroll.com/PRServe/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adrevolver.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.mediaplex.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.questionmarket.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.fastclick.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.atwola.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adultfriendfinder.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.toplist.cz/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.phg.hitbox.com/]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.target.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.overture.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.burstnet.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bfast.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[www.burstbeacon.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.zedo.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.statcounter.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.com.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.yadro.ru/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bluestreak.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bs.serving-sys.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[server.iad.liveperson.net/hc/43770959]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tradedoubler.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[statse.webtrendslive.com/S152628]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.as-eu.falkag.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.casalemedia.com/]
Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.versiontracker.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.2o7.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.findwhat.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.go.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ehg-dig.hitbox.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adtech.de/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[ads.pointroll.com/PRServe/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.atwola.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.phg.hitbox.com/]
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.target.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bfast.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.com.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.yadro.ru/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[server.iad.liveperson.net/hc/43770959]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[statse.webtrendslive.com/S152628]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.as-eu.falkag.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.versiontracker.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ehg-dig.hitbox[2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@go[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Administrator\Desktop\ComboFix.exe[nircmd.exe]
Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Desktop\Giorgio Media\Games\_____100_\______20_plane.exe
Virus:Generic Malware Disinfected C:\Documents and Settings\Administrator\Desktop\Giorgio Media\Proggies and Stuff\Style XP\Style.XP.v3.00.Keygen.zip[eclsxp30.exe]
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\Cache\7ED6F4AAd01[nircmd.exe]
Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b104.exe
Adware:Adware/Winpopup Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b122.exe
Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b128.exe
Adware:Adware/Winpopup Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4T67KLAB\122[1].net
Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4T67KLAB\128[1].net
Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MHJU1IUQ\104[1].net
Adware:Adware/PurityScan Not disinfected C:\Program Files\Common Files\s?mbols\spoolsv.exe
Adware:Adware/Yazzle Not disinfected C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
Virus:Trj/Downloader.MDW Disinfected C:\Program Files\WinPop\UnInstall.exe
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\nircmd.exe
Adware:Adware/DollarRevenue Not disinfected C:\WINDOWS\system32\atmtd.dll._

My Combo Fix Log

ComboFix 07-08-07.6 - "Administrator" 2007-08-07 19:30:15.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.887 [GMT -4:00]
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\DOCUME~1\ADMINI~1\MYDOCU~1.\ystem~1
C:\Program Files\Common Files\{3C206~1
C:\Program Files\Common Files\{FC206~1
C:\Program Files\Common Files\smbols~1
C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
C:\Program Files\inetget2
C:\Program Files\network monitor
C:\Program Files\outerinfo
C:\Program Files\outerinfo\outerinfo.ico
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\winpop
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\wnsapiicomsv32.exe

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

-------\LEGACY_CLIENT_IP-IPX
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\Client IP-IPX
-------\cmdService
-------\Network Monitor

((((((((((((((((((((((((( Files Created from 2007-07-07 to 2007-08-07 )))))))))))))))))))))))))))))))

2007-08-07 14:40 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-08-07 13:26 61,984 --a------ C:\WINDOWS\system32\drivers\xusb21.sys
2007-08-06 19:41 50,048 --a------ C:\WINDOWS\system32\drivers\xusb20.sys
2007-08-06 19:41 1,421,216 --a------ C:\WINDOWS\system32\WdfCoInstaller01001.dll
2007-08-06 19:41 <DIR> d-------- C:\Program Files\Microsoft Xbox 360 Accessories
2007-08-06 19:37 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-08-06 14:10 <DIR> d--hs---- C:\WINDOWS\R2lvcmdpbw
2007-08-06 14:10 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\NetMon
2007-08-06 12:20 <DIR> d-------- C:\My Downloads
2007-08-04 21:43 <DIR> d-------- C:\Program Files\Maxis
2007-08-04 20:24 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-08-04 20:24 <DIR> d-------- C:\Program Files\DkZ Studio
2007-08-04 14:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2007-08-04 14:36 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-08-04 14:36 <DIR> d-------- C:\WINDOWS\nview
2007-08-04 14:35 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-08-03 23:18 <DIR> d-------- C:\WINDOWS\system32\Lang
2007-08-03 23:15 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-08-03 23:15 <DIR> d-------- C:\WINDOWS\system32\RTCOM
2007-08-03 23:14 9,715,200 --a------ C:\WINDOWS\RTLCPL.exe
2007-08-03 23:14 86,016 --a------ C:\WINDOWS\SoundMan.exe
2007-08-03 23:14 69,632 --a------ C:\WINDOWS\Alcmtr.exe
2007-08-03 23:14 520,192 --a------ C:\WINDOWS\RtlExUpd.dll
2007-08-03 23:14 4,432,384 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys
2007-08-03 23:14 315,392 --a------ C:\WINDOWS\HideWin.exe
2007-08-03 23:14 2,808,832 --a------ C:\WINDOWS\alcwzrd.exe
2007-08-03 23:14 2,162,688 --a------ C:\WINDOWS\MicCal.exe
2007-08-03 23:14 16,377,344 --a------ C:\WINDOWS\RTHDCPL.exe
2007-08-03 23:14 1,826,816 --a------ C:\WINDOWS\SkyTel.exe
2007-08-03 23:14 1,191,936 --a------ C:\WINDOWS\RtlUpd.exe
2007-08-03 23:14 <DIR> d-------- C:\Program Files\Realtek
2007-08-03 22:03 <DIR> d-------- C:\Program Files\MagicISO
2007-08-02 23:15 12 --a------ C:\DOCUME~1\ADMINI~1\USERDATA.DAT
2007-08-02 23:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2007-07-31 13:35 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-07-29 22:51 <DIR> d-------- C:\Program Files\Native Instruments
2007-07-29 15:16 <DIR> d-------- C:\Program Files\Xilisoft
2007-07-27 14:05 <DIR> d-------- C:\Program Files\KONAMI
2007-07-27 01:56 <DIR> d-------- C:\Program Files\AIM6
2007-07-27 01:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads
2007-07-25 20:48 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-07-25 20:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-07-23 19:55 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-22 21:26 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRightToGo
2007-07-22 21:17 <DIR> d-------- C:\Program Files\Mp3 Renamer
2007-07-22 20:38 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2007-07-22 20:33 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender
2007-07-22 20:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender
2007-07-22 19:38 <DIR> d-------- C:\WINDOWS\system32\VIRepair
2007-07-22 19:34 8,636 --a------ C:\WINDOWS\system32\modifype.exe
2007-07-22 19:34 19,968 --a------ C:\WINDOWS\system32\reico.exe
2007-07-22 19:34 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
2007-07-22 19:34 <DIR> d-------- C:\WINDOWS\system32\VITrans
2007-07-22 19:34 <DIR> d-------- C:\VTPFiles
2007-07-16 12:27 <DIR> d-------- C:\Program Files\CDCheck
2007-07-16 11:34 <DIR> d-------- C:\Program Files\GTA 3 San Andreas
2007-07-16 00:15 <DIR> d-------- C:\Program Files\One-click Tag Editor
2007-07-16 00:04 <DIR> d-------- C:\Program Files\TagRename
2007-07-15 01:23 <DIR> d-------- C:\Program Files\LucasArts
2007-07-12 12:27 <DIR> d-------- C:\Program Files\iTunes
2007-07-12 12:27 <DIR> d-------- C:\Program Files\iPod
2007-07-12 12:26 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-07-12 12:26 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-07-12 12:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-07-12 12:23 <DIR> d-------- C:\Program Files\QuickTime
2007-07-11 21:08 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-07 18:19 --------- d-------- C:\Program Files\Lexmark 4300 Series
2007-08-07 17:47 --------- d-------- C:\Program Files\FlashGet
2007-08-07 17:39 --------- d-------- C:\Program Files\AIM
2007-08-07 13:26 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_01001.Wdf
2007-08-06 19:58 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf
2007-08-06 19:58 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb20_01001.Wdf
2007-08-03 23:14 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-02 19:50 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
2007-07-27 01:56 335 --a------ C:\WINDOWS\nsreg.dat
2007-07-26 21:58 --------- d-------- C:\Program Files\AMR
2007-07-22 23:35 913408 --a------ C:\WINDOWS\system32\xreglib.dll
2007-07-17 21:29 --------- d-------- C:\Program Files\Absolute Poker
2007-07-02 20:31 8 --a------ C:\WINDOWS\system32\nvModes.dat
2007-07-02 12:28 4 -r-hs---- C:\MSDOS.BIN
2007-07-01 11:59 --------- d-------- C:\Program Files\Sony
2007-06-29 00:43 8466432 --a------ C:\WINDOWS\system32\nvcpl.dll
2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll
2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvmctray.dll
2007-06-29 00:43 753664 --a------ C:\WINDOWS\system32\nvcplui.exe
2007-06-29 00:43 6807328 --a--c--- C:\WINDOWS\system32\dllcache\nv4_mini.sys
2007-06-29 00:43 6807328 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-06-29 00:43 6729728 --a------ C:\WINDOWS\system32\nvoglnt.dll
2007-06-29 00:43 6234112 --a------ C:\WINDOWS\system32\nvdisps.dll
2007-06-29 00:43 5690624 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2007-06-29 00:43 5690624 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-06-29 00:43 5455872 --a------ C:\WINDOWS\system32\nvdispsr.dll
2007-06-29 00:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-06-29 00:43 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll
2007-06-29 00:43 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll
2007-06-29 00:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-06-29 00:43 425984 --a------ C:\WINDOWS\system32\keystone.exe
2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcodins.dll
2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcod.dll
2007-06-29 00:43 360448 --a------ C:\WINDOWS\system32\nvapi.dll
2007-06-29 00:43 3600384 --a------ C:\WINDOWS\system32\nvvitvsr.dll
2007-06-29 00:43 3518464 --a------ C:\WINDOWS\system32\nvvitvs.dll
2007-06-29 00:43 3321856 --a------ C:\WINDOWS\system32\nvgames.dll
2007-06-29 00:43 3072000 --a------ C:\WINDOWS\system32\nvgamesr.dll
2007-06-29 00:43 307200 --a------ C:\WINDOWS\system32\nvexpbar.dll
2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll
2007-06-29 00:43 2854912 --a------ C:\WINDOWS\system32\nvmoblsr.dll
2007-06-29 00:43 2416640 --a------ C:\WINDOWS\system32\nvwssr.dll
2007-06-29 00:43 2330624 --a------ C:\WINDOWS\system32\nvwss.dll
2007-06-29 00:43 229376 --a------ C:\WINDOWS\system32\nvmccs.dll
2007-06-29 00:43 188416 --a------ C:\WINDOWS\system32\nvmccss.dll
2007-06-29 00:43 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2007-06-29 00:43 1626112 --a------ C:\WINDOWS\system32\nwiz.exe
2007-06-29 00:43 155716 --a------ C:\WINDOWS\system32\nvsvc32.exe
2007-06-29 00:43 1474560 --a------ C:\WINDOWS\system32\nview.dll
2007-06-29 00:43 147456 --a------ C:\WINDOWS\system32\nvcolor.exe
2007-06-29 00:43 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2007-06-29 00:43 1142784 --a------ C:\WINDOWS\system32\nvmobls.dll
2007-06-29 00:43 1073152 --a------ C:\WINDOWS\system32\nvcpluir.dll
2007-06-29 00:43 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2007-06-29 00:43 1018772 --a------ C:\WINDOWS\system32\nvucode.bin
2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony
2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Publish Providers
2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\NetMedia Providers
2007-06-27 22:58 --------- d-------- C:\Program Files\Vstplugins
2007-06-27 22:57 --------- d-------- C:\Program Files\Sony Setup
2007-06-27 22:19 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\SopCast
2007-06-27 12:47 --------- d-------- C:\Program Files\Stardock
2007-06-17 17:49 --------- d-------- C:\Program Files\SopCast
2007-06-15 05:15 --------- d-------- C:\Program Files\VDJ5
2007-06-15 04:18 --------- d-------- C:\Program Files\TGTSoft
2007-06-14 23:58 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
2007-06-14 23:56 --------- d-------- C:\Program Files\VideoLAN
2007-06-14 23:27 --------- d-------- C:\Program Files\MediaMonkey
2007-06-14 19:35 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
2007-06-14 14:33 --------- d-------- C:\Program Files\Apple Software Update
2007-06-14 12:18 --------- d-------- C:\Program Files\Image-Line
2007-06-14 12:17 --------- d-------- C:\Program Files\Steinberg
2007-06-14 12:17 --------- d-------- C:\Program Files\ASIO4ALL v2
2007-06-14 06:19 --------- d-------- C:\Program Files\DivX
2007-06-14 06:12 --------- d-------- C:\Program Files\Winamp
2007-06-14 06:10 --------- d-------- C:\Program Files\Common Files\NSV
2007-06-14 01:32 --------- d-------- C:\Program Files\TagRunner
2007-06-11 02:25 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
2007-06-11 02:24 --------- d-------- C:\Program Files\Google
2007-06-11 02:17 19088 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-06-11 01:10 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Steinberg
2007-06-11 01:03 --------- d-------- C:\Program Files\Syncrosoft
2007-06-10 20:02 --------- d-------- C:\Program Files\LimeWire
2007-06-10 19:51 --------- d-------- C:\Program Files\Audacity
2007-06-10 18:42 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-10 16:40 --------- d-------- C:\Program Files\Movie Maker
2007-06-10 16:40 --------- d-------- C:\Program Files\Messenger
2007-06-10 16:38 --------- d-------- C:\Program Files\Windows NT
2007-06-10 16:01 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
2007-06-10 15:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
2007-06-10 15:32 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-06-10 15:12 --------- d--h----- C:\Program Files\WindowsUpdate
2007-06-10 15:06 --------- d-------- C:\Program Files\Common Files\Ahead
2007-06-10 15:06 --------- d-------- C:\Program Files\Ahead
2007-06-10 14:34 --------- d-------- C:\Program Files\AOD
2007-06-10 14:34 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Aim
2007-06-10 13:22 --------- d-------- C:\Program Files\Creative
2007-06-10 12:58 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-06-10 12:28 --------- d-------- C:\Program Files\ORiNOCO
2007-06-10 12:15 0 -rahs---- C:\MSDOS.SYS

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4FDBDECA-350F-3AA0-7874-3DB60940FEC7}]
C:\WINDOWS\system32\gwvmwer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"="P17.dll" [2005-05-03 22:38 C:\WINDOWS\system32\P17.dll]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-07-22 23:34]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-07-22 23:34]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 14:49 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 18:43 C:\WINDOWS\Alcmtr.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-02-12 17:21]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 06:06]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-08-02 20:45]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-07-26 15:17]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 03:00]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 18:35]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 14:31]
"Oalt"="C:\PROGRA~1\COMMON~1\SMBOLS~1\spoolsv.exe" []
"Aokczev"="C:\Documents and Settings\Administrator\My Documents\?ystem\l?gonui.exe" []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-06-24 14:30:37]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 04:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-02-07 17:31 226992 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll

R1 StyleXPHelper;StyleXPHelper;\??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys
R3 P17;Creative SB Audigy LS;C:\WINDOWS\system32\drivers\P17.sys
R3 PRISM_USB;ORiNOCO 802.11b USB Driver;C:\WINDOWS\system32\DRIVERS\EXPSUSB.sys
R3 Wdf01000;Wdf01000;C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21;C:\WINDOWS\system32\DRIVERS\xusb21.sys
S3 AWINDIS5;AWINDIS5 Protocol Driver;\??\C:\WINDOWS\System32\AWINDIS5.SYS
S3 xusb20;Xbox 360 Wireless Receiver for Windows Driver Service;C:\WINDOWS\system32\DRIVERS\xusb20.sys

Contents of the 'Scheduled Tasks' folder
2007-07-26 15:33:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-07 19:38:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd4w\2]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\\27:\xf5wjY\1]
"DisplayName"="\x3da2\x7667\x480\27\x1340\21\t"
"DeviceDesc"="\x3da2\x7667\x480\27\x1340\21\t"
"ProviderName"="\xad8\x388\x24dc\21\x69e0\27\x2808\21\x9005\x77f7"
"MFG"="\xffff\xffff\x3dbf\x7667\x654f\x7667\x112c"
"ReinstallString"=".10.1000.7"
"DeviceInstanceIds"=str(7):"c:\intel desktop board\smbus\smbusati.inf"

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-07 19:41:41 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-07 19:41

--- E O F ---

My Updated Hijackthis Log

Logfile of HijackThis v1.99.1
Scan saved at 7:54:35 PM, on 8/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\lxcecoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {4FDBDECA-350F-3AA0-7874-3DB60940FEC7} - C:\WINDOWS\system32\gwvmwer.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [Oalt] "C:\PROGRA~1\COMMON~1\SMBOLS~1\spoolsv.exe" -vt yazb
O4 - HKCU\..\Run: [Aokczev] "C:\Documents and Settings\Administrator\My Documents\?ystem\l?gonui.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrator\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrator\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

08-07-2007, 06:00 PM	#3 (permalink)
zipzappy Registered User Join Date: May 2007 Posts: 215 OS: XP	Re: Trojans & Adware thank you so much for helping me heres what you asked for... The Panda Scan Log Incident Status Location Adware:adware/commad Not disinfected c:\windows\system32\atmtd.dll Adware:adware/savenow Not disinfected Windows Registry Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\ComboFix\nircmd.exe Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.atdmt.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.247realmedia.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[ad.yieldmanager.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[statse.webtrendslive.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.doubleclick.net/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ads.pointroll.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.advertising.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.go.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adtech.de/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.realmedia.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[ads.pointroll.com/PRServe/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adrevolver.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.mediaplex.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.questionmarket.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.fastclick.net/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.atwola.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.adultfriendfinder.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.toplist.cz/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.phg.hitbox.com/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.target.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.overture.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.burstnet.com/] Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bfast.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[www.burstbeacon.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.zedo.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.statcounter.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.com.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.xiti.com/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.yadro.ru/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bluestreak.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.bs.serving-sys.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[server.iad.liveperson.net/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[server.iad.liveperson.net/hc/43770959] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.tradedoubler.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[statse.webtrendslive.com/S152628] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.as-eu.falkag.net/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.casalemedia.com/] Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-2.txt[.versiontracker.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.atdmt.com/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.247realmedia.com/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[ad.yieldmanager.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[statse.webtrendslive.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.doubleclick.net/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ads.pointroll.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.advertising.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.go.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adtech.de/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.2o7.net/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.realmedia.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[ads.pointroll.com/PRServe/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adrevolver.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.mediaplex.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.questionmarket.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.fastclick.net/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.atwola.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.adultfriendfinder.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.toplist.cz/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.phg.hitbox.com/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.target.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.overture.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.burstnet.com/] Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bfast.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[www.burstbeacon.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.zedo.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.statcounter.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.com.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.xiti.com/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.yadro.ru/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bluestreak.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.bs.serving-sys.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[server.iad.liveperson.net/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[server.iad.liveperson.net/hc/43770959] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.tradedoubler.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[statse.webtrendslive.com/S152628] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.as-eu.falkag.net/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.casalemedia.com/] Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies-3.txt[.versiontracker.com/] Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.2o7.net/] Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.findwhat.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.advertising.com/] Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.atdmt.com/] Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.advertising.com/] Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.overture.com/] Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.questionmarket.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ads.pointroll.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[statse.webtrendslive.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.go.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tribalfusion.com/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.ehg-dig.hitbox.com/] Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adtech.de/] Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.realmedia.com/] Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[ads.pointroll.com/PRServe/] Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adrevolver.com/] Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.fastclick.net/] Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.atwola.com/] Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.adultfriendfinder.com/] Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.toplist.cz/] Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.phg.hitbox.com/] Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.target.com/] Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.burstnet.com/] Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bfast.com/] Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[www.burstbeacon.com/] Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.zedo.com/] Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.com.com/] Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.xiti.com/] Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.yadro.ru/] Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[server.iad.liveperson.net/] Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[server.iad.liveperson.net/hc/43770959] Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[statse.webtrendslive.com/S152628] Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.casalemedia.com/] Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\cookies.txt[.versiontracker.com/] Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[1].txt Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@casalemedia[2].txt Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@ehg-dig.hitbox[2].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@go[2].txt Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[2].txt Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@statcounter[1].txt Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Administrator\Desktop\ComboFix.exe[nircmd.exe] Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Desktop\Giorgio Media\Games\_____100_\______20_plane.exe Virus:Generic Malware Disinfected C:\Documents and Settings\Administrator\Desktop\Giorgio Media\Proggies and Stuff\Style XP\Style.XP.v3.00.Keygen.zip[eclsxp30.exe] Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\mghtooke.default\Cache\7ED6F4AAd01[nircmd.exe] Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b104.exe Adware:Adware/Winpopup Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b122.exe Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\b128.exe Adware:Adware/Winpopup Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4T67KLAB\122[1].net Adware:Adware/Yazzle Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4T67KLAB\128[1].net Virus:Generic Trojan Disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\MHJU1IUQ\104[1].net Adware:Adware/PurityScan Not disinfected C:\Program Files\Common Files\s?mbols\spoolsv.exe Adware:Adware/Yazzle Not disinfected C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe Virus:Trj/Downloader.MDW Disinfected C:\Program Files\WinPop\UnInstall.exe Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\nircmd.exe Adware:Adware/DollarRevenue Not disinfected C:\WINDOWS\system32\atmtd.dll._ My Combo Fix Log ComboFix 07-08-07.6 - "Administrator" 2007-08-07 19:30:15.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.887 [GMT -4:00] * Created a new restore point ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\DOCUME~1\ADMINI~1\MYDOCU~1.\ystem~1 C:\Program Files\Common Files\{3C206~1 C:\Program Files\Common Files\{FC206~1 C:\Program Files\Common Files\smbols~1 C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe C:\Program Files\inetget2 C:\Program Files\network monitor C:\Program Files\outerinfo C:\Program Files\outerinfo\outerinfo.ico C:\Program Files\outerinfo\Terms.rtf C:\Program Files\winpop C:\WINDOWS\system32\atmtd.dll C:\WINDOWS\system32\atmtd.dll._ C:\WINDOWS\system32\wnsapiicomsv32.exe ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) -------\LEGACY_CLIENT_IP-IPX -------\LEGACY_CMDSERVICE -------\LEGACY_NETWORK_MONITOR -------\Client IP-IPX -------\cmdService -------\Network Monitor ((((((((((((((((((((((((( Files Created from 2007-07-07 to 2007-08-07 ))))))))))))))))))))))))))))))) 2007-08-07 14:40 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-08-07 13:26 61,984 --a------ C:\WINDOWS\system32\drivers\xusb21.sys 2007-08-06 19:41 50,048 --a------ C:\WINDOWS\system32\drivers\xusb20.sys 2007-08-06 19:41 1,421,216 --a------ C:\WINDOWS\system32\WdfCoInstaller01001.dll 2007-08-06 19:41 <DIR> d-------- C:\Program Files\Microsoft Xbox 360 Accessories 2007-08-06 19:37 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll 2007-08-06 14:10 <DIR> d--hs---- C:\WINDOWS\R2lvcmdpbw 2007-08-06 14:10 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\NetMon 2007-08-06 12:20 <DIR> d-------- C:\My Downloads 2007-08-04 21:43 <DIR> d-------- C:\Program Files\Maxis 2007-08-04 20:24 737,280 --a------ C:\WINDOWS\iun6002.exe 2007-08-04 20:24 <DIR> d-------- C:\Program Files\DkZ Studio 2007-08-04 14:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles 2007-08-04 14:36 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-08-04 14:36 <DIR> d-------- C:\WINDOWS\nview 2007-08-04 14:35 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2007-08-03 23:18 <DIR> d-------- C:\WINDOWS\system32\Lang 2007-08-03 23:15 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe 2007-08-03 23:15 <DIR> d-------- C:\WINDOWS\system32\RTCOM 2007-08-03 23:14 9,715,200 --a------ C:\WINDOWS\RTLCPL.exe 2007-08-03 23:14 86,016 --a------ C:\WINDOWS\SoundMan.exe 2007-08-03 23:14 69,632 --a------ C:\WINDOWS\Alcmtr.exe 2007-08-03 23:14 520,192 --a------ C:\WINDOWS\RtlExUpd.dll 2007-08-03 23:14 4,432,384 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys 2007-08-03 23:14 315,392 --a------ C:\WINDOWS\HideWin.exe 2007-08-03 23:14 2,808,832 --a------ C:\WINDOWS\alcwzrd.exe 2007-08-03 23:14 2,162,688 --a------ C:\WINDOWS\MicCal.exe 2007-08-03 23:14 16,377,344 --a------ C:\WINDOWS\RTHDCPL.exe 2007-08-03 23:14 1,826,816 --a------ C:\WINDOWS\SkyTel.exe 2007-08-03 23:14 1,191,936 --a------ C:\WINDOWS\RtlUpd.exe 2007-08-03 23:14 <DIR> d-------- C:\Program Files\Realtek 2007-08-03 22:03 <DIR> d-------- C:\Program Files\MagicISO 2007-08-02 23:15 12 --a------ C:\DOCUME~1\ADMINI~1\USERDATA.DAT 2007-08-02 23:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems 2007-07-31 13:35 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2007-07-29 22:51 <DIR> d-------- C:\Program Files\Native Instruments 2007-07-29 15:16 <DIR> d-------- C:\Program Files\Xilisoft 2007-07-27 14:05 <DIR> d-------- C:\Program Files\KONAMI 2007-07-27 01:56 <DIR> d-------- C:\Program Files\AIM6 2007-07-27 01:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL Downloads 2007-07-25 20:48 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-07-25 20:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab 2007-07-23 19:55 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-22 21:26 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\GetRightToGo 2007-07-22 21:17 <DIR> d-------- C:\Program Files\Mp3 Renamer 2007-07-22 20:38 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-07-22 20:33 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Bitdefender 2007-07-22 20:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender 2007-07-22 19:38 <DIR> d-------- C:\WINDOWS\system32\VIRepair 2007-07-22 19:34 8,636 --a------ C:\WINDOWS\system32\modifype.exe 2007-07-22 19:34 19,968 --a------ C:\WINDOWS\system32\reico.exe 2007-07-22 19:34 111,104 --a------ C:\WINDOWS\system32\Uharc.exe 2007-07-22 19:34 <DIR> d-------- C:\WINDOWS\system32\VITrans 2007-07-22 19:34 <DIR> d-------- C:\VTPFiles 2007-07-16 12:27 <DIR> d-------- C:\Program Files\CDCheck 2007-07-16 11:34 <DIR> d-------- C:\Program Files\GTA 3 San Andreas 2007-07-16 00:15 <DIR> d-------- C:\Program Files\One-click Tag Editor 2007-07-16 00:04 <DIR> d-------- C:\Program Files\TagRename 2007-07-15 01:23 <DIR> d-------- C:\Program Files\LucasArts 2007-07-12 12:27 <DIR> d-------- C:\Program Files\iTunes 2007-07-12 12:27 <DIR> d-------- C:\Program Files\iPod 2007-07-12 12:26 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2007-07-12 12:26 <DIR> d-------- C:\Program Files\Common Files\Apple 2007-07-12 12:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple 2007-07-12 12:23 <DIR> d-------- C:\Program Files\QuickTime 2007-07-11 21:08 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-07 18:19 --------- d-------- C:\Program Files\Lexmark 4300 Series 2007-08-07 17:47 --------- d-------- C:\Program Files\FlashGet 2007-08-07 17:39 --------- d-------- C:\Program Files\AIM 2007-08-07 13:26 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_01001.Wdf 2007-08-06 19:58 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf 2007-08-06 19:58 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb20_01001.Wdf 2007-08-03 23:14 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-08-02 19:50 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire 2007-07-27 01:56 335 --a------ C:\WINDOWS\nsreg.dat 2007-07-26 21:58 --------- d-------- C:\Program Files\AMR 2007-07-22 23:35 913408 --a------ C:\WINDOWS\system32\xreglib.dll 2007-07-17 21:29 --------- d-------- C:\Program Files\Absolute Poker 2007-07-02 20:31 8 --a------ C:\WINDOWS\system32\nvModes.dat 2007-07-02 12:28 4 -r-hs---- C:\MSDOS.BIN 2007-07-01 11:59 --------- d-------- C:\Program Files\Sony 2007-06-29 00:43 8466432 --a------ C:\WINDOWS\system32\nvcpl.dll 2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll 2007-06-29 00:43 81920 --a------ C:\WINDOWS\system32\nvmctray.dll 2007-06-29 00:43 753664 --a------ C:\WINDOWS\system32\nvcplui.exe 2007-06-29 00:43 6807328 --a--c--- C:\WINDOWS\system32\dllcache\nv4_mini.sys 2007-06-29 00:43 6807328 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-06-29 00:43 6729728 --a------ C:\WINDOWS\system32\nvoglnt.dll 2007-06-29 00:43 6234112 --a------ C:\WINDOWS\system32\nvdisps.dll 2007-06-29 00:43 5690624 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll 2007-06-29 00:43 5690624 --a------ C:\WINDOWS\system32\nv4_disp.dll 2007-06-29 00:43 5455872 --a------ C:\WINDOWS\system32\nvdispsr.dll 2007-06-29 00:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll 2007-06-29 00:43 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll 2007-06-29 00:43 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll 2007-06-29 00:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe 2007-06-29 00:43 425984 --a------ C:\WINDOWS\system32\keystone.exe 2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcodins.dll 2007-06-29 00:43 37376 --a------ C:\WINDOWS\system32\nvcod.dll 2007-06-29 00:43 360448 --a------ C:\WINDOWS\system32\nvapi.dll 2007-06-29 00:43 3600384 --a------ C:\WINDOWS\system32\nvvitvsr.dll 2007-06-29 00:43 3518464 --a------ C:\WINDOWS\system32\nvvitvs.dll 2007-06-29 00:43 3321856 --a------ C:\WINDOWS\system32\nvgames.dll 2007-06-29 00:43 3072000 --a------ C:\WINDOWS\system32\nvgamesr.dll 2007-06-29 00:43 307200 --a------ C:\WINDOWS\system32\nvexpbar.dll 2007-06-29 00:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll 2007-06-29 00:43 2854912 --a------ C:\WINDOWS\system32\nvmoblsr.dll 2007-06-29 00:43 2416640 --a------ C:\WINDOWS\system32\nvwssr.dll 2007-06-29 00:43 2330624 --a------ C:\WINDOWS\system32\nvwss.dll 2007-06-29 00:43 229376 --a------ C:\WINDOWS\system32\nvmccs.dll 2007-06-29 00:43 188416 --a------ C:\WINDOWS\system32\nvmccss.dll 2007-06-29 00:43 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll 2007-06-29 00:43 1626112 --a------ C:\WINDOWS\system32\nwiz.exe 2007-06-29 00:43 155716 --a------ C:\WINDOWS\system32\nvsvc32.exe 2007-06-29 00:43 1474560 --a------ C:\WINDOWS\system32\nview.dll 2007-06-29 00:43 147456 --a------ C:\WINDOWS\system32\nvcolor.exe 2007-06-29 00:43 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe 2007-06-29 00:43 1142784 --a------ C:\WINDOWS\system32\nvmobls.dll 2007-06-29 00:43 1073152 --a------ C:\WINDOWS\system32\nvcpluir.dll 2007-06-29 00:43 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll 2007-06-29 00:43 1018772 --a------ C:\WINDOWS\system32\nvucode.bin 2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Sony 2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Publish Providers 2007-06-28 13:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\NetMedia Providers 2007-06-27 22:58 --------- d-------- C:\Program Files\Vstplugins 2007-06-27 22:57 --------- d-------- C:\Program Files\Sony Setup 2007-06-27 22:19 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\SopCast 2007-06-27 12:47 --------- d-------- C:\Program Files\Stardock 2007-06-17 17:49 --------- d-------- C:\Program Files\SopCast 2007-06-15 05:15 --------- d-------- C:\Program Files\VDJ5 2007-06-15 04:18 --------- d-------- C:\Program Files\TGTSoft 2007-06-14 23:58 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc 2007-06-14 23:56 --------- d-------- C:\Program Files\VideoLAN 2007-06-14 23:27 --------- d-------- C:\Program Files\MediaMonkey 2007-06-14 19:35 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX 2007-06-14 14:33 --------- d-------- C:\Program Files\Apple Software Update 2007-06-14 12:18 --------- d-------- C:\Program Files\Image-Line 2007-06-14 12:17 --------- d-------- C:\Program Files\Steinberg 2007-06-14 12:17 --------- d-------- C:\Program Files\ASIO4ALL v2 2007-06-14 06:19 --------- d-------- C:\Program Files\DivX 2007-06-14 06:12 --------- d-------- C:\Program Files\Winamp 2007-06-14 06:10 --------- d-------- C:\Program Files\Common Files\NSV 2007-06-14 01:32 --------- d-------- C:\Program Files\TagRunner 2007-06-11 02:25 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Google 2007-06-11 02:24 --------- d-------- C:\Program Files\Google 2007-06-11 02:17 19088 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\GDIPFONTCACHEV1.DAT 2007-06-11 01:10 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Steinberg 2007-06-11 01:03 --------- d-------- C:\Program Files\Syncrosoft 2007-06-10 20:02 --------- d-------- C:\Program Files\LimeWire 2007-06-10 19:51 --------- d-------- C:\Program Files\Audacity 2007-06-10 18:42 --------- d-------- C:\Program Files\Windows Media Connect 2 2007-06-10 16:40 --------- d-------- C:\Program Files\Movie Maker 2007-06-10 16:40 --------- d-------- C:\Program Files\Messenger 2007-06-10 16:38 --------- d-------- C:\Program Files\Windows NT 2007-06-10 16:01 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR 2007-06-10 15:57 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer 2007-06-10 15:32 --------- d-------- C:\Program Files\Microsoft ActiveSync 2007-06-10 15:12 --------- d--h----- C:\Program Files\WindowsUpdate 2007-06-10 15:06 --------- d-------- C:\Program Files\Common Files\Ahead 2007-06-10 15:06 --------- d-------- C:\Program Files\Ahead 2007-06-10 14:34 --------- d-------- C:\Program Files\AOD 2007-06-10 14:34 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Aim 2007-06-10 13:22 --------- d-------- C:\Program Files\Creative 2007-06-10 12:58 --------- d-------- C:\Program Files\Common Files\InstallShield 2007-06-10 12:28 --------- d-------- C:\Program Files\ORiNOCO 2007-06-10 12:15 0 -rahs---- C:\MSDOS.SYS ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4FDBDECA-350F-3AA0-7874-3DB60940FEC7}] C:\WINDOWS\system32\gwvmwer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "P17Helper"="P17.dll" [2005-05-03 22:38 C:\WINDOWS\system32\P17.dll] "BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2007-07-22 23:34] "BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2007-07-22 23:34] "RTHDCPL"="RTHDCPL.EXE" [2007-06-13 14:49 C:\WINDOWS\RTHDCPL.exe] "Alcmtr"="ALCMTR.EXE" [2005-05-03 18:43 C:\WINDOWS\Alcmtr.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43] "XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-02-12 17:21] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 06:06] "lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-08-02 20:45] "EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-07-26 15:17] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 03:00] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 18:35] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:56] "STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 14:31] "Oalt"="C:\PROGRA~1\COMMON~1\SMBOLS~1\spoolsv.exe" [] "Aokczev"="C:\Documents and Settings\Administrator\My Documents\?ystem\l?gonui.exe" [] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-06-24 14:30:37] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 04:01:04] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-02-07 17:31 226992 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=sockspy.dll R1 StyleXPHelper;StyleXPHelper;\??\C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys R3 P17;Creative SB Audigy LS;C:\WINDOWS\system32\drivers\P17.sys R3 PRISM_USB;ORiNOCO 802.11b USB Driver;C:\WINDOWS\system32\DRIVERS\EXPSUSB.sys R3 Wdf01000;Wdf01000;C:\WINDOWS\system32\DRIVERS\Wdf01000.sys R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21;C:\WINDOWS\system32\DRIVERS\xusb21.sys S3 AWINDIS5;AWINDIS5 Protocol Driver;\??\C:\WINDOWS\System32\AWINDIS5.SYS S3 xusb20;Xbox 360 Wireless Receiver for Windows Driver Service;C:\WINDOWS\system32\DRIVERS\xusb20.sys Contents of the 'Scheduled Tasks' folder 2007-07-26 15:33:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job ************************************************************************ catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-07 19:38:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac\|\xff\xff\xff\xff"\x2022\x20ac\|\xfe\xbb\xd4w\2] "5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\Software\Adobe\FeatureSubscriptions\DVAAdobeDocMeta\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\Registered" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\\27:\xf5wjY\1] "DisplayName"="\x3da2\x7667\x480\27\x1340\21\t" "DeviceDesc"="\x3da2\x7667\x480\27\x1340\21\t" "ProviderName"="\xad8\x388\x24dc\21\x69e0\27\x2808\21\x9005\x77f7" "MFG"="\xffff\xffff\x3dbf\x7667\x654f\x7667\x112c" "ReinstallString"=".10.1000.7" "DeviceInstanceIds"=str(7):"c:\intel desktop board\smbus\smbusati.inf" scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ Completion time: 2007-08-07 19:41:41 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-08-07 19:41 --- E O F --- My Updated Hijackthis Log Logfile of HijackThis v1.99.1 Scan saved at 7:54:35 PM, on 8/7/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe C:\Program Files\Softwin\BitDefender10\vsserv.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Softwin\BitDefender10\bdmcon.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe C:\Program Files\Lexmark 4300 Series\ezprint.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AIM\aim.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\lxcecoms.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {4FDBDECA-350F-3AA0-7874-3DB60940FEC7} - C:\WINDOWS\system32\gwvmwer.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [Oalt] "C:\PROGRA~1\COMMON~1\SMBOLS~1\spoolsv.exe" -vt yazb O4 - HKCU\..\Run: [Aokczev] "C:\Documents and Settings\Administrator\My Documents\?ystem\l?gonui.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrator\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\Administrator\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcecoms.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)