Thread: popups and running slow
View Single Post
Old 05-11-2008, 08:57 AM   #2 (permalink)
jennygood
Registered User
 
Join Date: May 2008
Posts: 6
OS: windows xp


Re: popups and running slow
sorry forgot these


Deckard's System Scanner v20071014.68
Run by Chad on 2008-05-11 11:53:09
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
50: 2008-05-11 15:53:16 UTC - RP107 - Deckard's System Scanner Restore Point
49: 2008-05-10 17:14:19 UTC - RP106 - System Checkpoint
48: 2008-05-09 16:04:12 UTC - RP105 - System Checkpoint
47: 2008-05-08 13:52:44 UTC - RP104 - System Checkpoint
46: 2008-05-07 02:54:43 UTC - RP103 - System Checkpoint


-- First Restore Point --
1: 2008-05-04 01:55:00 UTC - RP58 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as Chad.exe) ------------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-05-11 11:53:39
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Chad\Desktop\dss.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7F3EA905-DE65-4D00-BC1F-FF3A77F8CA30} - C:\WINDOWS\system32\wvUnOGwX.dll
O2 - BHO: (no name) - {CDC07FFF-CCA7-47F3-87EE-A6225FEC3FE7} - C:\WINDOWS\system32\geBRjHwW.dll
O2 - BHO: {b4c72910-2eac-9f8a-b1d4-64c0475cc39d} - {d93cc574-0c46-4d1b-a8f9-cae201927c4b} - C:\WINDOWS\system32\ahskbeyj.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [b07ed561] rundll32.exe "C:\WINDOWS\system32\bgbypjgd.dll",b
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: KenoPop! by pogo () - http://game3.pogo.com/v/8.1.8.21/app...keno-en_US.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} () - http://fpdownload.macromedia.com/get...irector/sw.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1203479944187
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: wvUnOGwX - C:\WINDOWS\system32\wvUnOGwX.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


--
End of file - 5981 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\Chad\Desktop\HIJACK~1\backups\) -------

backup-20080505-152259-592 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
backup-20080505-152259-862 O11 - Options group: [INTERNATIONAL] International*
backup-20080505-152259-880 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 Sentinel - c:\windows\system32\drivers\sentinel.sys <Not Verified; Rainbow Technologies, Inc.; Sentinel System Driver>
R3 Pcouffin (Low level access layer for CD devices) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S2 DS1410D - c:\windows\system32\drivers\ds1410d.sys (file missing)
S3 Sntnlusb (Rainbow USB SuperPro) - c:\windows\system32\drivers\sntnlusb.sys <Not Verified; Rainbow Technologies Inc.; Rainbow Technologies USB Security Device Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ForceWare Intelligent Application Manager (IAM) - c:\program files\nvidia corporation\networkaccessmanager\bin\nsvcappflt.exe <Not Verified; ; app_filter Module>

S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-04-11 and 2008-05-11 -----------------------------

2008-05-11 09:43:56 0 d-------- C:\Program Files\Panda Security
2008-05-11 09:24:45 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-11 09:24:22 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>
2008-05-11 09:24:22 0 d-------- C:\Program Files\SpywareBlaster
2008-05-10 23:11:32 91712 --a------ C:\WINDOWS\system32\bgbypjgd.dll
2008-05-10 23:08:32 102464 --a------ C:\WINDOWS\system32\ahskbeyj.dll
2008-05-10 23:05:32 2112 --a------ C:\WINDOWS\system32\jmfwarxy.exe
2008-05-10 23:02:32 100416 --a------ C:\WINDOWS\system32\vskwqmkk.dll
2008-05-10 22:08:22 2112 --a------ C:\WINDOWS\system32\luupsewc.exe
2008-05-09 22:07:18 2112 --a------ C:\WINDOWS\system32\cxxayorx.exe
2008-05-09 22:04:19 102976 --a------ C:\WINDOWS\system32\hslmskly.dll
2008-05-09 22:01:18 98368 --a------ C:\WINDOWS\system32\qtwyshic.dll
2008-05-08 22:44:25 0 d-------- C:\Documents and Settings\Chad\Application Data\Sudden Games
2008-05-08 22:39:29 0 d-------- C:\Program Files\Yard Sale Junkie
2008-05-08 22:08:36 101440 --a------ C:\WINDOWS\system32\plqthkvg.dll
2008-05-08 22:02:36 2112 --a------ C:\WINDOWS\system32\jyhidxfh.exe
2008-05-08 21:59:41 99904 --a------ C:\WINDOWS\system32\puapvodk.dll
2008-05-07 22:07:40 2112 --a------ C:\WINDOWS\system32\fttkawho.exe
2008-05-07 22:04:40 106560 --a------ C:\WINDOWS\system32\ujpcacqy.dll
2008-05-07 21:58:40 105024 --a------ C:\WINDOWS\system32\rnhurjsy.dll
2008-05-06 22:28:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-06 22:28:54 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-05-06 2231 2112 --a------ C:\WINDOWS\system32\hdnxybim.exe
2008-05-06 22:00:31 108608 --a------ C:\WINDOWS\system32\msknpedv.dll
2008-05-06 21:57:40 104512 --a------ C:\WINDOWS\system32\avylcfjn.dll
2008-05-05 22:02:52 107584 --a------ C:\WINDOWS\system32\jtowsuaf.dll
2008-05-05 21:57:02 104000 --a------ C:\WINDOWS\system32\qxruupyp.dll
2008-05-05 18:25:06 1160 --a------ C:\WINDOWS\mozver.dat
2008-05-05 08:54:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-05 07:45:17 107584 --a------ C:\WINDOWS\system32\atudfvtp.dll
2008-05-05 07:22:28 104000 --a------ C:\WINDOWS\system32\sxmhblpd.dll
2008-05-03 21:54:49 1106402 --ahs---- C:\WINDOWS\system32\WwHjRBeg.ini2
2008-05-03 21:54:43 281600 --a------ C:\WINDOWS\system32\geBRjHwW.dll
2008-05-03 21:49:41 45056 --a------ C:\WINDOWS\system32\wvUnOGwX.dll
2008-05-01 19:09:17 0 d-------- C:\Documents and Settings\All Users\Application Data\HipSoft
2008-05-01 19:08:54 0 d-------- C:\Program Files\Buildalot 2 Town Of The Year
2008-04-30 22:30:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Gogii
2008-04-30 22:29:43 0 d-------- C:\Program Files\The Hidden Object Show
2008-04-26 23:24:48 0 dr-h----- C:\Documents and Settings\Chad\Recent
2008-04-26 23:23:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-04-26 06:11:23 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-26 06:11:20 0 d-------- C:\Documents and Settings\Chad\Application Data\Mozilla
2008-04-25 14:42:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Fugazo
2008-04-25 14:36:12 0 d-------- C:\Program Files\Cooking Academy
2008-04-23 09:10:57 0 d-------- C:\Documents and Settings\Chad\Application Data\Wildfire
2008-04-23 09:10:50 0 d-------- C:\Program Files\Tumblebugs 2
2008-04-21 22:34:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Astar Games
2008-04-21 22:31:30 0 d-------- C:\Program Files\Ice Cream Mania
2008-04-19 01:13:19 0 d-------- C:\Documents and Settings\Chad\Application Data\Ludia
2008-04-19 01:13:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Ludia
2008-04-14 19:03:44 4096 --a------ C:\WINDOWS\d3dx.dat
2008-04-14 18:59:11 0 d-------- C:\Program Files\Airport Mania
2008-04-13 00:22:28 52736 --a------ C:\WINDOWS\ipuninst.exe <Not Verified; Interplay Productions; Interplay Uninstaller for Windows 95>
2008-04-13 00:21:34 0 d-------- C:\Program Files\BlackIsle
2008-04-12 01:49:36 0 d-------- C:\Program Files\GSP


-- Find3M Report ---------------------------------------------------------------

2008-05-05 18:41:00 0 d-------- C:\Documents and Settings\Chad\Application Data\PlayFirst
2008-04-27 18:36:43 0 d-------- C:\Program Files\Fashion Boutique
2008-04-27 14:30:34 0 d-------- C:\Documents and Settings\Chad\Application Data\mIRC
2008-04-22 12:31:25 0 d-------- C:\Program Files\mIRC
2008-04-20 20:23:37 0 d-------- C:\Documents and Settings\Chad\Application Data\Azureus
2008-04-12 01:49:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-10 21:32:02 0 d-------- C:\Program Files\Burger Shop
2008-04-09 21:52:27 0 d-------- C:\Program Files\Yahtzee Texas Hold Em
2008-04-08 09:04:09 0 d-------- C:\Documents and Settings\Chad\Application Data\Jane s Hotel Family Hero
2008-04-08 09:04:07 0 d-------- C:\Program Files\Janes Hotel Family Hero
2008-04-07 20:13:56 0 d-------- C:\Documents and Settings\Chad\Application Data\fltk.org
2008-04-04 09:07:17 0 d-------- C:\Documents and Settings\Chad\Application Data\Meridian93
2008-03-26 14:59:33 0 d-------- C:\Documents and Settings\Chad\Application Data\AdobeUM
2008-03-23 10:04:28 0 d-------- C:\Documents and Settings\Chad\Application Data\Yahoo!
2008-03-22 21:03:20 0 d-------- C:\Program Files\Azureus
2008-03-22 19:55:39 0 d-------- C:\Documents and Settings\Chad\Application Data\funkitron
2008-03-21 10:33:59 0 d-------- C:\Documents and Settings\Chad\Application Data\WinWay
2008-03-18 17:47:56 0 d-------- C:\Documents and Settings\Chad\Application Data\MSN6
2008-03-17 23:32:21 0 d-------- C:\Program Files\Chuzzle Deluxe
2008-03-16 18:50:13 0 d-------- C:\Program Files\Yahtzee
2008-03-14 13:56:50 370 --a------ C:\WINDOWS\system32\vfw_32.reg
2008-03-14 13:00:47 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-14 13:00:47 0 d-------- C:\Documents and Settings\Chad\Application Data\Adobe
2008-03-14 13:00:45 0 d-------- C:\Program Files\Common Files
2008-03-13 15:20:56 0 d-------- C:\Program Files\Purrfect Pet Shop
2008-03-13 01:25:39 0 d-------- C:\Documents and Settings\Chad\Application Data\Macromedia
2008-02-20 04:25:32 536 --a------ C:\WINDOWS\eReg.dat
2008-02-19 01:44:27 0 -rahs---- C:\MSDOS.SYS
2008-02-19 01:44:27 0 -rahs---- C:\IO.SYS
2008-02-19 01:44:27 0 --a------ C:\CONFIG.SYS
2008-02-19 01:44:27 0 --a------ C:\AUTOEXEC.BAT
2008-02-19 01:41:58 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-02-18 20:33:57 62 --ahs---- C:\Documents and Settings\Chad\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F3EA905-DE65-4D00-BC1F-FF3A77F8CA30}]
05/03/2008 09:49 PM 45056 --a------ C:\WINDOWS\system32\wvUnOGwX.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CDC07FFF-CCA7-47F3-87EE-A6225FEC3FE7}]
05/03/2008 09:54 PM 281600 --a------ C:\WINDOWS\system32\geBRjHwW.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d93cc574-0c46-4d1b-a8f9-cae201927c4b}]
05/10/2008 11:08 PM 102464 --a------ C:\WINDOWS\system32\ahskbeyj.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/05/2006 09:25 AM]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [07/13/2006 09:12 AM]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12/05/2007 02:41 AM]
"NWEReboot"="" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [05/05/2008 08:48 AM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12/05/2007 02:41 AM]
"b07ed561"="C:\WINDOWS\system32\bgbypjgd.dll" [05/10/2008 11:11 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [03/12/2007 03:49 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 01:56 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{7F3EA905-DE65-4D00-BC1F-FF3A77F8CA30}"= C:\WINDOWS\system32\wvUnOGwX.dll [05/03/2008 09:49 PM 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUnOGwX]
wvUnOGwX.dll 05/03/2008 09:49 PM 45056 C:\WINDOWS\system32\wvUnOGwX.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\geBRjHwW

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]




-- End of Deckard's System Scanner: finished at 2008-05-11 11:54:42 ------------





;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-11 11:50:27
PROTECTIONS: 0
MALWARE: 60
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.trafficmp.com/]
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@casalemedia[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.casalemedia.com/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@tradedoubler[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.fastclick.net/]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.fastclick.net/]
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.tribalfusion.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.mediaplex.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@mediaplex[1].txt
00147796 Cookie/Entrepreneur TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@entrepreneur[2].txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@findwhat[1].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@www.myaffiliateprogram[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@com[3].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@com[4].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@xiti[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.azjmp.com/]
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@azjmp[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@azjmp[3].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@toplist[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@statcounter[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.statcounter.com/]
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.statcounter.com/]
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@perf.overture[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACzmQ0Ar3cEAAIAXAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAFw3JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_1.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fwww.gamepro.com%252fcommunity%252fforums%252findex.cfm%253faction%253dmessagelist%2526cat_id%253d23%2526topi,http://media.adrevolver.com/adrevolver/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACzmQ0Ar3cEAAIAXAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAFw3JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_1.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fwww.gamepro.com%252fcommunity%252fforums%252findex.cfm%253faction%253dmessagelist%2526cat_id%253d23%2526topi,http://media.adrevolver.com/adrevolver/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACMmA0Ar3cEAAIAdAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAKc4JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_8.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fpagead2.googlesyndication.com%252fpagead%252fads%253fclient%253dca-pub-0263065466324266%2526dt%253d12103,http://media.adrevolver.com/adrevolver/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACMmA0Ar3cEAAIAdAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAKc4JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_8.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fpagead2.googlesyndication.com%252fpagead%252fads%253fclient%253dca-pub-0263065466324266%2526dt%253d12103,http://media.adrevolver.com/adrevolver/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACMmA0Ar3cEAAIAdAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAKc4JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_8.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fpagead2.googlesyndication.com%252fpagead%252fads%253fclient%253dca-pub-0263065466324266%2526dt%253d12103,http://media.adrevolver.com/adrevolver/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[ad.yieldmanager.com/click,AAAAAHkmBACzmQ0Ar3cEAAIAXAAAAP8AAAAGCAIABgP4AgYAa.cDAGWnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAFw3JEgAAAAA,,http%3A%2F%2F85.12.43.83%2Ffls.geo%2Fus_728x90_1.html%3Fa%3Db%26aid%3D202020%26guid%3D91db01d10b1b46c3aad5b16665b69753%26uid%3D0a25aea2197d11ddb5c3202020cfffff%26rid%3Dggthnks%26url%3Dhttp%253a%252f%252fwww.gamepro.com%252fcommunity%252fforums%252findex.cfm%253faction%253dmessagelist%2526cat_id%253d23%2526topi,http://media.adrevolver.com/adrevolver/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.apmebf.com/]
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@apmebf[3].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@apmebf[5].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.burstnet.com/]
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@burstnet[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.bs.serving-sys.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[www.burstbeacon.com/]
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@www.burstbeacon[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[server.iad.liveperson.net/]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[server.iad.liveperson.net/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advertising.com/]
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@media.adrevolver[7].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@media.adrevolver[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@media.adrevolver[3].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@media.adrevolver[5].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[statse.webtrendslive.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.pointroll.com/]
00170550 Cookie/Humanclick TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@hc2.humanclick[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@overture[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.overture.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@realmedia[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.realmedia.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.questionmarket.com/]
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.questionmarket.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.zedo.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@adrevolver[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adultfriendfinder.com/]
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@adultfriendfinder[4].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@adultfriendfinder[1].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@adultfriendfinder[3].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adultfriendfinder.com/]
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@target[2].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@target[3].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@target[5].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@target[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@atwola[3].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@atwola[1].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@www1.addfreestats[1].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@ads.addynamix[1].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.ads.addynamix.com/]
00382737 HackTool/Zapgon.A HackTools No 0 No No D:\Programs\mIRC6.12Invision2.0.rar[mIRC6.12Invision2.0\Invision\Stdio.dll]
00431644 Trj/Agent.DIL Virus/Trojan No 0 Yes No F:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP65\A0012948.exe
01185375 Application/Psexec.A HackTools No 0 Yes No F:\System Volume Information\_restore{1BCD3441-2466-4383-840E-D92E22F5ECDA}\RP131\A0135148.EXE
01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@enhance[1].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No F:\System Volume Information\_restore{1BCD3441-2466-4383-840E-D92E22F5ECDA}\RP132\A0135368.com
01262593 Application/NirCmd.A HackTools No 0 No No F:\System Volume Information\_restore{1BCD3441-2466-4383-840E-D92E22F5ECDA}\RP132\A0135343.exe[327882R2FWJFW\nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No F:\System Volume Information\_restore{1BCD3441-2466-4383-840E-D92E22F5ECDA}\RP132\A0135343.exe[327882R2FWJFW\nircmd.com]
01262593 Application/NirCmd.A HackTools No 0 Yes No F:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP65\A0010020.exe
01308048 Adware/TTC Adware No 0 Yes No F:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP65\A0013731.exe
01308049 Adware/TTC Adware No 0 No No F:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP65\A0013731.exe[TTC.dll]
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@adserver.easyad[1].txt
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.adserver.easyad.info/]
01658945 Adware/TTC Adware No 0 No No F:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP65\A0013731.exe[folder.js]
02688464 Adware/DnsInsider Adware No 0 Yes No F:\System Volume Information\_restore{1BCD3441-2466-4383-840E-D92E22F5ECDA}\RP103\A0096109.exe
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Application Data\Mozilla\Firefox\Profiles\qb33fdmw.default\cookies.txt[.advancedcleaner.com/]
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@advancedcleaner[2].txt
02887528 Cookie/AdvancedCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Chad\Cookies\chad@advancedcleaner[1].txt
02937437 Spyware/Virtumonde Spyware Yes 2 Yes No C:\WINDOWS\SYSTEM32\WVUNOGWX.DLL
02938505 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\atudfvtp.dll
02938505 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\jtowsuaf.dll
02938511 Trj/Proxy.BF Virus/Trojan No 1 Yes No C:\WINDOWS\system32\avylcfjn.dll
02938531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\sxmhblpd.dll
02938531 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\qxruupyp.dll
02938570 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\rnhurjsy.dll
02938581 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP103\A0022106.dll
02940808 Spyware/Virtumonde Spyware No 1 Yes No C:\System Volume Information\_restore{F87A8F22-B149-49AA-BC94-D7F5F42ABA05}\RP104\A0022137.dll
02940861 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\ujpcacqy.dll
02940899 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\msknpedv.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
170904 HIGH MS07-043
;===================================================================================================================================================================================
Attached Files
File Type: txt extra.txt (12.5 KB, 2 views)
jennygood is offline