Thread: Blue Desktop with spyware detected - appears to be Smitfraud?
View Single Post
Old 08-14-2008, 02:21 PM   #4 (permalink)
-Shirt
Registered User
 
Join Date: Aug 2008
Posts: 6
OS: Win XP


Re: [SOLVED] Blue Desktop with "spyware detected" - appears to be Smitfraud
Hi Ried,

sorry for the delay, I've been away from my computer.

Findlop.txt below, Panda scan is attached. On the basis of this stickied thread I haven't run Deckards.

Thanks

-Shirt



Volume in drive H is Bruce
Volume Serial Number is 9439-7155

Directory of H:\Documents and Settings\All Users\Application Data

09/12/2007 10:17 <DIR> Adobe
23/08/2006 18:00 <DIR> Ahead
10/06/2007 08:52 <DIR> Apple Computer
17/10/2005 23:34 <DIR> CashAtomEachLess
19/10/2005 17:46 <DIR> GridPartBoneMeta
12/08/2008 07:12 <DIR> Lavasoft
03/08/2004 17:46 <DIR> Macrovision
12/08/2008 17:09 <DIR> Malwarebytes
16/12/2004 18:45 <DIR> MSN6
07/05/2007 22:07 <DIR> MumboJumbo
10/10/2004 16:30 <DIR> Network Associates
19/10/2005 17:37 <DIR> New Folder
30/07/2004 15:02 <DIR> nView_Profiles
11/01/2006 20:17 <DIR> Pinnacle
07/12/2006 22:50 2,925 QTSBandwidthCache
27/07/2004 19:26 <DIR> QuickTime
04/01/2007 18:36 <DIR> shockwave.com
28/03/2007 21:08 <DIR> Skype
09/11/2007 11:24 <DIR> Sony Ericsson
12/08/2008 20:51 <DIR> Spybot - Search & Destroy
10/10/2004 16:29 <DIR> Symantec
09/11/2007 11:24 <DIR> Teleca
07/05/2007 22:07 <DIR> Trymedia
18/08/2005 23:46 <DIR> Windows Genuine Advantage
1 File(s) 2,925 bytes
23 Dir(s) 3,900,993,536 bytes free
Volume in drive H is Bruce
Volume Serial Number is 9439-7155

Directory of H:\Documents and Settings\Tom\Application Data

17/02/2008 20:35 <DIR> Adobe
15/03/2007 20:42 <DIR> AdobeAUM
20/05/2007 19:27 <DIR> AdobeUM
29/10/2006 08:41 <DIR> Ahead
16/03/2006 08:48 <DIR> Apple Computer
30/11/2006 21:37 <DIR> Arcsoft
19/10/2005 17:45 <DIR> BinPureName
28/07/2004 22:23 <DIR> CoffeeCup Software
13/02/2005 19:35 <DIR> DVD Shrink
11/06/2005 10:33 39 EV Nova License.lcs
01/06/2006 20:59 140 EV Nova Prefs.prf
30/09/2007 22:25 <DIR> Gamelab
02/01/2007 20:21 66,680 GDIPFONTCACHEV1.DAT
23/08/2004 15:28 <DIR> GetBot
30/07/2004 03:37 <DIR> Help
26/07/2004 12:41 <DIR> Identities
26/07/2004 13:06 <DIR> InterTrust
27/07/2004 13:34 <DIR> InterVideo
09/10/2006 20:25 <DIR> Lavasoft
24/03/2007 23:06 <DIR> Leadertech
27/06/2005 15:57 <DIR> Macromedia
12/08/2008 17:09 <DIR> Malwarebytes
07/05/2006 20:25 <DIR> Media Player Classic
28/07/2004 22:12 <DIR> Mozilla
16/12/2004 18:46 <DIR> MSN6
19/11/2004 03:06 <DIR> Real
04/01/2007 18:36 <DIR> shockwave.com
05/07/2008 00:01 <DIR> Skype
23/06/2006 17:04 <DIR> SmartFTP
09/11/2007 11:24 <DIR> Sony Ericsson
09/11/2007 10:57 <DIR> Sony Setup
07/01/2005 17:54 <DIR> Sun
28/07/2004 22:12 <DIR> Talkback
10/11/2007 08:55 <DIR> Teleca
29/07/2004 10:00 <DIR> Thunderbird
3 File(s) 66,859 bytes
32 Dir(s) 3,900,993,536 bytes free
Volume in drive H is Bruce
Volume Serial Number is 9439-7155

Directory of H:\Documents and Settings\Default User\Application Data

26/07/2004 20:22 <DIR> .
26/07/2004 20:22 <DIR> ..
26/07/2004 20:22 62 desktop.ini
1 File(s) 62 bytes
2 Dir(s) 3,900,993,536 bytes free
Volume in drive H is Bruce
Volume Serial Number is 9439-7155

Directory of H:\Documents and Settings\LocalService\Application Data

Volume in drive H is Bruce
Volume Serial Number is 9439-7155

Directory of H:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues
[TRACE] Activating job '889BB40D85202CE1.job'
[TRACE] Printing all job properties

ApplicationName: 'h:\docume~1\tom\applic~1\binpur~1\FlawFunkDeaf.exe'
Parameters: ''
WorkingDirectory: ''
Comment: ''
Creator: 'Tom'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 10/17/2005 23:00:00
NextRun: 08/14/2008 18:00:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 06/25/2000
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 1440
MinutesInterval: 60
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job '972366CBA28CE567.job'
[TRACE] Printing all job properties

ApplicationName: 'h:\progra~1\binpur~1\FlawFunkDeaf.exe'
Parameters: ''
WorkingDirectory: ''
Comment: ''
Creator: 'Tom'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 12/16/2004 17:00:00
NextRun: 08/14/2008 18:00:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 1
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 06/04/1998
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 1440
MinutesInterval: 60
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
Attached Files
File Type: txt PandaScan4.txt (38.2 KB, 2 views)
-Shirt is offline