Thread: I need some help please - Log files posted
View Single Post
Old 08-22-2005, 02:13 PM   #6 (permalink)
sammyfry
Registered User
 
Join Date: Aug 2005
Posts: 7
OS: win 2000


I can't install panda:

An error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are:

Not allowing the application's ActiveX control to be downloaded.

Problems with the Internet connection.

The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.,...








Here's my log files for the rest of the steps:

Logfile of HijackThis v1.99.1
Scan saved at 4:16:24 PM, on 8/22/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
D:\Program Files\Extensis\Suitcase\Suitcase.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ddzio\Desktop\HijackThis.exe

O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: avast! Antivirus.lnk = C:\Program Files\Alwil Software\Avast4\ashAvast.exe
O4 - Global Startup: Suitcase Startup.lnk = D:\Program Files\Extensis\Suitcase\Suitcase.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/C...CamControl.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup156.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = temel.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = temel.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = temel.com
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe






---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 4:02:32 PM, 8/22/2005
+ Report-Checksum: 90CA0D6E

+ Scan result:

[392] C:\WINNT\system32\OLEEXT.dll -> TrojanDownloader.Agent.ns : Cleaned with backup
[236] C:\WINNT\system32\OLEEXT.dll -> TrojanDownloader.Agent.ns : Error during cleaning
:mozilla.6:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.7:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.10:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.13:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.14:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.15:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.16:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.17:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.18:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.19:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.20:C:\Documents and Settings\daguirre\Application Data\Mozilla\Profiles\default\vw6k3ios.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.31:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.32:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.33:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.34:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.36:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.38:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.40:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.41:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.53:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.54:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.55:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.56:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.64:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.65:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.66:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.67:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.68:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.71:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.73:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.99:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.137:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.138:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.144:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.145:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.146:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.148:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.149:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.150:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.151:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.152:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.153:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.154:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.156:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.157:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.161:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.163:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.168:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.173:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.177:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.178:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.179:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.180:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.181:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.182:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.183:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.184:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.185:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.186:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.187:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.190:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.191:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.192:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.193:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.195:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.198:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.199:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.202:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.203:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.204:C:\Documents and Settings\daguirre.TEMEL\Application Data\Mozilla\Profiles\default\3dd9436d.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.11:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.12:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.13:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.15:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.16:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.21:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.22:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.27:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.28:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.30:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.31:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.36:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.52:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.53:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.54:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.55:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.56:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.59:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.60:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.61:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.62:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.63:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.64:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.65:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.66:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.67:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.68:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.69:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.70:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.71:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.72:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.73:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.74:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.75:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.76:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.95:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.96:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.98:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.99:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.100:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.101:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.102:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.103:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.112:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.114:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.115:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.116:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.117:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.118:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.119:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.120:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.121:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.122:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.144:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.196:C:\Documents and Settings\ddzio\Application Data\Mozilla\Firefox\Profiles\v0rn1s4u.Default User2\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.6:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.8:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.9:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.10:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.11:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.12:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.13:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.15:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.16:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.21:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.24:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.25:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.47:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.94:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.95:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.96:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.104:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.105:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.106:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.107:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.108:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.149:C:\Documents and Settings\ddzio\Application Data\Mozilla\Profiles\Dan\iswonuqj.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\WINNT\sec.exe -> TrojanDropper.Small.acg : Cleaned with backup
C:\WINNT\system32\drv2cltr.dll -> TrojanSpy.Agent.am : Cleaned with backup
C:\WINNT\system32\oleext.dll -> TrojanDownloader.Agent.ns : Cleaned with backup


::Report End









Testing presence of HKEY_LOCAL_MACHINE\SOFTWARE\ShudderLTD ---------


! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\ShudderLTD

HKEY_LOCAL_MACHINE\SOFTWARE\ShudderLTD\PSGuard

Deleting ShudderLTD ----------


Checking if HKEY_LOCAL_MACHINE\SOFTWARE\ShudderLTD is still present ------

Deleting leftovers in registry ------

leftovers deleted!














smitRem log file
version 2.3

by noahdfear

The current date is: Mon 08/22/2005
The current time is: 13:36:17.57

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ShudderLTD key present! Running LTDFix!

ShudderLTD key was successfully removed! :)


Pre-run Files Present


~~~ Program Files ~~~

PSGuard


~~~ Shortcuts ~~~

PSGuard spyware remover
PSGuard spyware remover.lnk


~~~ Favorites ~~~



~~~ system32 folder ~~~

oleext.dll
logfiles


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Post-run Files Present


~~~ Program Files ~~~



~~~ Shortcuts ~~~



~~~ Favorites ~~~



~~~ system32 folder ~~~

oleext.dll


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Wininet.dll ~~~

wininet.dll INFECTED!! :( Starting replacement procedure.


~~~~ Looking for C:\WINNT\system32\dllcache\wininet.dll ~~~~


~~~~ C:\WINNT\system32\dllcache\wininet.dll Present! ~~~~


~~~~ Checking dllcache\wininet.dll for infection ~~~~


~~~~ dllcache\wininet.dll Clean! ~~~~

~~~ Replaced wininet.dll from dllcache ~~~













DESKTOP IS STILL BLINKING! THANKS FOR THE HELP!!!!!!!
sammyfry is offline