Thread: Help! I did it to myself!
View Single Post
Old 11-30-2005, 10:22 PM   #23 (permalink)
mtporter
Registered User
 
Join Date: Jun 2005
Posts: 106
OS: XP


********
11:41 PM: | Start of Session, Wednesday, November 30, 2005 |
11:41 PM: Spy Sweeper started
11:41 PM: Sweep initiated using definitions version 576
11:41 PM: Found Adware: look2me
11:41 PM: HKLM\software\microsoft\windows nt\currentversion\winlogon\notify\shell extensions\ || dllname (ID = 129986)
11:41 PM: l2r00c9mef.dll (ID = 129986)
11:41 PM: Starting Memory Sweep
11:42 PM: Found Adware: icannnews
11:42 PM: Detected running threat: C:\WINDOWS\SYSTEM32\l2r00c9mef.dll (ID = 83)
11:42 PM: Detected running threat: C:\WINDOWS\SYSTEM32\skredir.dll (ID = 83)
11:42 PM: Found Trojan Horse: trojan-backdoor-superbgirlz
11:42 PM: Detected running threat: C:\WINDOWS\SYSTEM32\child.dll (ID = 183971)
11:43 PM: Memory Sweep Complete, Elapsed Time: 00:01:07
11:43 PM: Starting Registry Sweep
11:43 PM: Found Adware: quicklink search toolbar
11:43 PM: HKLM\software\ql\ (3 subtraces) (ID = 359458)
11:43 PM: HKLM\software\microsoft\windows\currentversion\uninstall\quicklinks\ (2 subtraces) (ID = 909558)
11:43 PM: Found Adware: drsnsrch.com hijack
11:43 PM: HKU\S-1-5-21-602162358-152049171-1957994488-1004\software\microsoft\search assistant\ || defaultsearchurl (ID = 128205)
11:43 PM: HKU\S-1-5-21-602162358-152049171-1957994488-1004\software\classes\clsid\{4f141cba-1457-6cca-03a7-7aa21b61ea0f}\ (3 subtraces) (ID = 954563)
11:43 PM: Registry Sweep Complete, Elapsed Time:00:00:12
11:43 PM: Starting Cookie Sweep
11:43 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
11:43 PM: Starting File Sweep
11:50 PM: hr8u05l9e.dll (ID = 159)
11:58 PM: Found Adware: ezsearchbar
11:58 PM: name_gender.ini (ID = 60351)
12:03 AM: Found Adware: statblaster
12:03 AM: msview.ini (ID = 77091)
12:04 AM: skredir.dll (ID = 159)
12:05 AM: Found Adware: apropos
12:05 AM: wingenerics.dll (ID = 50187)
12:08 AM: o0ro0a93ed.dll (ID = 159)
12:09 AM: l2r00c9mef.dll (ID = 159)
12:09 AM: child.dll (ID = 183971)
12:09 AM: addr_var.ini (ID = 60329)
12:09 AM: city_var.ini (ID = 60333)
12:09 AM: name_var.ini (ID = 60352)
12:09 AM: birth_var.ini (ID = 60332)
12:09 AM: states.ini (ID = 60360)
12:09 AM: zip_var.ini (ID = 60362)
12:09 AM: phone_var.ini (ID = 60353)
12:09 AM: msvini.inf (ID = 77093)
12:09 AM: Found Adware: websearch toolbar
12:09 AM: 00004366.url (ID = 84894)
12:09 AM: 00004365.url (ID = 84889)
12:09 AM: 00004368.url (ID = 86338)
12:09 AM: 00004367.url (ID = 84923)
12:09 AM: Found Adware: command
12:09 AM: nqivuv1kvalxtrk.vbs (ID = 185675)
12:09 AM: File Sweep Complete, Elapsed Time: 00:26:31
12:09 AM: Full Sweep has completed. Elapsed time 00:27:59
12:09 AM: Traces Found: 38
12:10 AM: Removal process initiated
12:10 AM: Quarantining All Traces: look2me
12:11 AM: look2me is in use. It will be removed on reboot.
12:11 AM: l2r00c9mef.dll is in use. It will be removed on reboot.
12:11 AM: hr8u05l9e.dll is in use. It will be removed on reboot.
12:11 AM: skredir.dll is in use. It will be removed on reboot.
12:11 AM: l2r00c9mef.dll is in use. It will be removed on reboot.
12:11 AM: Quarantining All Traces: icannnews
12:12 AM: icannnews is in use. It will be removed on reboot.
12:12 AM: C:\WINDOWS\SYSTEM32\l2r00c9mef.dll is in use. It will be removed on reboot.
12:12 AM: C:\WINDOWS\SYSTEM32\skredir.dll is in use. It will be removed on reboot.
12:12 AM: Quarantining All Traces: trojan-backdoor-superbgirlz
12:13 AM: trojan-backdoor-superbgirlz is in use. It will be removed on reboot.
12:13 AM: child.dll is in use. It will be removed on reboot.
12:13 AM: C:\WINDOWS\SYSTEM32\child.dll is in use. It will be removed on reboot.
12:13 AM: Quarantining All Traces: quicklink search toolbar
12:13 AM: Quarantining All Traces: drsnsrch.com hijack
12:13 AM: Quarantining All Traces: ezsearchbar
12:13 AM: Quarantining All Traces: statblaster
12:13 AM: Quarantining All Traces: apropos
12:13 AM: Quarantining All Traces: websearch toolbar
12:13 AM: Quarantining All Traces: command
12:13 AM: Preparing to restart your computer. Please wait...
12:13 AM: Removal process completed. Elapsed time 00:03:34
12:16 AM: Processing Hosts File Alerts
12:16 AM: Fixed Hosts File entry: idenupdate.motorola.com
********
11:34 PM: | Start of Session, Wednesday, November 30, 2005 |
11:34 PM: Spy Sweeper started
11:35 PM: The Spy Communication shield has blocked access to: www.ad-w-a-r-e.com
11:35 PM: The Spy Communication shield has blocked access to: www.ad-w-a-r-e.com
11:35 PM: The Spy Communication shield has blocked access to: www.ad-w-a-r-e.com
11:35 PM: The Spy Communication shield has blocked access to: www.ad-w-a-r-e.com
11:35 PM: Your spyware definitions have been updated.
11:41 PM: Program Version 4.5.7 (Build 656) Using Spyware Definitions 576
11:41 PM: | End of Session, Wednesday, November 30, 2005 |
mtporter is offline