Serious Virus/Malware/Spyware problem Help

  1. 15-03-2006  #1
    PlatinumMoto
    PlatinumMoto is offline Senior Member

    Serious Virus/Malware/Spyware problem Help

    I posted this in the XP section but I was told to post my hijack this log here so it is

    Logfile of HijackThis v1.99.1
    Scan saved at 10:58:55 PM, on 3/14/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\system32\ZoneLabs\vsmon.exe
    F:\WINDOWS\Explorer.EXE
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    F:\WINDOWS\SOUNDMAN.EXE
    F:\Program Files\Internet Download Manager\IDMan.exe
    F:\WINDOWS\system32\wscntfy.exe
    F:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    F:\Program Files\Windows Media Player\wmplayer.exe
    F:\Program Files\AIM\aim.exe
    F:\Program Files\Wisdom-soft ScreenHunter Free\ScreenHunter.exe
    F:\Program Files\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://video.msn.com/v/us/v.htm?f=01...bfb2239d&p=&t=
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - F:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O4 - HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "F:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckOD Ls
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKCU\..\Run: [DW4] "F:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
    O8 - Extra context menu item: Download All Links with IDM - F:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - F:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\Program Files\AIM\aim.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: f:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: f:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: f:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: f:\windows\system32\idmmbc.dll
    O10 - Unknown file in Winsock LSP: f:\windows\system32\idmmbc.dll
    O20 - Winlogon Notify: dvd4free - dvd4free.dll (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - F:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - F:\WINDOWS\system32\ZoneLabs\vsmon.exe

  3. 15-03-2006  #2
    Neal
    Neal is offline Dedicated Member
    Welcome to DAL,


    Please download, install, and update the NEW free version of Ewido trojan scanner:
    [*]When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    [*]When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
    [*]From the main ewido screen, click on update in the left menu, then click the Start update button.
    [*]After the update finishes (the status bar at the bottom will display "Update successful")
    [*]Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
    [*]If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
    [*]When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.

    Post the log Ewido makes back here please.
  4. 15-03-2006  #3
    PlatinumMoto
    PlatinumMoto is offline Senior Member
    I wanted to let you know that I manually removed two files before I downloaded the ewido scanner, this was the same night of the post, because I googled them and they returned as either trojans/malware. They are now in my recycle bin and they are country.exe and toolbar.exe and then I also removed the entries for country.exe in my preftech folder and also the entry for toolbar.exe from the same folder and put them in the recycle bin, will ewido detect it?
  5. 15-03-2006  #4
    Neal
    Neal is offline Dedicated Member
    Maybe, go ahead and run the scan.
  6. 16-03-2006  #5
    PlatinumMoto
    PlatinumMoto is offline Senior Member
    there was a trojan found with ewido that AVG didn't find how can that be?
  7. 16-03-2006  #6
    Neal
    Neal is offline Dedicated Member
    Please post the scan log
  8. 16-03-2006  #7
    PlatinumMoto
    PlatinumMoto is offline Senior Member
    oh sorry my bad. here it is.

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 5:38:37 PM, 3/15/2006
    + Report-Checksum: 3D73CC05

    + Scan result:

    HKU\S-1-5-21-515967899-926492609-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{78364D99-A640-4DDF-B91A-67EFF8373045} -> Trojan.Brospy.c : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.28:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.30:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.31:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.32:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.33:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.59:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.61:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.62:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.78:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.79:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.80:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.88:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.89:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Targetnet : Cleaned with backup
    :mozilla.91:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.92:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.93:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.111:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.112:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.125:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.126:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.131:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.134:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.176:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.177:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.185:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.186:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.187:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.203:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.209:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.241:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.242:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\jqsg1voz.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    C:\Documents and Settings\Me\Cookies\me@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    C:\Unzipped\Mad Shark\Mad Shark\Mad Shark.exe -> Trojan.Agent.jh : Error during cleaning

    C:\Unzipped\Mad Shark\Mad Shark\Mad Shark.exe -> Trojan.Agent.jh : Error during cleaning
    :mozilla.23:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.27:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.29:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.30:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.67:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.68:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.70:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.71:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.76:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.77:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.85:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.86:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.89:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.90:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.91:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.92:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.93:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.94:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.95:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.96:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.97:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.98:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.99:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.102:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.103:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.104:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.105:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.106:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.107:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.108:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Ru4 : Cleaned with backup
    :mozilla.122:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
    :mozilla.123:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
    :mozilla.124:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.125:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.126:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.129:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.130:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.131:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.132:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.133:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.134:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.135:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.136:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.137:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.140:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Clickhype : Cleaned with backup
    :mozilla.181:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.182:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.183:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.184:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.185:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.186:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.187:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.188:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.189:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.190:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.202:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Web-stat : Cleaned with backup
    :mozilla.203:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Web-stat : Cleaned with backup
    :mozilla.208:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.219:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.235:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.236:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.237:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.238:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.239:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.245:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.246:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.281:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.296:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.297:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.299:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Specificclick : Cleaned with backup
    :mozilla.300:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.301:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.302:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.303:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.304:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.319:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.408:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Linkbuddies : Cleaned with backup
    :mozilla.440:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Paypopup : Cleaned with backup
    :mozilla.441:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Paypopup : Cleaned with backup
    :mozilla.442:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Paypopup : Cleaned with backup
    :mozilla.443:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Paypopup : Cleaned with backup
    :mozilla.444:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Paypopup : Cleaned with backup
    :mozilla.447:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned with backup
    :mozilla.448:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Qksrv : Cleaned with backup
    :mozilla.453:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.454:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Valuead : Cleaned with backup
    :mozilla.457:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.461:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.462:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.463:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.464:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.511:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Yadro : Cleaned with backup
    :mozilla.512:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.526:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.527:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.528:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.529:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.543:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.544:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.545:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.546:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
    :mozilla.552:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.560:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.596:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Directnetadvertising : Cleaned with backup
    :mozilla.613:F:\Documents and Settings\Crown Ambassador\Application Data\Mozilla\Firefox\Profiles\w3pakp47.default\coo kies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    F:\Documents and Settings\Crown Ambassador\Cookies\crown ambassador@edge.ru4[2].txt -> TrackingCookie.Ru4 : Cleaned with backup
    F:\RECYCLER\S-1-5-21-515967899-926492609-682003330-1003\Df14.exe -> Logger.Goldun.id : Cleaned with backup
    F:\Unzipped\Insanaquarium(full).exe -> Trojan.Agent.jh : Error during cleaning
    F:\Unzipped\Insanaquarium(full).exe -> Trojan.Agent.jh : Error during cleaning
    F:\WINDOWS\kl1.exe -> Logger.Small.dg : Cleaned with backup


    ::Report End
  9. 16-03-2006  #8
    Neal
    Neal is offline Dedicated Member
    Save 20% on AVG Internet Security 2012 Suite!
    Hi,

    What are these? Games?

    C:\Unzipped\Mad Shark\Mad Shark\Mad Shark.exe -> Trojan.Agent.jh : Error during cleaning

    F:\Unzipped\Insanaquarium(full).exe -> Trojan.Agent.jh : Error during cleaning

    I suggest you delete those "error during cleaning"

    What ever they are they are infected with a trojan.


    Next Step:



    http://www.kaspersky.com/virusscanner

    Please do an online scan with Kaspersky WebScanner

    Click on Kaspersky Online Scanner

    You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

    * The program will launch and then begin downloading the latest definition files:
    * Once the files have been downloaded click on NEXT
    * Now click on Scan Settings
    * In the scan settings make sure that the following are selected:
    o Scan using the following Anti-Virus database:
    - Extended (if available otherwise Standard)
    o Scan Options:
    - Scan Archives
    - Scan Mail Bases
    * Click OK
    *Now under select a target to scan:
    o Select My Computer
    * This program will start and scan your system.
    * The scan will take a while so be patient and let it run.
    * Once the scan is complete it will display if your system has been infected.
    o Now click on the Save as Text button:
    * Save the file to your desktop.
    * Copy and paste that information in your next post.

    Thanks
+ Reply to Thread
« Boot.Malmo | help get rid of my nasties!!! »