Technology Forum
Infected with malware! DSS log attached
This is a discussion on Infected with malware! DSS log attached within the Spyware forums, part of Technology category; Deckard's System Scanner v20071014.68Run by Josh on 2008-07-23 18:40:44Computer is in Normal Mode.---------------------------------------------------------------------------------- System ...
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark All Read |
|
#1
07-24-2008, 12:11 AM
| |||
| |||
 Infected with malware! DSS log attached Deckard's System Scanner v20071014.68Run by Josh on 2008-07-23 18:40:44Computer is in Normal Mode.---------------------------------------------------------------------------------- System Restore --------------------------------------------------------------Successfully created a Deckard's System Scanner Restore Point.-- Last 4 Restore Point(s) --4: 2008-07-23 22:40:49 UTC - RP4 - Deckard's System Scanner Restore Point3: 2008-07-23 22:35:51 UTC - RP3 - Software Distribution Service 3.02: 2008-07-23 01:20:40 UTC - RP2 - Installed HP Wireless Assistant1: 2008-07-23 01:11:44 UTC - RP1 - System CheckpointBacked up registry hives.Performed disk cleanup.-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-07-23 18:42:31Platform: windows xp Service Pack 2 (5.01.2600)MSIE: Internet Explorer (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\system32\smss.exeC:\WINDOWS\s ystem32\winlogon.exeC:\WINDOWS\system32\services.e xeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32 \ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WIN DOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\system32\ati2evxx.ex eC:\WINDOWS\explorer.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\WINDOWS\system32\spoolsv.exeC :\WINDOWS\ehome\ehtray.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\HPQ\Quick Launch Buttons\eabservr.exeC:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exeC:\Program Files\Webroot\Webroot Desktop Firewall\WDF.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeC:\WINDOWS\ehome\ehRecvr. exeC:\WINDOWS\ehome\ehSched.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXEC:\Program Files\Webroot\Webroot Desktop Firewall\wdfsvc.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\dllhost.exeC:\P rogram Files\HPQ\shared\HpqToaster.exeC:\WINDOWS\ehome\eh msas.exeC:\Program Files\Java\jre1.5.0_06\bin\jucheck.exeC:\WINDOWS\s ystem32\wuauclt.exeC:\WINDOWS\system32\wuauclt.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exeC:\Program Files\Webroot\Spy Sweeper\SSU.exeC:\Documents and Settings\Josh\Desktop\dss.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...on&pf=laptopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...on&pf=laptopO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar3.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar3.dllO4 - HKLM\..\Run: [ehTray] "C:\WINDOWS\ehome\ehtray.exe"O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Norton Internet Security\cfgwiz.exe" /GUID {F073BDC9-0D67-4ff0-879E-27241C843828} /MODE CfgWiz /CMDLINE "REBOOT"O4 - HKLM\..\Run: [SSC_UserPrompt] "c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"O4 - HKLM\..\Run: [eabconfg.cpl] "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /StartO4 - HKLM\..\Run: [Cpqset] "C:\Program Files\HPQ\Default Settings\cpqset.exe"O4 - HKLM\..\Run: [RecGuard] "C:\Windows\SMINST\RecGuard.exe"O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeO4 - HKLM\..\Run: [Webroot Desktop Firewall] "C:\Program Files\Webroot\Webroot Desktop Firewall\WDF.exe"O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives...2stubie.cabO18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dllO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exeO23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeO23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeO23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXEO23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Webroot Desktop Firewall network service (WDFNet) - Webroot Software Inc (www.webroot.com) - C:\Program Files\Webroot\Webroot Desktop Firewall\wdfsvc.exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe--End of file - 8708 bytes-- File Associations -----------------------------------------------------------All associations okay.-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------All drivers whitelisted.-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------All services whitelisted.-- Device Manager: Disabled ----------------------------------------------------No disabled devices found.-- Scheduled Tasks -------------------------------------------------------------2008-07-22 21:36:38 1476 --a------ C:\WINDOWS\Tasks\wrSpySweeperFullSweep.job2008-07-22 21:17:20 456 --a------ C:\WINDOWS\Tasks\Easy Internet Sign-up.job2007-12-29 17:09:36 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job2006-04-13 09:39:39 380 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job-- Files created between 2008-06-23 and 2008-07-23 -----------------------------2008-07-23 18:36:23 0 d-------- C:\WINDOWS\system32\PreInstall2008-07-23 16:38:04 0 d-------- C:\WINDOWS\LastGood2008-07-23 16:24:12 0 d-------- C:\Documents and Settings\Josh\Application Data\Macromedia2008-07-22 21:42:31 0 d-------- C:\Documents and Settings\Josh\Application Data\Google2008-07-22 21:18:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Google2008-07-22 21:16:09 0 d-------- C:\Documents and Settings\Josh\Application Data\Webroot2008-07-22 21:12:57 0 dr------- C:\Documents and Settings\Josh\Favorites2008-07-22 21:12:57 0 d-------- C:\Documents and Settings\Josh\Desktop2008-07-22 21:12:57 0 d---s---- C:\Documents and Settings\Josh\Cookies2008-07-22 21:12:57 0 dr-h----- C:\Documents and Settings\Josh\Application Data2008-07-22 21:12:57 0 d-------- C:\Documents and Settings\Josh\Application Data\Symantec2008-07-22 21:12:57 0 d-------- C:\Documents and Settings\Josh\Application Data\Intuit2008-07-22 21:12:57 0 d-------- C:\Documents and Settings\Josh\Application Data\Identities2008-07-22 21:12:56 0 d--h----- C:\Documents and Settings\Josh\Templates2008-07-22 21:12:56 0 dr------- C:\Documents and Settings\Josh\Start Menu2008-07-22 21:12:56 0 dr-h----- C:\Documents and Settings\Josh\SendTo2008-07-22 21:12:56 0 dr-h----- C:\Documents and Settings\Josh\Recent2008-07-22 21:12:56 0 d--h----- C:\Documents and Settings\Josh\PrintHood2008-07-22 21:12:56 0 d--h----- C:\Documents and Settings\Josh\NetHood2008-07-22 21:12:56 0 dr------- C:\Documents and Settings\Josh\My Documents2008-07-22 21:12:56 0 d--h----- C:\Documents and Settings\Josh\Local Settings2008-07-22 21:12:55 786432 --ah----- C:\Documents and Settings\Josh\NTUSER.DAT2008-07-22 21:11:14 0 d-------- C:\Documents and Settings\Default User\Application Data\Symantec2008-07-22 21:10:08 0 d-------- C:\WINDOWS\system32\SoftwareDistribution2008-07-22 18:01:09 0 d--hs---- C:\WINDOWS\CSC2008-07-18 20:08:11 0 d-------- C:\Program Files\Panda Security2008-07-12 23:25:08 0 d-------- C:\Program Files\Windows Live Safety Center2008-07-12 21:39:39 0 d-------- C:\Documents and Settings\Guest\Application Data\shcrnvj0e78s2008-07-12 11:55:57 0 d-------- C:\Program Files\shcrnvj0e78s2008-07-12 02:17:13 0 d--h----- C:\Documents and Settings\LocalService\SendTo2008-07-12 02:16:45 0 d-------- C:\Documents and Settings\LocalService\Application Data\Identities2008-07-12 02:16:24 0 d--h----- C:\Documents and Settings\LocalService\NetHood2008-07-12 02:16:24 0 dr------- C:\Documents and Settings\LocalService\My Documents2008-07-12 02:16:23 0 dr------- C:\Documents and Settings\LocalService\Favorites2008-07-12 02:16:22 0 d-------- C:\Documents and Settings\LocalService\Start Menu2008-07-12 02:16:22 0 dr-h----- C:\Documents and Settings\LocalService\Recent2008-07-12 02:16:22 0 d-------- C:\Documents and Settings\LocalService\Desktop2008-07-12 00:25:02 0 d-------- C:\Documents and Settings\Guest\Application Data\rhcpnvj0e78s2008-07-11 22:51:29 0 d-------- C:\Program Files\rhcpnvj0e78s-- Find3M Report ---------------------------------------------------------------2008-07-23 00:06:46 0 d-------- C:\Program Files\HPQ2008-07-22 23:32:13 0 d-------- C:\Program Files\Windows NT2008-07-22 23:27:56 0 d-------- C:\Program Files\Symantec2008-07-22 23:26:57 0 d-------- C:\Program Files\RGB2008-07-22 23:26:57 0 d-------- C:\Program Files\Quickensetup2008-07-22 23:26:43 0 d-------- C:\Program Files\Quicken2008-07-22 23:26:28 0 d-------- C:\Program Files\Online Services2008-07-22 23:25:22 0 d-------- C:\Program Files\Norton Internet Security2008-07-22 23:24:35 0 d-------- C:\Program Files\music_now2008-07-22 23:24:34 0 d-------- C:\Program Files\MSN Encarta Plus2008-07-22 23:24:32 0 d-------- C:\Program Files\Movie Maker2008-07-22 23:24:31 0 d-------- C:\Program Files\Microsoft Works2008-07-22 23:23:54 0 d-------- C:\Program Files\Microsoft Office Trial Wizard2008-07-22 23:23:52 0 d-------- C:\Program Files\Microsoft Money 20062008-07-22 23:23:36 0 d-------- C:\Program Files\Messenger2008-07-22 23:23:07 0 d-------- C:\Program Files\HP Rhapsody2008-07-22 23:21:54 0 d-------- C:\Program Files\Hewlett-Packard2008-07-22 23:21:30 0 d-------- C:\Program Files\GemMaster2008-07-22 23:21:29 0 d-------- C:\Program Files\ESPNMotion2008-07-22 23:21:29 0 d-------- C:\Program Files\EnglishOtto2008-07-22 23:21:25 0 d-------- C:\Program Files\DIGStream2008-07-22 23:21:01 0 d-------- C:\Program Files\Common Files2008-07-22 23:21:01 0 d-------- C:\Program Files\Common Files\SureThing Shared2008-07-22 23:21:00 0 d-------- C:\Program Files\Common Files\Sonic Shared2008-07-22 23:20:49 0 d-------- C:\Program Files\Common Files\Palo Alto Software2008-07-22 23:20:25 0 d-------- C:\Program Files\Common Files\LightScribe2008-07-22 22:38:10 0 d-------- C:\Program Files\Common Files\Symantec Shared2008-07-22 21:37:51 0 d-------- C:\Program Files\Google2008-07-22 21:35:45 0 d-------- C:\Program Files\Webroot2008-07-22 21:30:27 164 --a------ C:\install.dat2008-05-16 07:55:27 130362 --a------ C:\WINDOWS\hpoins13.dat-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/06/2005 12:56 AM]"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [11/11/2005 12:05 AM]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [11/10/2005 04:03 PM]"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [02/17/2005 02:11 AM]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [06/19/2005 04:50 PM]"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [09/17/2005 10:27 AM]"IS CfgWiz"="c:\Program Files\Norton Internet Security\cfgwiz.exe" [09/30/2005 08:33 AM]"SSC_UserPrompt"="c:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [11/03/2004 02:59 AM]"@"="" []"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [12/12/2005 02:39 PM]"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [12/22/2005 11:57 AM]"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [08/01/2005 05:26 PM]"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [10/11/2005 01:23 PM]"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [12/13/2005 04:45 PM]"Webroot Desktop Firewall"="C:\Program Files\Webroot\Webroot Desktop Firewall\WDF.exe" [07/02/2008 01:26 PM]"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [07/13/2008 09:53 AM][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 9:40:10 PM]HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [9/24/2005 4:39:30 AM][HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.msstyles"InstallTheme"=C:\WINDOWS\Res ources\Themes\Royale.theme[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WebrootSpySweeperService]@="Service"*Newly Created Service* - COMHOST-- End of Deckard's System Scanner: finished at 2008-07-23 18:44:58 ------------PANDA ACTIVE SCAN;********************************************* ************************************************** ************************************************** **********************************ANALYSIS: 2008-07-23 18:33:14PROTECTIONS: 2MALWARE: 17SUSPECTS: 0;************************************************ ************************************************** ************************************************** *******************************PROTECTIONSDescript ion Version Active Updated;========================================== ================================================== ================================================== =====================================Webroot AntiVirus with AntiSpyware 5.8.1.47 No YesNorton Internet Security 2006 2006 Yes Yes;============================================== ================================================== ================================================== =================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;========================================= ================================================== ================================================== ======================================00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\user\Local Settings\Temp\Cookies\user@doubleclick[1].txt00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@doubleclick[1].txt00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@doubleclick[1].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@atdmt[2].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@atdmt[1].txt00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\user\Local Settings\Temp\nsb5.tmp00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\user\Local Settings\Temp\nsa5.tmp00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\user\Desktop\VirtumundoBeGone.exe[²ƒÇ]00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@tribalfusion[1].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@tribalfusion[1].txt00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@ad.yieldmanager[1].txt00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@ad.yieldmanager[2].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@advertising[1].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@advertising[2].txt00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@ads.pointroll[1].txt00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@bluestreak[1].txt00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@bluestreak[1].txt00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@adrevolver[2].txt00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Josh\Cookies\josh@atwola[1].txt00377802 Spyware/PeoplePC spyware No 0 Yes No C:\Program Files\Online Services\PeoplePC\ISP5900\Dll\RAS.DLL00519333 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\user\Desktop\VirtumundoBeGone.exe01343387 Generic trojan Virus/Trojan No 0 Yes No C:\SWSETUP\MedCtrFP\Samples\BonusDVD.msi[unk_0029]01343387 Generic trojan Virus/Trojan No 0 Yes No C:\SWSETUP\MedCtrFP\Extras\ESPN\motionsetupmce.exe 02164907 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\DIGStream\digstream.exe03008451 Application/AdvancedXPFixer HackTools No 0 Yes No C:\Program Files\shcrnvj0e78s\shcrnvj0e78sSkin.dll03268185 Cookie/AntivirusXP2008 TrackingCookie No 0 Yes No C:\Documents and Settings\user\Cookies\user@www.antivirxp08[2].txt;============================================= ================================================== ================================================== ==================================SUSPECTSSent Location L;================================================ ================================================== ================================================== ===============================;================== ================================================== ================================================== ================================================== ===========VULNERABILITIESId Severity Description L;================================================ ================================================== ================================================== =============================== 184380 MEDIUM MS08-002 L 184379 MEDIUM MS08-001 L 182048 HIGH MS07-069 L 182046 HIGH MS07-067 L 182043 HIGH MS07-064 L 179553 HIGH MS07-061 L 176382 HIGH MS07-057 L 176383 HIGH MS07-058 L 170911 HIGH MS07-050 L 170907 HIGH MS07-046 L 170906 HIGH MS07-045 L 170904 HIGH MS07-043 L 164915 HIGH MS07-035 L 164913 HIGH MS07-033 L 164911 HIGH MS07-031 L 160623 HIGH MS07-027 L 157262 HIGH MS07-022 L 157261 HIGH MS07-021 L 157260 HIGH MS07-020 L 157259 HIGH MS07-019 L 156477 HIGH MS07-017 L 150253 HIGH MS07-016 L 150249 HIGH MS07-013 L 150248 HIGH MS07-012 L 150247 HIGH MS07-011 L 150243 HIGH MS07-008 L 150242 HIGH MS07-007 L 150241 MEDIUM MS07-006 L 141034 HIGH MS06-076 L 141033 MEDIUM MS06-075 L 141030 HIGH MS06-072 L 137571 HIGH MS06-070 L 137568 HIGH MS06-067 L 133387 MEDIUM MS06-065 L 133386 MEDIUM MS06-064 L 133385 MEDIUM MS06-063 L 133379 HIGH MS06-057 L 131654 HIGH MS06-055 L 129977 MEDIUM MS06-053 L 129976 MEDIUM MS06-052 L 126093 HIGH MS06-051 L 126092 MEDIUM MS06-050 L 126087 HIGH MS06-046 L 126086 MEDIUM MS06-045 L 126083 HIGH MS06-042 L 126082 HIGH MS06-041 L 126081 HIGH MS06-040 L 123421 HIGH MS06-036 L 123420 HIGH MS06-035 L 120825 MEDIUM MS06-032 L 120823 MEDIUM MS06-030 L 120818 HIGH MS06-025 L 120815 HIGH MS06-022 L 120814 HIGH MS06-021 L 117384 MEDIUM MS06-018 L 114666 HIGH MS06-015 L 114664 HIGH MS06-013 L 96574 HIGH MS05-053 L 93395 HIGH MS05-051 L 93454 MEDIUM MS05-049 L;================================================ ================================================== ================================================== ===============================  |
 |
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Your Computer Networking, Hardware, Software, Windows, Spyware and Malware Info source.
All times are GMT. The time now is 10:24 AM.