Login 
 Search | |
| |
| Thread Tools |
19-Oct-2009, 08:45 AM
#1 | |||||
| SAMPLE background process Hi, we got given my father in laws old laptop and every time it closes down I have to manually close a process "SAMPLE" down twice. my thoughts are its dodgy and the laptop runs very slow Id appreciate if anyone can look over the HJT log I ran: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:21:13 PM, on 10/19/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Seekmo /fleok=1D8A83A5C5E6147998AD6E2A1FBB39BFE4976E26CAEDA120180A196D6093 - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.406.0\HostIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {df379062-bf9b-47f1-8c68-69994404ebd0} - C:\Program Files\Starware388\bin\Starware388.dll (file missing) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Starware Reference Toolbar - {960177af-12a9-4504-a636-2ded32ad4a82} - C:\Program Files\Starware388\bin\Starware388.dll (file missing) O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Seekmo\bin\10.0.406.0\HostIE.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.skybroadband.com (file missing) O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/ O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.co...s/MsnPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1009840730734 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 7831 bytes thanks Craig |
| |
19-Oct-2009, 02:28 PM
#2 | ||||||
| Run HijackThis and click on "Config" and then on the "Misc Tools" button. If you're viewing HijackThis from the Main Menu then click on "Open the Misc Tools Section". Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here. |
20-Oct-2009, 08:29 AM
#3 | |||||
| 1,500 Best-Selling Home Plans 3D Home Architect 5.0 Professional Acrobat.com Acrobat.com Adobe AIR Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9 ArcSoft Camera Suite ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver AVG Free 8.5 Canon Camera Window for ZoomBrowser EX Canon PhotoRecord Canon RAW Image Task for ZoomBrowser EX Canon RemoteCapture Task for ZoomBrowser EX Canon Utilities File Viewer Utility 1.3 Canon Utilities PhotoStitch 3.1 Canon Utilities RemoteCapture 2.7 Canon Utilities ZoomBrowser EX CCleaner (remove only) Diablo II DivX Codec DivX Converter DivX Player DivX Plus DirectShow Filters DivX Web Player Google Earth Hexaglot's Translator Highlight Viewer (Windows Live Toolbar) HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) InCD InCD EasyWrite Reader Intel(R) PRO Network Adapters and Drivers Intel(R) PROSet for Wireless Java(TM) 6 Update 11 Malwarebytes' Anti-Malware Map Button (Windows Live Toolbar) MapSource MapSource - BlueChart Atlantic v7.5 MapSource - European City Select v6 Marine Updater Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 Microsoft ActiveSync 3.8 Microsoft AutoRoute 2001 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Encarta Weltatlas 2001 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 Premium Microsoft PhotoDraw 2000 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox (3.0.14) Nero Media Player Nero OEM NeroVision Express 2 SE PowerDVD QuickTime Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Smart Link 56K Modem Smart Menus (Windows Live Toolbar) Sony Ericsson Communications Suite Synaptics Pointing Device Driver TomTom HOME Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VC80CRTRedist - 8.0.50727.4053 Windows Live Favorites for Windows Live Toolbar Windows Live installer Windows Live Mail Windows Live Messenger Windows Live OneCare Family Safety Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Toolbar Windows Live Toolbar Windows Live Toolbar Extension (Windows Live Toolbar) Windows Live Writer Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows XP Service Pack 3 thats the lot.. I ran malwarebytes and it removed 415 seperate instances of mostly spyware!! thanks Craig |
21-Oct-2009, 05:42 AM
#5 | |||||
| this is the current HJT log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:38:45 AM, on 10/21/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {df379062-bf9b-47f1-8c68-69994404ebd0} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {960177af-12a9-4504-a636-2ded32ad4a82} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/ O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.co...s/MsnPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1009840730734 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 7215 bytes this is the current malware log: Malwarebytes' Anti-Malware 1.39 Database version: 2421 Windows 5.1.2600 Service Pack 3 10/21/2009 9:45:33 AM mbam-log-2009-10-21 (09-45-33).txt Scan type: Quick Scan Objects scanned: 93382 Time elapsed: 7 minute(s), 45 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) thanks for looking at this, Im still having to close "SAMPLE" down after running malware etc. Craig  Last edited by firetank; 21-Oct-2009 at 05:48 AM.. |
21-Oct-2009, 05:45 AM
#6 | |||||
| ok this is the original malware log now cleared: this is the original malware - had to split it too many characters for one post! Malwarebytes' Anti-Malware 1.39 Database version: 2421 Windows 5.1.2600 Service Pack 3 10/19/2009 1:44:46 PM mbam-log-2009-10-19 (13-44-46).txt Scan type: Quick Scan Objects scanned: 94049 Time elapsed: 8 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 119 Registry Values Infected: 2 Registry Data Items Infected: 2 Folders Infected: 55 Files Infected: 299 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2e623b96-b166-4c70-8169-820761794299} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1e0004ec-5df0-48c7-a8f0-fbb0488a3d94} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07aa 283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\pmspl.video (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{fbb40fdf-b715-4342-ab82-244ecc66e979} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f15 8a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{1f158a1e-a687-4a11-9679-b3ac64b86a1c} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{e313f5dc-cfe7-4568-84a4-c76653547571} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{38583f22-1b12-4893-9d7a-bd3fa2a114c7} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{bd5258af-20ae-4bd3-b748-b2851aca7335} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{17a1dbb5-dad8-4e78-bf7e-9be4b965408b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{d685b6db-1ed0-4345-8a86-674a4f0198ee} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{995e885e-3ff5-4f66-a107-8bfb3a0f8f12} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{17a1dbb5-dad8-4e78-bf7e-9be4b965408b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{4a40e8fc-c7e4-4f57-9fa4-85dd77402897} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{17a1 dbb5-dad8-4e78-bf7e-9be4b965408b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{914a8f99-38e4-47ec-b875-2b0653516030} (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\568267acfc5644dab06 f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Features\9ee2330ae5f4470cac8 01baac83818c9 (Adware.Zango) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\star ware388 (Adware.Starware) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmo.desktopflash.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmoax.clientdetector.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\seekmoax.userprofiles.1 (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\seekmosa (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seek mosa (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\pmspl.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\IEDefender (Rogue.IE.Defender) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE Defender (Rogue.IE.Defender) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\seekmo (Adware.Seekmo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\starware388 (Adware.Starware) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: C:\Program Files\Seekmo (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0 (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\components (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\plugins (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Starware388 (Adware.Starware) -> Quarantined and deleted successfully. c:\program files\starware388\bin (Adware.Starware) -> Quarantined and deleted successfully. c:\program files\starware388\icons (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\Starware388 (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\contexts (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\SimpleUpdate (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\images (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Starware388 (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Manager (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Configurator (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\BrowserSearch (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\ErrorSearch (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\RelatedSearch (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\TravelSearch (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Toolbar (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\ToolbarLogo (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Reference (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_6 (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_5 (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_7 (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Screensavers (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\ToolbarSearch (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Weather (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts (Adware.Starware) -> Quarantined and deleted successfully. C:\Program Files\IE Defender (Rogue.IE.Defender) -> Quarantined and deleted successfully. C:\Documents and Settings\peterbradbury\Application Data\Seekmo (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\IESkins (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0 (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1 (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2 (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\ustat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\TooltipXML (Adware.Agent) -> Files: 496 -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\344stat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOL (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOL\dynamic (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOL\static (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOI (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOI\dynamic (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\HostOI\static (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\Seekmo (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully. |
21-Oct-2009, 05:46 AM
#7 | |||||
| Files Infected: C:\Program Files\Seekmo\bin\10.0.406.0\CoreSrv.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\HostIE.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\HostOL.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\InstIE.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSAAX.dll (Adware.Seekmo) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\Toolbar.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\Wallpaper.dll (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\Srv.exe (Adware.Zango) -> Quarantined and deleted successfully. C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSADF.exe (Adware.Seekmo) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\arrow.ico (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\copyright.txt (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\HostOE.dll (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\SeekmoSA.exe (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\SeekmoSAHook.dll (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\SeekmoUnInstaller.exe (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\link.ico (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\OEAddOn.exe (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\install.rdf (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\chrome.manifest (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\components\npclntax.xpt (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\Seekmo\bin\10.0.406.0\firefox\extensions\plugins\npclntax_SeekmoSA.dl l (Adware.180Solutions) -> Quarantined and deleted successfully. c:\program files\starware388\Starware388Config.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\program files\starware388\Starware388Uninstall.exe (Adware.Starware) -> Quarantined and deleted successfully. c:\program files\starware388\icons\star_16.ico (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\contexts\Travel.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\logoxp.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\logo.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\referencexp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\referencehotxp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\Reference.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\ReferenceHot.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\1498_button_1b_def.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\1498_button_1b_over.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\finditxp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\findithotxp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\FindIt.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\FindItHot.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\weatherxp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\weatherhotxp.png (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\Weather.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\WeatherHot.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\Button_70.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\Button_60.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\buttons\Button_50.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\SimpleUpdateConfig.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\TimerManagerConfig.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\TimerManagerConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\ProductMessagingConfig.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\simpleupdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\starware388\images\walertXP.bmp (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Manager\ManagerOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Manager\ManagerOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\configurator\Configurator.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\configurator\Configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\browsersearch\BrowserSearch.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\browsersearch\BrowserSearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\errorsearch\ErrorSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\errorsearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\relatedsearch\RelatedSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\relatedsearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\travelsearch\TravelSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\travelsearch\TravelSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Toolbar\TBProductsOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\toolbarlogo\ToolbarLogoOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\toolbarlogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\reference\ReferenceOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\reference\ReferenceOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_6\Button_6Options.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_6\Button_6Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_5\Button_5Options.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_5\Button_5Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_7\Button_7Options.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Button_7\Button_7Options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\screensavers\ScreensaversOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\screensavers\ScreensaversOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\toolbarsearch\ToolbarSearchOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\toolbarsearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Weather\WeatherOptions.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Weather\WeatherOptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Weather\AlertArchive.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\ToolbarLayout.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\WeatherLayout.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\WeatherLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\PreferencesLayout.xml (Adware.Starware) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\starware388\Layouts\PreferencesLayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.db1 (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.db2 (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.db3 (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.db4 (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.db5 (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\program files\ie defender\iedefender.exe (Rogue.IE.Defender) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\buttondir.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\samplegroups2.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\linkpathlegal.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\layout.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_1000.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_2000.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_3000.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_logos.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_other.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_weather.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\tsd_bg.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\t2_bg.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\s_icons_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\progress.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bar.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\d_icons_buttons_bbar1.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\sales_buttons.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_games_icon.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\ie_video.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\cursors.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\email-t1-bg.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\keywords1.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\BtnTrans1.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\default.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\icons2.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\top7.xip (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\DownLoad\seekmo_ie_menu.xip (Adware.Agent) -> Quarantined and deleted successfully.. |
21-Oct-2009, 05:47 AM
#8 | |||||
| c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_Games.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_Hide.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_Hotmail.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_categorize.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_comparison.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_explorer-people.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_favorites.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_hotbarcom.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_hsskin.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_new.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_premium.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_searchfor.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_searchgo.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_weather.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Default_yellowpages.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\Top7_theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\btntrans.idx (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\btntrans1.dat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\components.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\cursors.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_1000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_2000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_3000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bar.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_bbar1.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_logos.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_buttons_other.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\d_icons_weather.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\default.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-548964.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\email-def-511724-9595.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\icons2.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\ie_games_icon.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\ie_video.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\keywords.idx (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\keywords1.dat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\progress.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\s_icons_buttons.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\seekmo.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\seekmo_ie_menu.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\t2_bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\top7.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\1\tsd_bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_511745-514279.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_Games.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_Hide.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_Hotmail.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_categorize.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_comparison.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-Mails.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_explorer-people.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_favorites.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_hotbarcom.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_hsskin.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_new.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_premium.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_searchfor.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_searchgo.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_weather.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Default_yellowpages.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\Top7_theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\btntrans.idx (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\btntrans1.dat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\buttondir.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\components.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\cursors.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_1000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_2000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_3000.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bar.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_bbar1.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_logos.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_buttons_other.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\d_icons_weather.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\default.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-548964.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\email-def-511724-9595.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\email-t1-bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\icons2.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\ie_games_icon.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\ie_video.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\keywords.idx (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\keywords1.dat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\layout.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\linkpathlegal.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\progress.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\s_icons_buttons.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\sales_buttons.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\seekmo.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\seekmo_ie_menu.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\t2_bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\theweb.mnu (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\top7.cdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\static\2\tsd_bg.res (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\domains.txt (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\475356.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1395553.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3388455.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\48657.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1386639.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1385701.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3893336.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3430625.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1875987.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2883915.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\600583.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1160941.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\141857.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\499863.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1535148.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1387335.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3893642.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\144571.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1055546.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3859864.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3305670.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2884426.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3779594.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\447394.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3470698.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\94161.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2721160.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2904135.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\707962.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\351469.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1063580.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\381028.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\692201.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1383771.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1048757.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\219834.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\853659.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3894096.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\819382.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1408056.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3756141.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3894093.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3894099.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1407182.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1372560.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\281611.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\858698.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1040072.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\805478.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\368333.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1353526.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2596954.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\2894097.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\1399269.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\3893445.sdf (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\application data\Seekmo\v3.0\Seekmo\dynamic\ustat\374b.dat (Adware.Agent) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSAAbout.mht (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSAEULA.mht (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSA.dat (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSA_kyf.dat (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSA_kyf_update.dat (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\application data\SeekmoSA\SeekmoSAau.dat (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\Seekmo\Reset Cursor.lnk (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\Seekmo\Seekmo Customer Support Center.lnk (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\all users\start menu\Programs\Seekmo\Seekmo Uninstall Instructions.lnk (Adware.Seekmo) -> Quarantined and deleted successfully. c:\documents and settings\peterbradbury\start menu\Programs\IE Defender 2.4.lnk (Rogue.IE.Defender) -> Quarantined and deleted successfully thats the last of it!!! |
21-Oct-2009, 03:50 PM
#10 | |||||
| Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:55:40 PM, on 10/21/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZCfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {df379062-bf9b-47f1-8c68-69994404ebd0} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {960177af-12a9-4504-a636-2ded32ad4a82} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk/ O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.co...s/MsnPUpld.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1009840730734 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 7128 bytes cheers Craig |
21-Oct-2009, 07:09 PM
#11 | ||||||
| Run HJT again and put a check in the following: O2 - BHO: (no name) - {df379062-bf9b-47f1-8c68-69994404ebd0} - (no file) O2 - BHO: (no name) - {df379062-bf9b-47f1-8c68-69994404ebd0} - (no file) O3 - Toolbar: (no name) - {960177af-12a9-4504-a636-2ded32ad4a82} - (no file) Close all applications and browser windows before you click "fix checked". Are you having any problems now? |
28-Oct-2009, 04:44 PM
#13 | ||||||
| Download OTS.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTS on your desktop.
NOTE: The only people who can see attachments in the HJT forum are: the thread starter, Admins & Mods, and HJT Helpers & Trainees. |
07-Nov-2009, 04:17 PM
#15 | ||||||
| I don't see anything of interest there other than controller and possible hard drive problems. Please run ESET Online Scanner Note: You can use IE or FireFox for this scan. You need to disable your current installed Anti-Virus. If you need help with that look here. Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
|
|
| |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
| You Are Using:  |
Advertisements do not imply our endorsement of that product or service. All times are GMT -4. The time now is 03:46 PM. Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved. |  |
Facebook
Twitter
TechGuy.tv
TSG Mobile