Every time a device is plugged in, the data inside is deleted.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

kurogami

Thread Starter
Joined
Apr 4, 2010
Messages
10
I've had this problem for months now. Every single time I connect a device to my laptop through the USB port, all the data inside that device is deleted within seconds. It just disappeared away, it didn't go into the Recycle Bin. I've checked and this is not a problem coming from the device. Every device I use, from PSP, camera, to a random USB storage stick has gotten this problem, and it only happens with my laptop (I'm currently using my other PC).

The weird thing is, on the exact second that my files started disappearing, another file named "Recycledsuc.sys" appeared. And also, the files in my storage device didn't disappear altogether. It was deleted one by one.

I had thought that there was a virus/malware/trojan/... messing my computer up. I tried several free (didn't have the money to buy an AV program) anti-virus programs, but none helped. I used Avast! Free Edition, AVG Free 8.5, Kaspersky 2010 trial version, McAfee trial version, Spybot Search & Destroy, Microsoft Security Essentials, MalwareBytes' Anti-Malware. None of them detected a virus, except for Spybot S&D. That being said, the problem is still there.

Also worth noting is that, I didn't run all these programs simultaneously. I ran an AV program, then uninstalled it, then installed a new AV program and ran it. I only kept Spybot S&D and Microsoft SE. And before posting in these forums, there was another problem. Symantec Anti Virus kept popping up, trying to auto-install every time I right-click or CTRL+C or press Del (it's as if I'm double-clicking the exe file to install SAV). Though after scanning with Spybot SD and restarting my computer, that problem hasn't appeared again. I don't know whether these 2 problems are in some ways related to each other or not.

Also, here's the logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:37:21 PM, on 4/4/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\WINDOWS\system32\rundlls.exe
C:\WINDOWS\system32\wmgipe.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\UniKey\UniKey.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\YAH00\messenger.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gamespot.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [rundlls] rundlls.exe
O4 - HKLM\..\Run: [wmgipe] wmgipe.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA861] command.com /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5972] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng"
O4 - HKLM\..\RunOnce: [SpybotDeletingA9079] command.com /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1327] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng"
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [UniKey] F:\UniKey\UniKey.exe
O4 - HKCU\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Program Files\Mozilla Firefox\plugins\NPSWF32_FlashUtil.exe -p
O4 - HKCU\..\RunOnce: [SpybotDeletingB7921] command.com /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2069] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7350] command.com /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2519] cmd.exe /c del "C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng"
O4 - HKUS\S-1-5-21-1659004503-448539723-839522115-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'PSP Connector')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Microsoft Office.lnk = ?
O4 - Global Startup: rundlls.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {35A9D2C9-B3FF-472D-AF68-FA63AD28A7DD} (OnGameDownLoader Control) - http://ongame.com.vn/activeX/OnGameDownLoader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase1140.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1206601186906
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/...jc.cab&File=jinstall-6u11-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe

--
End of file - 10593 bytes
EDIT: Here's the MalwareBytes' Anti Malware log:

Malwarebytes' Anti-Malware 1.40
Database version: 2663
Windows 5.1.2600 Service Pack 2

4/4/2010 6:46:49 PM
mbam-log-2010-04-04 (18-46-49).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 159962
Time elapsed: 1 hour(s), 21 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Spybot log:
--- Report generated: 2010-04-04 17:45 ---

MegaUploadToolbar: [SBI $DA7EBDE6] IE toolbar (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1659004503-448539723-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}

MegaUploadToolbar: [SBI $4E8B9398] Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1659004503-448539723-839522115-500\Software\AppDataLow\Software\MegauploadToolbar

MegaUploadToolbar: [SBI $998A0E3C] Executable (File, nothing done)
C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper.exe
Properties.size=1060808
Properties.md5=091C0EE9E6ECDB072C4D420A745F5F16
Properties.filedate=1217882648
Properties.filedatetext=2008-08-05 03:44:08

MegaUploadToolbar: [SBI $395CBDB1] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Application Data\Megaupload\

MegaUploadToolbar: [SBI $FC59DD04] Executable (File, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
Properties.size=853960
Properties.md5=65B1AB57C58A687D90E88155C625A36D
Properties.filedate=1217882648
Properties.filedatetext=2008-08-05 03:44:08

MegaUploadToolbar: [SBI $9E80276F] Executable (File, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierAPI.dll
Properties.size=854984
Properties.md5=E695454B2A2D85ED43040E7F9FDDAC58
Properties.filedate=1217882648
Properties.filedatetext=2008-08-05 03:44:08

MegaUploadToolbar: [SBI $2E6D42A0] Program directory (Directory, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\

MegaUploadToolbar: [SBI $1E82DC0D] Data (File, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng
Properties.size=3547
Properties.md5=EEA268AB7810EB0342E9A4A6E02F02CC
Properties.filedate=1208466096
Properties.filedatetext=2008-04-18 04:01:36

MegaUploadToolbar: [SBI $1E82DC0D] Data (File, nothing done)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng
Properties.size=3698
Properties.md5=9DACE4478568FD2863A3C974F8CC7831
Properties.filedate=1208466358
Properties.filedatetext=2008-04-18 04:05:58

MegaUploadToolbar: [SBI $5978C237] Data (File, nothing done)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\EmailNotifier.xml
Properties.size=570
Properties.md5=CDD21486D4F3045615DD6138F71A4AA0
Properties.filedate=1226061610
Properties.filedatetext=2008-11-07 19:40:10

MegaUploadToolbar: [SBI $F3C6C520] Data (File, nothing done)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\EmailNotifier.xml.bak
Properties.size=570
Properties.md5=CDD21486D4F3045615DD6138F71A4AA0
Properties.filedate=1226061610
Properties.filedatetext=2008-11-07 19:40:10

MegaUploadToolbar: [SBI $AA71A6BE] Program directory (Directory, nothing done)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\

Virtumonde.dll: [SBI $C0F2D9E7] Library (File, nothing done)
C:\WINDOWS\User16.dll
Properties.size=86016
Properties.md5=1052FBF10D706CF47C62652F9BE0ECAB
Properties.filedate=1238492343
Properties.filedatetext=2009-03-31 16:39:02

AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


CPXinteractive: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


LinkSynergy: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitsLink: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


Statcounter: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


FastClick: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


Zedo: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


Right Media: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


CasaleMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitsLink: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


Tradedoubler: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


BurstMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


BurstMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


Zedo: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: Administrator) (Cookie, nothing done)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


CoreMetrics: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


HitsLink: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


CoreMetrics: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-04-04 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-03-30 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-03-30 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-03-30 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-03-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-03-02 Includes\Malware.sbi (*)
2010-03-30 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-03-30 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-03-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-03-30 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi (*)
2010-03-30 Includes\TrojansC-02.sbi (*)
2010-03-30 Includes\TrojansC-03.sbi (*)
2010-03-30 Includes\TrojansC-04.sbi (*)
2010-03-30 Includes\TrojansC-05.sbi (*)
2010-03-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Another Spybot log, this time for cookies/trojans that were deleted during the scan above:
--- Report generated: 2010-04-04 17:46 ---

MegaUploadToolbar: [SBI $DA7EBDE6] IE toolbar (Registry value, fixed)
HKEY_USERS\S-1-5-21-1659004503-448539723-839522115-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}

MegaUploadToolbar: [SBI $4E8B9398] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-1659004503-448539723-839522115-500\Software\AppDataLow\Software\MegauploadToolbar

MegaUploadToolbar: [SBI $998A0E3C] Executable (File, fixed)
C:\Documents and Settings\All Users\Application Data\Megaupload\Megauper.exe
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $395CBDB1] Program directory (Directory, fixed)
C:\Documents and Settings\All Users\Application Data\Megaupload\

MegaUploadToolbar: [SBI $FC59DD04] Executable (File, fixed)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifier.exe
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $9E80276F] Executable (File, fixed)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierAPI.dll
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $2E6D42A0] Program directory (Directory, fixed)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\

MegaUploadToolbar: [SBI $1E82DC0D] Data (File, fixed)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierEN.lng
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $1E82DC0D] Data (File, fixed)
C:\Documents and Settings\All Users\Application Data\EmailNotifier\EmailNotifierFR.lng
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $5978C237] Data (File, fixed)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\EmailNotifier.xml
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $F3C6C520] Data (File, fixed)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\EmailNotifier.xml.bak
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MegaUploadToolbar: [SBI $AA71A6BE] Program directory (Directory, fixed)
C:\Documents and Settings\Administrator\Application Data\EmailNotifier\

Virtumonde.dll: [SBI $C0F2D9E7] Library (File, fixed)
C:\WINDOWS\User16.dll
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


WebTrends live: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


CPXinteractive: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


LinkSynergy: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitsLink: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


Statcounter: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


FastClick: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


MediaPlex: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


Zedo: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


AdRevolver: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


Right Media: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


CasaleMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


WebTrends live: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitsLink: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


HitBox: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


Tradedoubler: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


BurstMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


BurstMedia: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


Zedo: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


MediaPlex: Tracking cookie (Internet Explorer: Administrator) (Cookie, fixed)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


CoreMetrics: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


HitsLink: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


CoreMetrics: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


Statcounter: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


MediaPlex: Tracking cookie (Firefox: Administrator (default)) (Cookie, fixed)


DoubleClick: Tracking cookie (Chrome: Chrome) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-04-04 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-03-30 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-03-30 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-03-30 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-03-30 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-03-02 Includes\Malware.sbi (*)
2010-03-30 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-03-30 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-03-30 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-03-30 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-03-03 Includes\Trojans.sbi (*)
2010-03-30 Includes\TrojansC-02.sbi (*)
2010-03-30 Includes\TrojansC-03.sbi (*)
2010-03-30 Includes\TrojansC-04.sbi (*)
2010-03-30 Includes\TrojansC-05.sbi (*)
2010-03-30 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top