Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » My Computer is infected by Satan(RESOLVED)

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

My Computer is infected by Satan(RESOLVED)

Reply
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 15-01-2006, 06:14 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
My Computer is infected by Satan(RESOLVED)
Not really, but it seems like it. I have scanned numerous times w/Spybot and Adaware. Every time I run Spybot, it comes up with several things, including pipas.a, hitbox, Windows Security Center.Update.disable.notify and Windows Security Center.Firewall.disable.notify. It will clean it, but then when I restart, it runs it again. Sometimes when surfing the web, IE will go to some random search or ad page instead of the page I'm intending to go to. It got so bad a few days ago that I had to reinstall windows over top of itself. Now the same thing is happening again. I still have web functionality (obviously), but I'm concerned and would like to solve this problem. I'm not completely computer illiterate, and if worse comes to worse, I can do a complete wipe and reinstall. It would be a pain though and I'd like to avoid that if possible. I read the "read this before you post" thing and followed all instructions. Here, then, is my Hijackthis log. Any help would be greatly appreciated.

GO STEELERS (sorry, had to get that in)

Logfile of HijackThis v1.99.1
Scan saved at 12:09:46 PM, on 1/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\AOL\1124461869\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1124461869\ee\AOLServiceHost.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theonering.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [dmaao.exe] C:\WINDOWS\system32\dmaao.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Global Startup: Audible Download Manager.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/gh...ugs/axhost.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://aolsvc.aol.com/onlinegames/so...tched/main.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/po...ploader_v7.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 16-01-2006, 03:49 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: My Computer is infected by Satan
Welcome to DAL,


Internet Explorer required
Run these two online virus scanners (Panda Activescan) following these instructions below:

http://www.pandasoftware.com/products/activescan.htm


Internet Explorer required
housecall.trendmicro.com/


These scans will take more than an hour to complete, so make sure you have time to let them run thru. Save the Panda scan log and post it back here for us to look at and take note of anything Housecall could not delete and post it back here.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 16-01-2006, 06:19 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
Re: My Computer is infected by Satan
I don't believe there was anything Housecall found that it couldn't heal. In any case, here is the log from my panda scan.


Incident Status Location

Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt[]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Du mmy.class-44eba5ec-3261baf7.class
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[Beyond.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[Dummy.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[NudeBox.class]
Virus:Trj/ClassLoader.P Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[Worker.class]
Virus:Exploit/ByteVerify Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[VerifierBug.class]
Virus:Trj/Downloader.GYR Disinfected C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\men u.jr-6cf2f42d-653dddf3.zip[javautil.zip]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Owner\Cookies\owner@adopt.hbmediapro[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\Owner\Cookies\owner@c.enhance[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ccbill[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Owner\Cookies\owner@centrport[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\owner@com[2].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Owner\Cookies\owner@ct.360i[1].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\Owner\Cookies\owner@go[2].txt
Spyware:Cookie/Bettersearch Not disinfected C:\Documents and Settings\Owner\Cookies\owner@index[1].txt
Spyware:Cookie/Mp3search Not disinfected C:\Documents and Settings\Owner\Cookies\owner@mp3search[2].txt
Spyware:Cookie/Paypopup Not disinfected C:\Documents and Settings\Owner\Cookies\owner@paypopup[2].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Owner\Cookies\owner@rn11[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Owner\Cookies\owner@toplist[1].txt
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Owner\Cookies\owner@webpower[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[2].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\Owner\Cookies\owner@www.myaffiliateprogra m[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Owner\Cookies\owner@yadro[2].txt
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 16-01-2006, 06:55 PM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: My Computer is infected by Satan
Hi and thanks,


Go to the link below to learn how to clear out your Java cache:

http://www.java.com/en/download/help/5000020300.xml


Then:/After download and installing the tool below, reboot into safe mode explained below to run the tool please.


Please download, install, and update the NEW free version of Ewido trojan scanner:
[*]When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
[*]When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
[*]From the main ewido screen, click on update in the left menu, then click the Start update button.
[*]After the update finishes (the status bar at the bottom will display "Update successful")
[*]Click on the Scanner button in the left menu, then click on Complete System Scan. This scan can take quite a while to run.
[*]If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.
[*]When the scan finishes, click on "Save Report". This will create a text file. Make sure you know where to find this file again.


Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.

Run the tool, Thanks. Post the log it makes and a new hijackthis log.
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 16-01-2006, 10:42 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
Re: My Computer is infected by Satan
Here is part one of my ewido log. Next part in next post

HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKU\S-1-5-21-1708537768-861567501-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{08BEC6AA-49FC-4379-3587-4B21E286C19E} -> Spyware.SBSoft : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Realtracker : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 16-01-2006, 10:43 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
Re: My Computer is infected by Satan
Here is part two of my ewido log

:mozilla.169:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.394:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.395:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.404:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.431:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.432:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0yw86lgx.default\coo kies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@adbrite[1].txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@clearlink.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@data2.perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@data3.perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfkiclcjaeq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfloeld5mfp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfmisjc5eho.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wgkogmdzocp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wgliklcjkcq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wgliohdpscp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjl4gncjcbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjliukajklq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@indianapoliscolts.122 .2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@news.com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@paypopup[2].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@tribuneinteractive.12 2.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner\Cookies\owner@www.myaffiliateprogra m[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\WINDOWS\system32\dmaao.exe -> Trojan.Pakes : Cleaned with backup


::Report End

And sincerely, thanks for all the help.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 16-01-2006, 10:43 PM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
Re: My Computer is infected by Satan
And finally, here is my hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 4:38:36 PM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1124461869\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1124461869\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theonering.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Global Startup: Audible Download Manager.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/luxor/mjolauncher.cab
O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/gh...ugs/axhost.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://aolsvc.aol.com/onlinegames/so...tched/main.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/po...ploader_v7.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 17-01-2006, 12:40 AM
Neal's Avatar
Senior Member
  
Join Date: Sep 2005
Posts: 5,524
Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!Neal is a D-A-L Rockstar!
Re: My Computer is infected by Satan
Let's do a little cleaning.




Download CCleaner from here:
http://www.majorgeeks.com/download4191.html
or here:
http://www.filehippo.com/download_ccleaner.html

don't run the tool just yet please.
Install it. The windows tab should be opened in the upper left of the program. Click analyze and then click run cleaner. Just use the windows tab that is up front by default.

1.Uncheck "Cookies" under "Internet Explorer".

2.If you are running Firefox: ,then click on the "Applications" tab and uncheck "Cookies" under "Firefox".


Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.

Now run CCleaner useing windows tab only please.

How is your computer behaving now?
__________________
Stalking and killing Spyware

Have we helped you? Please consider a donation to help keep D-A-L free. Click on donate below



MALWARE: READ FIRST Procedures:
|_ SpyBot V1.5 _|_ HijackThis Log __V2.0.2 _|



ASAP: promoting a high standard and quality of security support no matter where you seek help.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 17-01-2006, 05:19 AM
Newbie
D-A-L Newbie
  
Join Date: Jan 2006
Posts: 6
doseyclwn Is a beginner here at D-A-L
Re: My Computer is infected by Satan
Seems to be doing well. I'll have to let you know in another 24 hours or so.

Thanks for all the help, guys.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Resolved] infected computer bobinfleet Spyware, Adware, Viruses and HijackThis Logs 41 08-08-2009 12:21 AM
[RESOLVED] Has my computer been infected? kaundinya Spyware, Adware, Viruses and HijackThis Logs 7 23-07-2008 05:29 PM
Pc infected through IE pop-ups & more(RESOLVED) sox Spyware, Adware, Viruses and HijackThis Logs 30 04-12-2007 06:18 AM
Is my pc still infected ? I posted hijackthis log , thx (RESOLVED) jdc Spyware, Adware, Viruses and HijackThis Logs 16 02-08-2006 04:13 AM
Infected by SurfSideKick 3 and Others(RESOLVED) Ramillies Spyware, Adware, Viruses and HijackThis Logs 13 05-06-2006 07:19 PM


All times are GMT +1. The time now is 07:59 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav