Jump to content


Photo

Trojan-Downloader


  • Please log in to reply
1 reply to this topic

#1 Trecky

Trecky

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 29 May 2007 - 02:44 AM

Hi, would appreciate help, not sure what to do next. I performed an AVG scan, Kaspersky on line scanner and a HijackThis scan. The Kaspersky on line scanner is showing I have 8 Trojan-Downloader infected files on my system.
Any help appreciated. Thank you.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:07:42 PM 19/05/2007

+ Scan result:



:mozilla.283:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.32:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.33:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.224:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.225:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
C:\Documents and Settings\Lee\Cookies\lee@search.live[2].txt -> TrackingCookie.Live : Cleaned.
:mozilla.450:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.451:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.452:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.453:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.454:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.87:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.577:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.578:C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end



KASPERSKY ONLINE SCANNER REPORT
Saturday, May 19, 2007 7:50:17 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 19/05/2007
Kaspersky Anti-Virus database records: 304408
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 74556
Number of viruses found 1
Number of infected objects 8
Number of suspicious objects 0
Duration of the scan process 01:46:22

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\cert8.db Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\history.dat Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\key3.db Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\parent.lock Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\search.sqlite Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-1b0d715a/FcPred.class Infected: Trojan-Downloader.Java.Agent.c skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-1b0d715a ZIP: infected - 1 skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-23c24195/FcPred.class Infected: Trojan-Downloader.Java.Agent.c skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-23c24195 ZIP: infected - 1 skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-4904ac57/FcPred.class Infected: Trojan-Downloader.Java.Agent.c skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\6.0\9\3c0ee589-4904ac57 ZIP: infected - 1 skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FcPred.jar-10bfbdb3-6d49a062.zip/FcPred.class Infected: Trojan-Downloader.Java.Agent.c skipped
C:\Documents and Settings\Lee\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\FcPred.jar-10bfbdb3-6d49a062.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Lee\Application Data\Webroot\Spy Sweeper\Logs\070519151232.ses Object is locked skipped
C:\Documents and Settings\Lee\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Application Data\Mozilla\Firefox\Profiles\a0fuut77.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\History\History.IE5\MSHist012007051920070520\index.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Lee\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Lee\ntuser.dat Object is locked skipped
C:\Documents and Settings\Lee\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Data\settings.dat Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS051861B2-AD5C-4CB3-94E7-8EBD7A8747ED.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS089D8A08-EFCD-466E-82CE-DFFAF2AF0C62.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0B047E1D-DAF3-454A-A296-00FBD71CBE1D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0BC466FB-172F-4E66-BF43-6356AB6AAE49.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0E27B0E7-073E-46BE-8F54-05DE6B5BD322.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS0E36E821-3B28-4FD0-B766-DC523DD0CDAF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS21BE1007-81AD-4668-80FB-9C54F8657DEA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS23B6091D-E1C6-437E-BB50-019164DC3EEA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS243E5E83-9A16-4F4F-AE12-B4E1E7BB77E8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2756FA0D-95A7-4AE6-9599-B6680CC7C61D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2921306C-4682-4BB2-BD61-101B01BE9956.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS2AA391C8-7C37-4DFA-862D-4EC72F2BF4AD.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3272366A-A43E-4218-81A7-1B62B5C0820A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS39A2A12F-30E2-4FE1-A35D-9FB2A9D0B664.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3A737475-F436-4FC6-AA42-C5F878CECB8E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3CB7CB7D-755B-4185-B160-B8D4B12B9D38.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS3F60BD97-6B5E-4CED-B83B-357F014121DF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4292F0B6-F3F4-4BA5-B197-E48B77279642.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS44C8BDCC-89E3-4FEF-B7EC-8BE6FB77F992.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS45386310-ACA5-4429-89DF-900200361DBB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS457F2C38-B8AE-4803-B92A-A471B0B875EB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS45A488E6-58B5-4A00-8DF6-1D3B697DD1EB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS467B08FB-1448-4D6E-9A75-522539BB954F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS47398A02-5376-478C-9E05-164A1785B68D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS47C29EF9-0AEF-4F79-AFA7-5B43CAFDD78D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS493094F6-E810-4C82-BD6C-61F9DDECD98F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS49685B69-09C0-457A-B440-F5EE1B4BE067.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS49FCC03B-9D49-4850-9897-9CAAFE9A4B14.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4A2A9D38-3041-4B6B-A4F5-6C9A9B7D1C4C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4D95695A-0EAF-42FD-8A21-9BD7EC13670B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS4EF58966-EAAD-4591-9DA8-DEC52E4CBEA9.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS52D051EE-D92D-44D5-B307-A80CAF531B5F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS52D289D3-9D08-4AC7-820E-CD8B3BDACAD8.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS561964BA-2258-4597-B27D-CA85A51DD208.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS5AEB7549-EFC4-47F6-9479-5FAAB86F240A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6C702A7D-FDCB-48B1-825B-5D84C5609BEF.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6CFBD0C4-8CA8-4301-A35E-55E228312214.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6D408B5C-D0BC-4E8F-963F-07349FA71074.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS6EE3F159-A6F5-4B7B-8132-55543BAA4DB7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS73172F7E-A841-4CFE-99A9-2224F836A3C3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7D3D6182-6910-4D16-AA73-3E6FE5BF719F.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS7E631960-AE4F-4E20-A733-A70151956731.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS82AF3E5D-019E-42EA-8943-254E50B91440.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS84D07DF6-1F34-4BF0-A7CA-A013ED1A780C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS856206D2-BBCC-4957-A0AF-B4851A1960C0.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8614BAB6-3437-4ECD-9AF0-6A8B7406AF33.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS86861112-FF45-4963-9690-A18839272E62.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8859C65E-4247-4FE2-AB7D-907E40FE1383.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8A2C8039-6F79-4FFB-BB6F-4A54749F670A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8B4498BA-0BB9-4850-9FCF-B41B8C4ECA4B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8C8F9D6E-6FD5-417D-B757-CCB086A0654B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8D3767C0-CBB7-4D5E-BFF4-394910FE91EB.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS8F04C0B4-D4EE-40DB-B327-3A68E3BE8E7E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS90C668BB-6EB9-442B-BA5F-65826305FD86.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS98747D4B-2BCD-4BC9-A8B6-4CCBD49B336D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9A600188-99FD-4B18-B7D6-1A9202FAD66C.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCS9B01ABCB-B728-4288-AF73-FCE1C074C577.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA3871C7A-66E0-4794-8170-D4D15D4C3DA1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA5A48AE1-F43D-4117-A954-356320F90AB1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA5FA3A6A-F24E-4837-A838-F5F8EB7462DE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA6586B0B-2191-452F-AF35-F493A3884021.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSA8D4CA86-E3DE-4D21-8DAA-4958D609D578.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAAC28F70-D3D7-4923-84FD-55B8D91E4BAE.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSAEB86C6D-670F-4068-881F-3F3913B4F058.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB54449DE-4F9C-4D96-8600-6FFBADFA7EC3.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSB5552E13-45DC-4134-9F77-17B599CF7613.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBFD16896-1A68-4542-AC69-EFD18936F476.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSBFFB1CB5-AB87-4410-971A-EB0930261D9B.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC2BFD494-A91F-44AD-801B-060B8CEE23D1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSC6BA8F0B-47F8-4FD6-A604-9CCBFE724A83.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSCEEC0196-230B-4020-9CE7-FFE67A2D47D7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD0DCD43C-F79C-49D4-A42A-0F2C8352C766.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSD695F506-B93D-436C-8BA6-3B4FEC53B8B7.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDB765885-2EE5-4715-BDCE-B1567A6C1201.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDCED6480-B3E5-4C6F-B5C5-599BA7FA0D2D.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDDBAEC35-60B5-4908-8A94-3499A90D103A.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDDCE8F06-EC01-4FE4-B436-D43EDBEF8C51.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSDFB56245-EE24-45D7-A937-12674EC950EA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE09D4060-B015-4A1E-AE72-7EA716AC1648.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSE2B9624E-6D36-4DEA-A448-FD2C2C741460.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF31F315A-D41E-4496-9608-7333ED60EBAA.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF3EFCDA5-C670-4A14-8B14-284DB1F30E03.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF43166DF-C2BD-43EC-9536-FADB68AF1D03.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF5AC0969-23F6-4859-99F2-49A4B674C60E.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF7A07983-4E8B-41B9-831C-BB302E6CF3D6.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF7A65DD8-BA9C-4F7E-B1E5-8ED7247C5326.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSF97DC076-F98F-45F6-B65D-9381C68A70E1.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFC21383B-8F98-4504-9BEB-A2018C2FBE81.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFC7DBD70-A456-4572-A8A3-2CD17D5D1262.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFCF6B9B3-2923-4CA1-B677-307F3F1A3339.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Application Data\Webroot\Spy Sweeper\Temp\SSCSFD45ABB9-9117-4A7B-B650-2648F647A2BC.tmp Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.bak Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\Masters.const Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters\masters.mst Object is locked skipped
C:\Program Files\Webroot\Spy Sweeper\Masters.base Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{04B61D28-C7D9-47D7-8068-12386C338CA1}\RP196\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Twunk002.MTX Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.




Logfile of HijackThis v1.99.1
Scan saved at 7:55:05 PM, on 19/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\Adobe Photoshop\PhotoshopElementsFileAgent.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
E:\Adobe Photoshop\apdproxy.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Documents and Settings\Lee\My Documents\Lee\Lees Downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.iprimus.com.au:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.iprimus.com.au;*.primustel.com.au;*.primus.com.au;192.*;172.*;127.*;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [jv16PT - Privacy Protector] "C:\Program Files\jv16 PowerTools 2006\jv16PT.exe" -ExecTask "C:\Program Files\jv16 PowerTools 2006\Tasks\_PrivacyProtector\Task.jvb"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Adobe Photoshop\apdproxy.exe"
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: Yahoo! Dominoes - http://download.game...ts/y/dot8_x.cab
O16 - DPF: Yahoo! Poker - http://download.game...nts/y/pt3_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/potg_x.cab
O16 - DPF: Yahoo! Spades - http://download.game...nts/y/st2_x.cab
O16 - DPF: Yahoo! Towers 2.0 - http://download.game...ts/y/ywt0_x.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowso...nSSWebAgent.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} (TmHcmsX Control) - http://www.trendsecu...vex/TmHcmsX.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.micr...ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1167908009750
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://download.game...outLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.game...inematycoon.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - E:\Adobe Photoshop\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 31 May 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button