|
-
November 13th, 2008, 04:40 AM
#3
SUPERAntiSpyware
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/13/2008 at 02:50 AM
Application Version : 4.21.1004
Core Rules Database Version : 3635
Trace Rules Database Version: 1618
Scan type : Complete Scan
Total Scan Time : 01:35:11
Memory items scanned : 165
Memory threats detected : 3
Registry items scanned : 4403
Registry threats detected : 95
File items scanned : 42348
File threats detected : 109
Adware.Vundo/Variant-Zone
C:\WINDOWS\SYSTEM32\AJAIYA.DLL
C:\WINDOWS\SYSTEM32\AJAIYA.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1eec9d7a-8ad6-4bd7-b9ad-2d14b050432f}
HKCR\CLSID\{1EEC9D7A-8AD6-4BD7-B9AD-2D14B050432F}
HKCR\CLSID\{1EEC9D7A-8AD6-4BD7-B9AD-2D14B050432F}\InprocServer32
HKCR\CLSID\{1EEC9D7A-8AD6-4BD7-B9AD-2D14B050432F}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\BCRGCHHO.DLL
C:\WINDOWS\SYSTEM32\EKTHZO.DLL
C:\WINDOWS\SYSTEM32\WRVQKLIE.DLL
Trojan.Vundo-Variant/Small-GEN
C:\WINDOWS\SYSTEM32\GEBSRSLE.DLL
C:\WINDOWS\SYSTEM32\GEBSRSLE.DLL
C:\WINDOWS\SYSTEM32\EFCBRHFU.DLL
C:\WINDOWS\SYSTEM32\JKKECDTK.DLL
C:\WINDOWS\SYSTEM32\SSQQGAYP.DLL
Adware.Vundo Variant/Resident
C:\WINDOWS\SYSTEM32\OPNOLLCB.DLL
C:\WINDOWS\SYSTEM32\OPNOLLCB.DLL
Adware.Vundo/Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3FFEDFD6-B1F4-3BE0-8F0D-6DA858763E49}
HKCR\CLSID\{3FFEDFD6-B1F4-3BE0-8F0D-6DA858763E49}
HKCR\CLSID\{3FFEDFD6-B1F4-3BE0-8F0D-6DA858763E49}
HKCR\CLSID\{3FFEDFD6-B1F4-3BE0-8F0D-6DA858763E49}\InProcServer32
HKCR\CLSID\{3FFEDFD6-B1F4-3BE0-8F0D-6DA858763E49}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\LFMHEVHHCRINP.DLL
Trojan.Vundo-Variant/NextGen
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF2BF363-4243-41C9-ADB6-FC2A94EE4404}
HKCR\CLSID\{EF2BF363-4243-41C9-ADB6-FC2A94EE4404}
HKCR\CLSID\{EF2BF363-4243-41C9-ADB6-FC2A94EE4404}\InprocServer32
HKCR\CLSID\{EF2BF363-4243-41C9-ADB6-FC2A94EE4404}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCA8C38-5954-4730-AEAF-0A658C4F8A91}
HKCR\CLSID\{FFCA8C38-5954-4730-AEAF-0A658C4F8A91}
HKCR\CLSID\{FFCA8C38-5954-4730-AEAF-0A658C4F8A91}\InprocServer32
HKCR\CLSID\{FFCA8C38-5954-4730-AEAF-0A658C4F8A91}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{FFCA8C38-5954-4730-AEAF-0A658C4F8A91}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\geBsrSLE
Adware.Tracking Cookie
C:\Documents and Settings\john\Cookies\john@mediaplex[2].txt
C:\Documents and Settings\john\Cookies\john@wmvmedialease[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@exitexchange[2].txt
C:\Documents and Settings\john\Cookies\john@adservr[1].txt
C:\Documents and Settings\john\Cookies\john@specificclick[1].txt
C:\Documents and Settings\john\Cookies\john@doubleclick[2].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@advertising[2].txt
C:\Documents and Settings\john\Cookies\john@chitika[2].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@tribalfusion[2].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@adlegend[2].txt
C:\Documents and Settings\john\Cookies\john@zedo[2].txt
C:\Documents and Settings\john\Cookies\john@yx0banners[1].txt
C:\Documents and Settings\john\Cookies\john@burstnet[2].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@adecn[1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@bannerconnect[1].txt
C:\Documents and Settings\john\Cookies\john@adrevolver[2].txt
C:\Documents and Settings\john\Cookies\john@bootcampmedia[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@media-servers[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@yadro[2].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@atdmt[1].txt
C:\Documents and Settings\john\Cookies\john@insightexpressai[1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@serving-sys[2].txt
C:\Documents and Settings\john\Cookies\john@adjuggler[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@adbrite[1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@apmebf[1].txt
C:\Documents and Settings\john\Cookies\john@questionmarket[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@trafficmp[1].txt
C:\Documents and Settings\john\Cookies\john@yieldmanager[1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@bluestreak[1].txt
C:\Documents and Settings\john\Cookies\[email protected][1].txt
C:\Documents and Settings\john\Cookies\john@media6degrees[1].txt
C:\Documents and Settings\john\Cookies\john@precisionclick[2].txt
C:\Documents and Settings\john\Cookies\john@realmedia[2].txt
C:\Documents and Settings\john\Cookies\john@mmcounter[1].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\[email protected][2].txt
C:\Documents and Settings\john\Cookies\john@specificmedia[2].txt
C:\Documents and Settings\LocalService\Cookies\system@enhance[2].txt
C:\Documents and Settings\LocalService\Cookies\system@partner2profit[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@adecn[1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@advertising[2].txt
C:\Documents and Settings\music\Cookies\music@apmebf[2].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\music@azjmp[2].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@entrepreneur[1].txt
C:\Documents and Settings\music\Cookies\music@fastclick[1].txt
C:\Documents and Settings\music\Cookies\music@incentaclick[2].txt
C:\Documents and Settings\music\Cookies\music@linksynergy[1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@media6degrees[1].txt
C:\Documents and Settings\music\Cookies\music@myroitracking[1].txt
C:\Documents and Settings\music\Cookies\music@realmedia[1].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@specificclick[1].txt
C:\Documents and Settings\music\Cookies\[email protected][1].txt
C:\Documents and Settings\music\Cookies\music@tribalfusion[1].txt
C:\Documents and Settings\music\Cookies\music@wmvmedialease[1].txt
C:\Documents and Settings\music\Cookies\[email protected][2].txt
C:\Documents and Settings\music\Cookies\music@zedo[1].txt
Trojan.NetMon/DNSChange
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc
Trojan.cmdService
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000#DeviceDesc
Adware.MyWebSearch/FunWebProducts
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
RootKit.TnCore/Trace
C:\WINDOWS\system32\drivers\core.cache.dsk
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\FCOVM
HKLM\SOFTWARE\Microsoft\RemoveRP
HKLM\SOFTWARE\Microsoft\MS Juan
HKLM\SOFTWARE\Microsoft\MS Juan#RID
HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO
HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\DJZERO#CNT
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#CNT
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#LBL
HKLM\SOFTWARE\Microsoft\MS Juan\metajuan#MN
HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg
HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\meta_mg#CNT
HKLM\SOFTWARE\Microsoft\MS Juan\profiling4
HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#CNT
HKLM\SOFTWARE\Microsoft\MS Juan\profiling4#CPS
HKLM\SOFTWARE\Microsoft\MS Juan\superjuan
HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\superjuan#CNT
HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan
HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#LTM
HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#CDY
HKLM\SOFTWARE\Microsoft\MS Juan\TrackDJuan#CNT
HKLM\SOFTWARE\Microsoft\contim
HKLM\SOFTWARE\Microsoft\contim#SysShell
HKLM\SOFTWARE\Microsoft\MS Track System
HKLM\SOFTWARE\Microsoft\MS Track System#Uid
HKLM\SOFTWARE\Microsoft\rdfa
HKLM\SOFTWARE\Microsoft\rdfa#F
HKLM\SOFTWARE\Microsoft\rdfa#N
C:\WINDOWS\SYSTEM32\MCRH.TMP
Rogue.Component/Trace
HKLM\Software\Microsoft\4CCA4C0F
HKLM\Software\Microsoft\4CCA4C0F#4cca4c0f
HKLM\Software\Microsoft\4CCA4C0F#Version
HKLM\Software\Microsoft\4CCA4C0F#red_srv
HKLM\Software\Microsoft\4CCA4C0F#red_srv_bckp
HKLM\Software\Microsoft\4CCA4C0F#4ccae18f
HKLM\Software\Microsoft\4CCA4C0F#4cca886a
Trojan.Dropper/Gen
C:\DOCUMENTS AND SETTINGS\JOHN\~.EXE
C:\WINDOWS\Prefetch\~.EXE-226308DB.pf
Trojan.MSANSSPC
C:\WINDOWS\SYSTEM32\MSANSSPC.DLL
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
