Hi Katana,
Thanks to you, my laptop now running perfectly fine without any pop ups or explorer plomblems
combofix log
ComboFix 08-07-12.2 - rajesh 2008-07-15 18:09:43.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.209 [GMT 5.5:30]
Running from: C:\Documents and Settings\rajesh\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\rajesh\Desktop\CFScript.txt
* Created a new restore point
FILE ::
C:\WINDOWS\system32\281qPpkk.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\281qPpkk.exe
.
((((((((((((((((((((((((( Files Created from 2008-06-15 to 2008-07-15 )))))))))))))))))))))))))))))))
.
2008-07-15 01:12 . 2008-07-15 01:12 <DIR> d-------- C:\Documents and Settings\mahesh\Application Data\HotSync
2008-07-11 15:45 . 2008-07-11 15:46 <DIR> d-------- C:\WINDOWS\ERUNT
2008-07-11 15:30 . 2008-07-11 16:07 <DIR> d-------- C:\SDFix
2008-07-08 19:25 . 2008-07-08 19:25 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-07 15:41 . 2008-07-07 15:41 <DIR> d-------- C:\Documents and Settings\rajesh\Application Data\Malwarebytes
2008-07-07 15:41 . 2008-07-07 15:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-30 20:07 . 2004-08-04 17:30 539,136 --a--c--- C:\WINDOWS\system32\dllcache\dialer.exe
2008-06-26 12:34 . 2008-06-26 12:34 <DIR> d-------- C:\Program Files\MSECache
2008-06-23 10:18 . 2008-07-14 13:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-23 10:18 . 2008-06-23 10:18 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-20 23:11 . 2008-06-20 23:11 245,248 -----c--- C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 16:14 . 2008-06-20 16:14 138,368 -----c--- C:\WINDOWS\system32\dllcache\afd.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-14 17:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-07-11 14:55 --------- d-----w C:\Program Files\Common Files\HTML Executable Viewer
2008-07-06 13:11 --------- d-----w C:\Program Files\Java
2008-07-01 14:42 --------- d-----w C:\Documents and Settings\rajesh\Application Data\Skype
2008-06-26 08:34 37,360 ----a-w C:\Documents and Settings\rajesh\Application Data\GDIPFONTCACHEV1.DAT
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-13 13:10 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-04 04:06 --------- d-----w C:\Program Files\MyBroker
2008-05-22 13:29 345,604 ----a-w C:\WINDOWS\system32\msinfhlp.exe
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-01-03 13:38 2,768 ----a-w C:\Documents and Settings\rajesh\Application Data\ViewerApp.dat
2005-10-17 04:57 284 ----a-w C:\Documents and Settings\mahesh\Application Data\ViewerApp.dat
.
((((((((((((((((((((((((((((( snapshot@2008-07-14_16.21.14.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-14 10:40:59 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-07-15 12:17:29 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 17:30 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="C:\WINDOWS\ATK0100\Hcontrol.exe" [2003-09-20 06:12 61440]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2003-11-08 05:51 114688]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-07-11 09:40 339968]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 10:38 28672]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [2004-06-30 10:15 180224]
"HKSERV.EXE"="C:\Program Files\Sony\HotKey Utility\HKserv.exe" [2004-06-30 03:19 122880]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2004-08-04 05:26 294912]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2004-02-21 02:42 32768]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2004-01-17 16:06 135168]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-12-22 17:45 71280]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2003-12-12 01:05 70800]
"AOLDialer"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" [2004-04-07 12:07 496752]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-03-10 00:50 95960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-05-10 14:38 98304]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 08:38 241664]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-05-13 06:49 172032]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-05-13 06:49 49152]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-25 15:11 185896]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-02 02:52 3739648]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-15 05:16 45056 C:\WINDOWS\system32\ico.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 17:30 110592 C:\WINDOWS\system32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 06:53 443968]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-31 21:22 68856]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 17:30 53760 C:\WINDOWS\system32\narrator.exe]
C:\Documents and Settings\rajesh\Start Menu\Programs\Startup\
palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [2005-09-19 13:20:36 2367488]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0a\aoltray.exe [2005-05-10 14:37:42 156784]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-03-20 22:05:17 125624]
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\palmOne\Hotsync.exe [2004-06-09 14:27:34 471040]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]
Qlock.lnk - C:\Program Files\pdaBusiness\Qlock\Qlock.exe [2005-03-06 21:10:00 1022464]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.dvsd"= C:\PROGRA~1\COMMON~1\SONYSH~1\VideoLib\sonydv.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\America Online 9.0\\waol.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=
"C:\\Program Files\\America Online 9.0a\\waol.exe"=
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"C:\\Program Files\\Sony\\vaio media 3.1\\Vc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-07-09 09:56]
R3 SPI;Sony Programmable I/O Control Device;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2002-08-21 01:29]
S3 MicroStrategy Logging Client;MicroStrategy Logging Client;C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\MCLogSvc.exe -N -b -c C:20020 -a S:20009 -P C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\CSGW_Connection_Config.txt -C C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\CSGW_Consumer_Config.txt []
S3 MicroStrategy System Monitor;MicroStrategy System Monitor;C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\MCMemUsg.EXE [2004-06-19 16:44]
S3 pelmouse;Mouse Suite Driver;C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2002-06-29 06:51]
S3 pelusblf;USB Mouse Low Filter Driver;C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2001-07-24 23:04]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-07-09 09:47]
.
Contents of the 'Scheduled Tasks' folder
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At1.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At10.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At11.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At12.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At13.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At14.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At15.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At16.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At17.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At18.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-15 12:36:57 C:\WINDOWS\Tasks\At19.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At2.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At20.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At21.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At22.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At23.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:47 C:\WINDOWS\Tasks\At24.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At3.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At4.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At5.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At6.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At7.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At8.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:44:46 C:\WINDOWS\Tasks\At9.job"
- C:\WINDOWS\system32\281qPpkk.exe
"2008-07-14 17:51:02 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2008-07-11 14:30:08 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - rajesh.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/TASK:
"2005-01-14 04:18:50 C:\WINDOWS\Tasks\Registration reminder 1.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2005-01-14 04:18:51 C:\WINDOWS\Tasks\Registration reminder 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2006-08-27 06:19:05 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-07-15 18:11:59
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MicroStrategy Logging Client]
"ImagePath"="\"C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\MCLogSvc.exe\" -N -b -c C:20020 -a S:20009 -P \"C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\CSGW_Connection_Config.txt\" -C \"C:\Program Files\MicroStrategy\Narrowcast Server\Delivery Engine\CSGW_Consumer_Config.txt\" -Q 64"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\Ati2evxx.dll
.
Completion time: 2008-07-15 18:14:20
ComboFix-quarantined-files.txt 2008-07-15 12:43:53
ComboFix2.txt 2008-07-14 17:41:58
ComboFix3.txt 2008-07-14 10:51:35
Pre-Run: 47,923,625,984 bytes free
Post-Run: 47,918,374,912 bytes free
205 --- E O F --- 2008-07-09 15:15:03
Panda scan report
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-07-15 19:50:55
PROTECTIONS: 1
MALWARE: 24
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Norton Antivirus 2004 10.00.13 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@trafficmp[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Netscape\Navigator\Profiles\p64krzrj.default\cookies.txt[.doubleclick.net/]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Mozilla\Profiles\default\txhbl4hl.slt\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@atdmt[2].txt
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\rajesh\Desktop\SDFix.exe[SDFix\apps\Process.exe]
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@247realmedia[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@mediaplex[1].txt
00145770 Cookie/CentrPort TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@centrport[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@azjmp[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@azjmp[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@ad.yieldmanager[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@server.iad.liveperson[1].txt
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@stat.onestat[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Netscape\Navigator\Profiles\p64krzrj.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Netscape\Navigator\Profiles\p64krzrj.default\cookies.txt[.advertising.com/]
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@ads.pointroll[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\NetworkService\Cookies\system@zedo[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@adrevolver[2].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Cookies\rajesh@bravenet[1].txt
00215545 Cookie/Bettersearch TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@index[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Netscape\Navigator\Profiles\p64krzrj.default\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\rajesh\Application Data\Mozilla\Profiles\default\txhbl4hl.slt\cookies.txt[.atwola.com/]
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@atwola[2].txt
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\mahesh\Cookies\mahesh@citi.bridgetrack[2].txt
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\QooBox\Quarantine\C\WINDOWS\system32\281qPpkk.exe.vir
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP302\A0040760.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039297.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039307.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039323.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP301\A0040738.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039359.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039438.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039483.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039496.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039571.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0040646.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039590.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0040597.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0040611.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0040633.exe
03093293 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP303\A0040847.exe
03173559 Trj/BHO.BF Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039358.dll
03173559 Trj/BHO.BF Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039296.dll
03173559 Trj/BHO.BF Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0039572.dll
03173559 Trj/BHO.BF Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{24476977-16D4-4E60-8842-5AE649400F5B}\RP300\A0040612.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================