; Registry Search by Bobbi Flekman
; Version: 1.0.2.1
; Results at 12/31/2005 2:42:56 PM for strings:
; 'contextplus'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
; End Of The Log...
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
The current date is: Sat 12/31/2005
The current time is: 15:05:00.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Existing Pre-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 776 'explorer.exe'
Killing PID 776 'explorer.exe'
Starting registry repairs
Deleting files
Remaining Post-run Files
~~~ Program Files ~~~
~~~ Shortcuts ~~~
~~~ Favorites ~~~
~~~ system32 folder ~~~
~~~ Icons in System32 ~~~
~~~ Windows directory ~~~
~~~ Drive root ~~~
~~~ Miscellaneous Files/folders ~~~
~~~ Wininet.dll ~~~
CLEAN!
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 4:24:57 PM, 12/31/2005
+ Report-Checksum: 9BEBDB7
+ Scan result:
HKLM\SOFTWARE\Classes\Interface\{90CCDCB0-C9E5-4DC0-B791-A1111D37AF9D} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{967B8A74-4063-49AB-95D4-E3D25308EC66} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{A19AC0C8-24C1-43C9-8F7C-449E931DF473} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{DA8FE493-49A2-44F6-B4AA-E58CAFC7FFDF} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FAB925C1-16B6-4DE1-BFCA-880FBEAFE584} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FB3DAA1E-3236-4B43-9C19-64F57EB9C019} -> Spyware.iLookup : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F177A37F-E8A8-47AD-A7E9-E95FED03D7EE} -> Spyware.iLookup : Cleaned with backup
HKU\S-1-5-21-484763869-682003330-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{014DA6C1-189F-421A-88CD-07CFE51CFF10} -> Spyware.eXact : Cleaned with backup
HKU\S-1-5-21-484763869-682003330-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08BEC6AA-49FC-4379-3587-4B21E286C19E} -> Spyware.SBSoft : Cleaned with backup
HKU\S-1-5-21-484763869-682003330-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD4C3CF0-4B15-11D1-ABED-709549C10000} -> Spyware.GoZilla : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Craig Allen\Application Data\Mozilla\Profiles\default\2bhohxal.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-78b0606f-386ddec9.class -> Trojan.Java.Femad : Cleaned with backup
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1f77f519-6b4b297b.zip/Gummy.class -> Trojan.Java.Femad : Error during cleaning
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-3598e98a-1c0ad166.zip/Gummy.class -> Trojan.Java.Femad : Error during cleaning
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5000a103-4dad7d97.zip/Gummy.class -> Trojan.Java.Femad : Error during cleaning
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5000a103-4dad7d97.zip/Beyond.class -> Trojan.Java.ClassLoader.k : Error during cleaning
C:\Documents and Settings\Craig Allen\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-2d22e298-38fdddac.zip/Gummy.class -> Trojan.Java.Femad : Error during cleaning
C:\Documents and Settings\Craig Allen\Cookies\craig allen@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@ads.addynamix[1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@adtech[1].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@bluestreak[2].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@centrport[2].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@count.xhit[2].txt -> Spyware.Cookie.Xhit : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@cz7.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@edge.ru4[2].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@microsofteup.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@microsoftwga.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@paycounter[1].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@qksrv[2].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@redcats.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@sales.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@server.iad.liveperson[2].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@trafic[1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@www.etracker[1].txt -> Spyware.Cookie.Etracker : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@xxxcounter[2].txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Documents and Settings\Craig Allen\Cookies\craig allen@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Cleaned with backup
C:\RECYCLER\NPROTECT\03279469.EXE -> Downloader.Small.atl : Cleaned with backup
C:\RECYCLER\NPROTECT\03279472.EXE -> Downloader.Small.cdc : Cleaned with backup
C:\RECYCLER\NPROTECT\03279475.EXE -> Downloader.Small.aqu : Cleaned with backup
C:\RECYCLER\NPROTECT\03279478.EXE -> Downloader.Small.aqu : Cleaned with backup
C:\RECYCLER\NPROTECT\03279530.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03279614.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03279883.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280560.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280642.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280727.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280794.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280871.exe -> Trojan.Pakes : Cleaned with backup
C:\RECYCLER\NPROTECT\03280928.exe -> Trojan.Pakes : Cleaned with backup
C:\WINDOWS\system32\csbbm.exe -> Downloader.Agent.uj : Cleaned with backup
C:\WINDOWS\system32\dmife.exe -> Trojan.Pakes : Cleaned with backup
::Report End