As far as the avg scan is concerned it contains about 160,000 entries i believe most of which are/were tracking cookies which im going to edit out to save space as i went in and deleted them through dos. If you need me to add them i can but for now ill just add what seems to be pertinent information.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 8:42:54 AM 6/7/2007
+ Scan result:
C:\WINDOWS\system32\gtdownls_95.ocx -> Adware.Gdown : No action taken.
HKU\S-1-5-21-220523388-1425521274-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{3E9B951E-6F72-431B-82CF-4A9FBF2F53BC} -> Adware.Generic : No action taken.
HKU\S-1-5-21-220523388-1425521274-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB} -> Adware.Generic : No action taken.
[1284] C:\WINDOWS\system32\awtrpqo.dll -> Adware.Virtumonde : No action taken.
[3736] C:\WINDOWS\system32\ddayx.dll -> Adware.Virtumonde : No action taken.
[892] C:\WINDOWS\SYSTEM32\awtrpqo.dll -> Adware.Virtumonde : No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : No action taken.
C:\Documents and Settings\Fluff Dawg.MOM\Local Settings\Temp\win497.tmp.exe -> Downloader.Agent.brf : No action taken.
C:\Documents and Settings\Fluff Dawg\Local Settings\Temporary Internet Files\Content.IE5\SHWXMBCH\pi[1].exe -> Downloader.Small.aal : No action taken.
D:\Fluff\Devices\ipnetinfo.exe -> Not-A-Virus.NetTool.Win32.IpNetInfo.120 : No action taken.
D:\Fluff\ipnetinfo.zip/ipnetinfo.exe -> Not-A-Virus.NetTool.Win32.IpNetInfo.120 : No action taken.
C:\Documents and Settings\Fluff Dawg.MOM\Local Settings\Temp\win493.tmp.exe -> Trojan.Agent.qt : No action taken.
C:\Documents and Settings\Fluff Dawg.MOM\Local Settings\Temp\gos489.tmp -> Trojan.Dialer.qn : No action taken.
C:\Documents and Settings\Fluff Dawg.MOM\Local Settings\Temp\win491.tmp.exe -> Trojan.Dialer.qn : No action taken.
C:\WINDOWS\system32\winrkp32.dll -> Trojan.Dialer.qn : No action taken.
D:\mp3converter\serial.exe -> Trojan.Dialer.qn : No action taken.
C:\Documents and Settings\Fluff Dawg\Local Settings\Temporary Internet Files\Content.IE5\PG0RXTOD\exitpoplight1[2].htm -> Trojan.NoClose.i : No action taken.
C:\Documents and Settings\Fluff Dawg\Local Settings\Temporary Internet Files\Content.IE5\SHWXMBCH\exitpoplight1[4].htm -> Trojan.NoClose.i : No action taken.
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\8PGJO3KZ\exitpoplight1[1].htm -> Trojan.NoClose.i : No action taken.
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\MJMDYDCL\exitpoplight1[1].htm -> Trojan.NoClose.i : No action taken.
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\QDC72PQX\exitpoplight1[1].htm -> Trojan.NoClose.i : No action taken.
::Report end
In the middle there were mostly all files along the lines of...
:mozilla.474:C:\RECYCLER\NPROTECT\00098495.MOZ -> TrackingCookie.Zedo : No action taken.
:mozilla.474:C:\RECYCLER\NPROTECT\00098497.MOZ -> TrackingCookie.Zedo : No action taken.
:mozilla.474:C:\RECYCLER\NPROTECT\00098510.MOZ -> TrackingCookie.Zedo : No action taken.
Which i have since deleted
Also, this log is from before i was able to take any action, i have quarantined everything listed above though since the scan and im doing another scan right now.
Reply With Quote