Jump to content

Slava12

Members
  • Posts

    22
  • Joined

  • Last visited

Reputation

0 Neutral
  1. OK, I can buy Malwarebyrtes and have areal-time protection. But, is it advisable to keep Malwarebytes and Norton 360 on the same PC? What about the conflict between two programs?
  2. Thank you! MBAM doesn't have a Real time protection for me, I am using free version. But, Norton 360 -got it busted, Blocked Rogue Antivirus! I already e-mailed Microsoft secure@ microsoft.com, but I don't know whether they will reply.
  3. Intrusion attempt by localhost was blocked Application Path\DEVICE\HARDDISKVOLUME3\PROGRAMFILES(X86)\MOZILLAFIREFOX\FIREFOX.EXE Attacker
  4. Here's the name of picture from google.com image: Estelle Parsons 369 x 594 - 47k - jpg tourdevietnam.com Find similar images Below results of my Norton 360 Scan: Category: Intrusion Prevention Date & Time,Severity,Activity,Status,Recommended Action,Risk Name,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description,Category 3/8/2010 9:22 AM,High,"An intrusion attempt by localhost was blocked. Application path <path>\DEVICE\HARDDISKVOLUME3\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE</path>",Blocked,No Action Required,HTTP Fake Antivirus Install Request 4,"localhost (127.0.0.1, 49191)",93.186.127.201/hitin.php?land=20&affid=95202,"localhost (127.0.0.1, 50398)",127.0.0.1 (127.0.0.1),"TCP, Port 49191", 3/8/2010 8:47 AM,Info,Intrusion Prevention has been enabled,Detected,No Action Required,,,,,,,Intrusion Prevention 3/8/2010 8:47 AM,Info,Intrusion Prevention is monitoring 1535 signatures. Driver version: 9.1.2.5,Detected,No Action Required,,,,,,,Intrusion Prevention 3/8/2010 8:47 AM,Info,Intrusion Prevention Engine version: 4.5.0.67 Definitions Set version: 20100224.002,Detected,No Action Required,,,,,,,Intrusion Prevention Intrusion attempt by localhost was blocked Application Path\DEVICE\HARDDISKVOLUME3\PROGRAMFILES(X68)\MOZILLAFIREFOX\FIREFOX.EXE Attacker URL: 93.186.127.201/hitin.php?land=20&affid=95202 Traffic Description: TCP Port 49191 Risk Name: HTTP Fake Antivirus Install Request 4
  5. Greetings, I was browsing through google for my favorite actress now I clicked on this site tourdevietnam.com and I got message prompted that my machine wants to install Antivirus program. I trminated firefox using Task manager, I didn't click yes or no on the Firefox window. I scanned my PC with Norton 360 and malwareBytes, that rogue antivirus hasn't been installed. Here's the link hxxp://images.google.com/images?um=1&h...=84&ndsp=21 properties of the picture hxxp://t0.gstatic.com/images?q=tbn:lckYsmB...EzDffQDJv8l.jpg There's a picture of Estelle Parsons, there's a photo of Jim parsons, where the rogue antivirus message prompts to install. Is there a way to report this site on the internet, so they can shot it down? Thanks
  6. Thank you so much!!!!! Since my PC is a new one, Bought it this january 2010, I will hold to your instructions for now. Will definitely apply the softwares you mentioned when I see that my PC goes a little kuku.:-) Since, I heard about these programs on a radio show, I wanted to ask experts, such as you, whether you have used such programs (e.g reliability and validity)!
  7. Greetings! Well, I don't know where to post my question , which is related to security of flashdrive (USB Drive) and PC Pitstop Optimize. Now, I don't know if heard about Kim Komando radio show? Its all about latest gadgets and electronics. She recommends to install this program , so it disables autoran, pereventing flashdrive, CD D drive from malwares-Panda USB Vaccine http://research.pandasecurity.com/panda-us...utorun-vaccine/ and another one is PC Pitstop Optimize, http://pcpitstop.com/store/optimize3_kimwhy.asp?which supposed to get rid off unnecessary files, registries, and clean up mess from Microsoft latest updates installation. Would you recommend to install these two programs? I have Windows 7. 64x PC. I Have NORTON 360 Installed on my PC. Will this Panda additional antivirus interfere with Norton? Thanking you in advance!
  8. I had some guts to delete quarantined items from NORTON and MBAM. MCAfee Antiphishing BHO--MCAfee came pre-installed on my PC 30 days trial. The store Easy Tech support got remotely hold of my PC , and uninstalled McAfee, and Installed NORTON 360-- 1 years subscription. PC is ok, I guess! NORTON 360: Date & Time,Severity,Activity,Status,Recommended Action,Component,Definitions Version,ERASER Version,Risk Name,Risk Category,Risk Type,Risk State,File Name 2/6/2010 7:08 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.06.021,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 2/1/2010 10:21 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.033,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 2/1/2010 4:28 PM,High,Trojan.ByteVerify detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.009,,Trojan.ByteVerify,Virus,Compressed File,Fully removed, 2/1/2010 4:28 PM,High,Trojan.ByteVerify detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.009,,Trojan.ByteVerify,Virus,Compressed File,Fully removed, 2/1/2010 3:54 PM,High,Auto-Protect has detected Bloodhound.Exploit.193,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2010.02.01.009,,,Heuristic Virus,,,c:\users\slava\appdata\local\mozilla\firefox\profiles\mjudkvtg.default\cache\ff4c325ad01 1/30/2010 7:45 PM,High,Auto-Protect has detected Bloodhound.Exploit.193,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2010.01.30.021,,,Heuristic Virus,,,c:\users\slava\appdata\local\mozilla\firefox\profiles\mjudkvtg.default\cache\5cb20798d01 1/15/2010 10:46 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.15.019,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/13/2010 8:02 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.13.009,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/12/2010 11:20 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.12.005,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/11/2010 10:26 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.11.003,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/9/2010 5:22 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.08.055,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/8/2010 8:29 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.08.002,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:54 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:15 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:13 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, HIJACKTHIS: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:37:26 PM, on 2/7/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe C:\Program Files (x86)\Digital Line Detect\DLG.exe C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\Orbitdownloader\orbitdm.exe C:\Program Files (x86)\Orbitdownloader\orbitnet.exe C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\downloads\hijackthis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\vdeck.exe O4 - HKLM\..\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSN Toolbar] "c:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe O4 - HKLM\..\RunOnce: [sTToasterLauncher] C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe O4 - HKCU\..\Run: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files (x86)\Digital Line Detect\DLG.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellComms) (sprtsvc_DellComms) - SupportSoft, Inc. - C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10094 bytes and now---beautiful MBAM reports: Malwarebytes' Anti-Malware 1.44 Database version: 3713 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 2/9/2010 10:41:34 AM mbam-log-2010-02-09 (10-41-30).txt Scan type: Quick Scan Objects scanned: 100038 Time elapsed: 2 minute(s), 56 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  9. I read all about the removal tools and what to do, and I am still confused. I have Norton 360 Antivirus 3.0 and I have 2 viruses in quarantine.(Trojan . Byte and Blood Hound. Exploit 193). When I go to a History of scans, I see the items under quarantine, but there's no option of deleting. I went like this:1. Opened Norton 2, Clicked on task, 3. See monthly report 4. click Under Viruses and spyware (they are under Resolved security risk) Security History. 5 Highlight quarantined item. 6. I also view quarantined item in the box of Security history, On the right side I have 3 choices: 1.More Details, 2.add to quarantine. 3. Clear entries. More details has these:Restore, remove from history, and submit to Symantec. That's all. CLEAR Entries-only clears entry from the view, i t doesn't really delete the item, I think Here's the scan of Norton: Category: Resolved Security Risks Date & Time,Severity,Activity,Status,Recommended Action,Component,Definitions Version,ERASER Version,Risk Name,Risk Category,Risk Type,Risk State,File Name 2/6/2010 7:08 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.06.021,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 2/1/2010 10:21 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.033,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 2/1/2010 4:28 PM,High,Trojan.ByteVerify detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.009,,Trojan.ByteVerify,Virus,Compressed File,Fully removed, 2/1/2010 4:28 PM,High,Trojan.ByteVerify detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.02.01.009,,Trojan.ByteVerify,Virus,Compressed File,Fully removed, 2/1/2010 3:54 PM,High,Auto-Protect has detected Bloodhound.Exploit.193,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2010.02.01.009,,,Heuristic Virus,,,c:\users\slava\appdata\local\mozilla\firefox\profiles\mjudkvtg.default\cache\ff4c325ad01 1/30/2010 7:45 PM,High,Auto-Protect has detected Bloodhound.Exploit.193,"Blocked, Blocked",Resolved - No Action,Auto-Protect,2010.01.30.021,,,Heuristic Virus,,,c:\users\slava\appdata\local\mozilla\firefox\profiles\mjudkvtg.default\cache\5cb20798d01 1/15/2010 10:46 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.15.019,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/13/2010 8:02 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.13.009,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/12/2010 11:20 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.12.005,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/11/2010 10:26 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.11.003,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/9/2010 5:22 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.08.055,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/8/2010 8:29 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.08.002,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:54 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:15 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, 1/7/2010 4:13 PM,Low,Tracking Cookie detected by Virus scanner,Quarantined,Resolved - No Action,Virus scanner,2010.01.07.006,109.2.3.12,Tracking Cookie,Cookie,File Based,Fully removed, slava37 is online now Add to slava37's Reputation Report Post
  10. Greetings! Well, here I am again with these new fresh, nasty things. It stays in my Quarantined list of malwarebytes. What do I do with them? Although scans says quarantined and deleted. it is shown on my Quarantine list. Were they already deleted or I have to delete them? Malwarebytes' Anti-Malware 1.44 Database version: 3695 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 2/6/2010 4:21:54 PM mbam-log-2010-02-06 (16-21-54).txt Scan type: Quick Scan Objects scanned: 99898 Time elapsed: 2 minute(s), 22 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{4509d3cc-b642-4745-b030-645b79522c6d} (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{4897bba6-48d9-468c-8efa-846275d7701b} (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ca3eb689-8f09-4026-aa10-b9534c691ce0} (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Adware.Ecobar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Not selected for removal. Folders Infected: (No malicious items detected) Files Infected: C:\Program Files (x86)\SpeedBit Video Downloader\Toolbar\tbhelper.dll (Adware.Ecobar) -> Quarantined and deleted successfully.
  11. Thanks!! still got one little question!!! Since, I have uninstalled BitSpirit, and it is not shows on any scan, and the second entry I had MBAM as a False positive, do i really need to do Restore point? Nope, system restore isn't exactly works per direcrtion as for Vista, but I kind of figured out where to do it on my PC. Thanks
  12. So, then I guess I shouldn't use a restore point for now! Thank you so much for a direction re: Restore point!!!!!!!!
  13. One more question! Do I need to make a Restore point? Some of the malware I picked up could have been saved in System Restore. Since this is a protected directory my tools cannot access to delete these files, they sometimes can reinfect a system if I accidentally use an old restore point. Setting a new restore point AFTER cleaning my system will help prevent this and enable my computer to "roll-back" to a clean working state. What do you think?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.