Jump to content

veighouda2

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by veighouda2

  1. It's all working now! Thank you so much! Thank you!
  2. This is the result that i got when i did the hijacker scan Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:17:19 PM, on 12/2/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\java.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\vVX6000.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\System32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: 61.157.217.210 www.yahoo.com O1 - Hosts: 61.157.217.210 www.google.com O1 - Hosts: 61.157.217.210 www.google.co.uk O1 - Hosts: 61.157.217.210 www.myspace.com O1 - Hosts: 61.157.217.210 www.youtube.com O1 - Hosts: 61.157.217.210 www.facebook.com O1 - Hosts: 61.157.217.210 www.antispy.com O1 - Hosts: 61.157.217.210 www.yahoo.com O1 - Hosts: 61.157.217.210 www.yahoo.co.uk O1 - Hosts: 61.157.217.210 www.antispyware.com O1 - Hosts: 61.157.217.210 antispyware.com O1 - Hosts: 61.157.217.210 antispy.com O1 - Hosts: 61.157.217.210 www.msn.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.gg.com O1 - Hosts: 123.251.143.110 www.ghfhj.com O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com O1 - Hosts: 123.251.143.110 www.1.com O1 - Hosts: 123.251.143.110 www.3.com O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com O1 - Hosts: 123.251.143.110 www.asdfasdfld.com O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasndfd.com O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd.com O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com O1 - Hosts: 61.157.217.210 www.live.com O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray O4 - HKLM\..\Run: [AppMgrGui] C:\Program Files\AppStream\WindowsClient\bin\exeForService.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Believe in Santa\Images\stg_drm.ocx O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121831811779 O16 - DPF: {8E6AA867-94D4-4B4F-8791-1B048F8C122A} (WebInterface Class) - https://fastsend.com/products/Fsplugin.cab O16 - DPF: {A6FF3C3C-F33A-4269-9300-2682DB3B3441} (McciUtilsRegistry Class) - https://ehelp.telus.net/lwp/static/installe...r_2-0-0_dsl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamem...GameManager.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Believe in Santa\Images\armhelper.ocx O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: iWinGamesInstaller - Unknown owner - C:\Program Files\iWin Games\iWinGamesInstaller.exe (file missing) O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 14505 bytes
  3. Hi, Sorry I posted this in another forum but am definately looking to get some extra help. Like others when I downloaded the winrar program this problem popped up. I followed the instructions to download and scan with malware and then reboted my computer. The pop up went away but like others my internet problems persisted, wherein when i get onto the internet my google homepage displays in chinese and then i am taken directly to what is obviously a bogus microsoft security alert. If anyone can help based on my results I would be extreemly grateful. Thank you all. Here is my malware log info: Malwarebytes' Anti-Malware 1.30 Database version: 1450 Windows 5.1.2600 Service Pack 2 12/2/2008 2:47:16 PM mbam-log-2008-12-02 (14-47-16).txt Scan type: Quick Scan Objects scanned: 65662 Time elapsed: 10 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 13 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot. Registry Keys Infected: HKEY_CLASSES_ROOT\iehlprobj.iehlprobj.1 (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{495874fe-4a82-4ad1-9476-0b957e0b95eb} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explore (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot. C:\WINDOWS\system32\explore.exe (Trojan.Agent) -> Quarantined and deleted successfully. And here are the results from my free scna with panda: ;******************************************************************************* ******************************************************************************** * ******************* ANALYSIS: 2008-12-02 16:38:59 PROTECTIONS: 2 MALWARE: 64 SUSPECTS: 0 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Norton Antivirus 2005 11.0.17 No No Norton Antivirus 2007 11.0.17 No No ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00039204 adware/cws Adware No 0 Yes No hkey_classes_root\iehlprobj.iehlprobj 00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@trafficmp[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@casalemedia[2].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@casalemedia[1].txt 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@doubleclick[1].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.doubleclick.net/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@doubleclick[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atdmt.com/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atdmt.com/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@atdmt[2].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@tradedoubler[2].txt 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.247realmedia.com/] 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.247realmedia.com/] 00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@247realmedia[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@fastclick[2].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/] 00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@servedby.advertising[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@tribalfusion[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.tribalfusion.com/] 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@tribalfusion[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.mediaplex.com/] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@mediaplex[1].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.mediaplex.com/] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@mediaplex[2].txt 00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@anm.co[1].txt 00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ccbill[1].txt 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@revenue[2].txt 00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[www.myaffiliateprogram.com/] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.com.com/] 00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@com[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@xiti[1].txt 00167724 Cookie/HotLog TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@hotlog[1].txt 00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@azjmp[1].txt 00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@toplist[2].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@statcounter[2].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@statcounter[2].txt 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/] 00167764 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@counter7.sextracker[1].txt 00167765 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@hg1.hitbox[2].txt 00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@perf.overture[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ad.yieldmanager[2].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/] 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@apmebf[1].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.apmebf.com/] 00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@burstnet[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@serving-sys[3].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@bs.serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bs.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bs.serving-sys[1].txt 00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@888[2].txt 00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@www.burstbeacon[2].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adtech[1].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@server.iad.liveperson[2].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[server.iad.liveperson.net/] 00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@stat.onestat[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@advertising[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/] 00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@media.adrevolver[3].txt 00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@statse.webtrendslive[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ads.pointroll[1].txt 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@overture[2].txt 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.overture.com/] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.overture.com/] 00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@realmedia[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@questionmarket[2].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.questionmarket.com/] 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.questionmarket.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/] 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@zedo[1].txt 00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/] 00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@int.sitestat[1].txt 00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@int.sitestat[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bluestreak[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bluestreak.com/] 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@phg.hitbox[1].txt 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adrevolver.com/] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adrevolver.com/] 00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adrevolver[1].txt 00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bravenet[1].txt 00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bravenet.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adultfriendfinder.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adultfriendfinder.com/] 00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adultfriendfinder[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@go[2].txt 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@searchportal.information[1].txt 00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.target.com/] 00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@did-it[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adviva[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@atwola[2].txt 00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atwola.com/] 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@smartadserver[1].txt 00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ehg-dig.hitbox[2].txt 00447834 Adware/Lop Adware No 0 Yes No C:\Program Files\Norton AntiVirus\Quarantine\47431B8F.exe 00521370 Spyware/Iehelp Spyware No 1 No No C:\Documents and Settings\George\Desktop\pageant-princess-setup.exe[iWinGamesHookIE.dll] 01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adserver.easyad[1].txt 02893775 Spyware/Iehelp Spyware No 1 No No C:\Documents and Settings\George\Desktop\pageant-princess-setup.exe[iWinArcadeLauncher.exe] 02893775 Spyware/Iehelp Spyware No 1 Yes No C:\Program Files\iWin Games\firefox\iWinArcadeLauncher.exe 03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe 03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe 03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe 03310023 Trj/Trymedia.gen Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{E25A8471-3F01-4F4B-AE64-4E46312DC2C3}\RP965\A0173788.exe 03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{E25A8471-3F01-4F4B-AE64-4E46312DC2C3}\RP968\A0174585.sys ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description ;=============================================================================== ================================================================================ = =================== 184380 MEDIUM MS08-002 184379 MEDIUM MS08-001 182048 HIGH MS07-069 182046 HIGH MS07-067 182043 HIGH MS07-064 179553 HIGH MS07-061 176382 HIGH MS07-057 176383 HIGH MS07-058 170911 HIGH MS07-050 170907 HIGH MS07-046 170906 HIGH MS07-045 170904 HIGH MS07-043 164915 HIGH MS07-035 164913 HIGH MS07-033 164911 HIGH MS07-031 ;=============================================================================== ================================================================================ = =================== I am planning on going to the hijackthis software as advised unless someone has a better idea.
  4. Hi, So like many others I somehow got this intervalhehehe thing downloaded into my computer, and foolishly just thought that by following instructions I could fix it all on my own. I have downloaded the malwar software and ran the scan it got rid of the intrevalhehehe thing, however like others whenever I go on the internet I get the stupid chinese script and fake microsoft security message. I have got my logs from the malwar scan and am currently still working on the panda active scan and will post those as well, I have seen the instructions regarding the hijackthis software but would like some input before I scan anything further. Here are my logs, please help! Thank you! Malwarebytes' Anti-Malware 1.30 Database version: 1450 Windows 5.1.2600 Service Pack 2 12/2/2008 2:47:16 PM mbam-log-2008-12-02 (14-47-16).txt Scan type: Quick Scan Objects scanned: 65662 Time elapsed: 10 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 1 Registry Keys Infected: 13 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot. Registry Keys Infected: HKEY_CLASSES_ROOT\iehlprobj.iehlprobj.1 (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{495874fe-4a82-4ad1-9476-0b957e0b95eb} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db} (Adware.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explore (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot. C:\WINDOWS\system32\explore.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.