Antivirus Pro 2009

[jinthavong]

Malwarebytes' Anti-Malware 1.30

Database version: 1409

Windows 5.1.2600 Service Pack 3

11/18/2008 12:59:44 PM

mbam-log-2008-11-18 (12-58-50).txt

Scan type: Quick Scan

Objects scanned: 71338

Time elapsed: 13 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 7

Registry Values Infected: 23

Registry Data Items Infected: 0

Folders Infected: 1

Files Infected: 28

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{c24d7016-d00f-41ef-9781-984b6b5ff38f} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{ec88fcd0-2ed5-4d65-9b4c-71d146b43a2e} (Rogue.AscentivePerformance) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{e532cfb1-5edd-4663-8c22-bcd67b5e5bd4} (Rogue.AscentivePerformance) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Rogue.AscentivePerformance) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\ConTest.dll (Rogue.AscentivePerformance) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xrt_Shell (Trojan.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_id (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_options (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_server1 (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_reserv (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_forms (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_certs (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_options (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_ss (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_pstorage (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_command (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_file (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_idproject (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_pauseopt (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_pausecert (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_deletecookie (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_opt_deletesol (Backdoor.Agent) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\xrt_patch (Backdoor.Agent) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\brastk (Trojan.FakeAlert) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Performance Center (Rogue.PCSpeedScan) -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\AntivirusPro2009 (Rogue.Antivirus2008) -> No action taken.

Files Infected:

C:\WINDOWS\karna.dat (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\system32\karna.dat (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\system32\SysRestore.dll (Rogue.AscentivePerformance) -> No action taken.

C:\WINDOWS\system32\ConTest.dll (Rogue.AscentivePerformance) -> No action taken.

C:\WINDOWS\system32\TDSSotcv.dll (Trojan.TDSS) -> No action taken.

C:\Program Files\AntivirusPro2009\AntivirusPro2009.exe (Rogue.Antivirus2008) -> No action taken.

C:\Program Files\AntivirusPro2009\AVEngn.dll (Rogue.Antivirus2008) -> No action taken.

C:\Program Files\AntivirusPro2009\htmlayout.dll (Rogue.Antivirus2008) -> No action taken.

C:\Program Files\AntivirusPro2009\pthreadVC2.dll (Rogue.Antivirus2008) -> No action taken.

C:\Program Files\AntivirusPro2009\Uninstall.exe (Rogue.Antivirus2008) -> No action taken.

C:\WINDOWS\browser.exe (Worm.Autorun) -> No action taken.

C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> No action taken.

C:\WINDOWS\system32\dllcache\beep.sys (Fake.Beep.Sys) -> No action taken.

C:\WINDOWS\brastk.exe (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\system32\_scui.cpl (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\system32\wini10894.exe (Trojan.FakeAlert) -> No action taken.

C:\WINDOWS\system32\brastk.exe (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\SETUP.EXE (Trojan.Agent) -> No action taken.

C:\Documents and Settings\Owner\Cookies\ilizusiba.exe (Fake.Dropped.Malware) -> No action taken.

C:\Documents and Settings\Owner\INSTALL.EXE (Trojan.Dropper) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn3 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn4 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn5 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn6 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn7 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn8 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn9 (Trojan.FakeAlert) -> No action taken.

C:\Documents and Settings\Owner\Local Settings\Temp\TDSS282b.tmp (Trojan.FakeAlert) -> No action taken.

[jinthavong]

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-11-18 15:11:20

PROTECTIONS: 1

MALWARE: 48

SUSPECTS: 2

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

McAfee VirusScan 10.02 No Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.trafficmp.com/]

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@casalemedia[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.doubleclick.net/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@247realmedia[2].txt

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.tribalfusion.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.com.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@com[1].txt

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@azjmp[2].txt

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.statcounter.com/]

00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[counter.hitslink.com/]

00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.apmebf.com/]

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@apmebf[2].txt

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.burstnet.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.burstnet.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[2].txt

00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[2].txt

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[1].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.advertising.com/]

00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[3].txt

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\WINDOWS\Temp\Cookies\owner@statse.webtrendslive[2].txt

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive[1].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ads.pointroll.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@overture[2].txt

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.realmedia.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.realmedia.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.questionmarket.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.zedo.com/]

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.bluestreak.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@adrevolver[2].txt

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.adrevolver.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@go[1].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.go.com/]

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@searchportal.information[1].txt

00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.did-it.com/]

00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.did-it.com/]

00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.did-it.com/]

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.atwola.com/]

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@atwola[2].txt

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ehg-dig.hitbox.com/]

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ehg-dig.hitbox.com/]

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ehg-dig.hitbox.com/]

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ehg-dig.hitbox.com/]

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\l13222ca.default\cookies-1.txt[.ehg-dig.hitbox.com/]

00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[2].txt

00411461 Adware/RichVideoCodec Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP423\A0055754.exe

00431587 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\7Q6ISBTX\BinariesGUI[1].cab

00431587 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn11

00431587 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn6

00446437 Adware/AntivirusPro2009 Adware No 0 Yes No C:\WINDOWS\karna.dat

00446437 Adware/AntivirusPro2009 Adware No 0 Yes No C:\WINDOWS\system32\karna.dat

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\OFRCH1RX\Install[1].exe

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\WINDOWS\system32\wini10894.exe

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Program Files\AntivirusPro2009\Uninstall.exe

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0067310.exe

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP500\A0069317.exe

00452931 Application/AntivirusPro2009 HackTools No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0067309.exe

00452946 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn10

00452946 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\LZTZSYFB\BinariesAdd[1].cab

00452946 Application/AntivirusPro2009 HackTools No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temp\wrdwn5

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP497\A0066192.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP498\A0066194.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0066268.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0066269.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0066286.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0066287.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0067286.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP499\A0067287.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP497\A0066191.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\WINDOWS\brastk.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP498\A0066193.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP500\A0069325.exe

00455803 Adware/VistaAntivirus Adware No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP500\A0069326.exe

00455803 Adware/VistaAntivirus Adware Yes 1 Yes No C:\WINDOWS\system32\brastk.exe

02902637 Rootkit/Nurech.BC HackTools No 1 Yes No C:\WINDOWS\system32\Drivers\Beep.sys

02902637 Rootkit/Nurech.BC HackTools No 1 Yes No C:\WINDOWS\system32\dllcache\beep.sys

03852919 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP464\A0058791.exe

03898875 Generic Malware Virus/Trojan No 0 Yes No C:\WINDOWS\browser.exe

04043071 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP464\A0058792.exe

04098922 Generic Trojan Virus/Trojan No 0 Yes No C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\X6MKH78K\._file[1].exe

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location

;===============================================================================

================================================================================

=

===================

No C:\hp\bin\KillIt.exe

No C:\WINDOWS\system32\TDSSotcv.dll

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

[jinthavong]

I am having trouble running HiJack This. I've downloaded the installer, but when I double click the icon, nothing happens.

[JeanInMontana]

H jinhavong and welcome to Malwarebytes. Please update MBAM, run a quick scan and this time take action. Your previous log shows that you didn't remove anything. Post the new MBAM log and rename HJT to jinhavong.exe try installing now. Post the log.