Jump to content

intervalhehehe continued

veighouda2

By veighouda2
in Resolved Malware Removal Logs

 Share

Recommended Posts

veighouda2

veighouda2

Posted
Posted

Hi,

Sorry I posted this in another forum but am definately looking to get some extra help.

Like others when I downloaded the winrar program this problem popped up. I followed the instructions to download and scan with malware and then reboted my computer. The pop up went away but like others my internet problems persisted, wherein when i get onto the internet my google homepage displays in chinese and then i am taken directly to what is obviously a bogus microsoft security alert.

If anyone can help based on my results I would be extreemly grateful.

Thank you all.

Here is my malware log info:

Malwarebytes' Anti-Malware 1.30

Database version: 1450

Windows 5.1.2600 Service Pack 2

12/2/2008 2:47:16 PM

mbam-log-2008-12-02 (14-47-16).txt

Scan type: Quick Scan

Objects scanned: 65662

Time elapsed: 10 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 13

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot.

Registry Keys Infected:

HKEY_CLASSES_ROOT\iehlprobj.iehlprobj.1 (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{495874fe-4a82-4ad1-9476-0b957e0b95eb} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e3ed53c5-7ad5-4df5-9734-afb6e7e5d9db} (Adware.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explore (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\iWin Games\iWinGamesHookIE.dll (Adware.BHO) -> Delete on reboot.

C:\WINDOWS\system32\explore.exe (Trojan.Agent) -> Quarantined and deleted successfully.

And here are the results from my free scna with panda:

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-02 16:38:59

PROTECTIONS: 2

MALWARE: 64

SUSPECTS: 0

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

Norton Antivirus 2005 11.0.17 No No

Norton Antivirus 2007 11.0.17 No No

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00039204 adware/cws Adware No 0 Yes No hkey_classes_root\iehlprobj.iehlprobj

00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@trafficmp[1].txt

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@casalemedia[2].txt

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@casalemedia[1].txt

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.casalemedia.com/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.doubleclick.net/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@doubleclick[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@atdmt[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@atdmt[2].txt

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@tradedoubler[2].txt

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.247realmedia.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.247realmedia.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@247realmedia[2].txt

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@fastclick[2].txt

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.fastclick.net/]

00145466 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@servedby.advertising[2].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@tribalfusion[2].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.tribalfusion.com/]

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@tribalfusion[1].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@mediaplex[1].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@mediaplex[2].txt

00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@anm.co[1].txt

00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ccbill[1].txt

00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@revenue[2].txt

00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[www.myaffiliateprogram.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.com.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@com[1].txt

00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@xiti[1].txt

00167724 Cookie/HotLog TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@hotlog[1].txt

00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@azjmp[1].txt

00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@toplist[2].txt

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@statcounter[2].txt

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@statcounter[2].txt

00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.statcounter.com/]

00167764 Cookie/Sextracker TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@counter7.sextracker[1].txt

00167765 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@hg1.hitbox[2].txt

00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@perf.overture[1].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ad.yieldmanager[2].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[ad.yieldmanager.com/]

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@apmebf[1].txt

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.apmebf.com/]

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@burstnet[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@serving-sys[2].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@serving-sys[3].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.serving-sys.com/]

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@bs.serving-sys[2].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bs.serving-sys.com/]

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bs.serving-sys[1].txt

00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@888[2].txt

00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@www.burstbeacon[2].txt

00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adtech[1].txt

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@server.iad.liveperson[2].txt

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[server.iad.liveperson.net/]

00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@stat.onestat[2].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@advertising[2].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Local Settings\Temp\Cookies\george@advertising[1].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.advertising.com/]

00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@media.adrevolver[3].txt

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@statse.webtrendslive[1].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ads.pointroll[1].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.ads.pointroll.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@overture[2].txt

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.overture.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.overture.com/]

00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@realmedia[1].txt

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@questionmarket[2].txt

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.questionmarket.com/]

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.questionmarket.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@zedo[1].txt

00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.zedo.com/]

00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@int.sitestat[1].txt

00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@int.sitestat[2].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bluestreak[2].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bluestreak.com/]

00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@phg.hitbox[1].txt

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adrevolver.com/]

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adrevolver[1].txt

00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@bravenet[1].txt

00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.bravenet.com/]

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adultfriendfinder.com/]

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.adultfriendfinder.com/]

00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adultfriendfinder[2].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@go[2].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.go.com/]

00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@searchportal.information[1].txt

00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.target.com/]

00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@did-it[1].txt

00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adviva[2].txt

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@atwola[2].txt

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\George\Application Data\Mozilla\Firefox\Profiles\4vodnzhy.default\cookies.txt[.atwola.com/]

00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@smartadserver[1].txt

00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@ehg-dig.hitbox[2].txt

00447834 Adware/Lop Adware No 0 Yes No C:\Program Files\Norton AntiVirus\Quarantine\47431B8F.exe

00521370 Spyware/Iehelp Spyware No 1 No No C:\Documents and Settings\George\Desktop\pageant-princess-setup.exe[iWinGamesHookIE.dll]

01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\George\Cookies\george@adserver.easyad[1].txt

02893775 Spyware/Iehelp Spyware No 1 No No C:\Documents and Settings\George\Desktop\pageant-princess-setup.exe[iWinArcadeLauncher.exe]

02893775 Spyware/Iehelp Spyware No 1 Yes No C:\Program Files\iWin Games\firefox\iWinArcadeLauncher.exe

03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe

03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe

03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Program Files\iWin Games\iWinGamesInstaller.exe

03310023 Trj/Trymedia.gen Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{E25A8471-3F01-4F4B-AE64-4E46312DC2C3}\RP965\A0173788.exe

03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{E25A8471-3F01-4F4B-AE64-4E46312DC2C3}\RP968\A0174585.sys

;===============================================================================

================================================================================

=

===================

SUSPECTS

Sent Location

;===============================================================================

================================================================================

=

===================

;===============================================================================

================================================================================

=

===================

VULNERABILITIES

Id Severity Description

;===============================================================================

================================================================================

=

===================

184380 MEDIUM MS08-002

184379 MEDIUM MS08-001

182048 HIGH MS07-069

182046 HIGH MS07-067

182043 HIGH MS07-064

179553 HIGH MS07-061

176382 HIGH MS07-057

176383 HIGH MS07-058

170911 HIGH MS07-050

170907 HIGH MS07-046

170906 HIGH MS07-045

170904 HIGH MS07-043

164915 HIGH MS07-035

164913 HIGH MS07-033

164911 HIGH MS07-031

;===============================================================================

================================================================================

=

===================

I am planning on going to the hijackthis software as advised unless someone has a better idea.

Link to post
Share on other sites
veighouda2

veighouda2

Posted
  • Author
Posted

This is the result that i got when i did the hijacker scan

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 5:17:19 PM, on 12/2/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\java.exe

C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\vVX6000.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Windows Live Toolbar\msn_sl.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.google.com

O1 - Hosts: 61.157.217.210 www.google.co.uk

O1 - Hosts: 61.157.217.210 www.myspace.com

O1 - Hosts: 61.157.217.210 www.youtube.com

O1 - Hosts: 61.157.217.210 www.facebook.com

O1 - Hosts: 61.157.217.210 www.antispy.com

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.yahoo.co.uk

O1 - Hosts: 61.157.217.210 www.antispyware.com

O1 - Hosts: 61.157.217.210 antispyware.com

O1 - Hosts: 61.157.217.210 antispy.com

O1 - Hosts: 61.157.217.210 www.msn.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.gg.com

O1 - Hosts: 123.251.143.110 www.ghfhj.com

O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com

O1 - Hosts: 123.251.143.110 www.1.com

O1 - Hosts: 123.251.143.110 www.3.com

O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com

O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfld.com

O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com

O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasndfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com

O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com

O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com

O1 - Hosts: 61.157.217.210 www.live.com

O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com

O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com

O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com

O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray

O4 - HKLM\..\Run: [AppMgrGui] C:\Program Files\AppStream\WindowsClient\bin\exeForService.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Believe in Santa\Images\stg_drm.ocx

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121831811779

O16 - DPF: {8E6AA867-94D4-4B4F-8791-1B048F8C122A} (WebInterface Class) - https://fastsend.com/products/Fsplugin.cab

O16 - DPF: {A6FF3C3C-F33A-4269-9300-2682DB3B3441} (McciUtilsRegistry Class) - https://ehelp.telus.net/lwp/static/installe...r_2-0-0_dsl.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab

O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/downloads/gamem...GameManager.cab

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Believe in Santa\Images\armhelper.ocx

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: iWinGamesInstaller - Unknown owner - C:\Program Files\iWin Games\iWinGamesInstaller.exe (file missing)

O23 - Service: Linksys Updater (LinksysUpdater) - Unknown owner - C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--

End of file - 14505 bytes

Link to post
Share on other sites
Raid

Raid

Posted
Posted

Hello.

Start Hijackthis, Click Scan

Select all of these:

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.google.com

O1 - Hosts: 61.157.217.210 www.google.co.uk

O1 - Hosts: 61.157.217.210 www.myspace.com

O1 - Hosts: 61.157.217.210 www.youtube.com

O1 - Hosts: 61.157.217.210 www.facebook.com

O1 - Hosts: 61.157.217.210 www.antispy.com

O1 - Hosts: 61.157.217.210 www.yahoo.com

O1 - Hosts: 61.157.217.210 www.yahoo.co.uk

O1 - Hosts: 61.157.217.210 www.antispyware.com

O1 - Hosts: 61.157.217.210 antispyware.com

O1 - Hosts: 61.157.217.210 antispy.com

O1 - Hosts: 61.157.217.210 www.msn.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.gg.com

O1 - Hosts: 123.251.143.110 www.ghfhj.com

O1 - Hosts: 123.251.143.110 www.cvnbcvnb.com

O1 - Hosts: 123.251.143.110 www.1.com

O1 - Hosts: 123.251.143.110 www.3.com

O1 - Hosts: 123.251.143.110 www.asdf4asdfd.com

O1 - Hosts: 123.251.143.110 www.asdfawsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfatsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfadsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfafsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfagsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasgdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdhfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfjd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfkd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfld.com

O1 - Hosts: 123.251.143.110 www.asdfasdf,d.com

O1 - Hosts: 123.251.143.110 www.asxdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdzfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdcfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfvasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfabsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasndfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdmfd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.11asdfasdfd.com

O1 - Hosts: 123.251.143.110 www.as222dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfa33sdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasd44fd.com

O1 - Hosts: 123.251.143.110 www.asdfasdfd5.com

O1 - Hosts: 123.251.143.110 www.as66dfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdf77asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf8asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf9asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf0asdfd.com

O1 - Hosts: 123.251.143.110 www.asdf-asdfd.com

O1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.com

O1 - Hosts: 61.157.217.210 www.live.com

O1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfeasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfrrasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfttasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfyyasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaiisdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaoosdfd.com

O1 - Hosts: 123.251.143.110 www.asdfappsdfd.com

O1 - Hosts: 123.251.143.110 www.asdfasssdfd.com

O1 - Hosts: 123.251.143.110 www.aswwdfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdeefasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfffasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.com

O1 - Hosts: 123.251.143.110 www.asnnndfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.com

O1 - Hosts: 123.251.143.110 www.asdfaffsdfd.com

O1 - Hosts: 123.251.143.110 www.asdhhfasdfd.com

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [VX6000] C:\WINDOWS\vVX6000.exe

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O23 - Service: iWinGamesInstaller - Unknown owner - C:\Program Files\iWin Games\iWinGamesInstaller.exe (file missing)

Click Fix. Restart your computer. How is it running now?

Link to post
Share on other sites
Raid

Raid

Posted
Posted
It's all working now!

Thank you so much!

Thank you!

:)

Your welcome. :D

I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you.

The fixes and advice in this thread are for this machine only. Do not apply to your machine unless you
Fully Understand
how these programs work and what you're doing. Please start a thread of your own and someone will be happy to help you, just follow the Pre-Hijackthis instructions found here before posting
http://www.malwarebytes.org/forums/index.php?showtopic=2936' rel="external nofollow">
Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.