Jump to content

Yoog Search and possibly other nasties


Recommended Posts

My parents' computer had a whole mess of trojans and viruses, including, among others, Vundo. I've managed to clear out most of the nasty stuff, but I can't get rid of this stupid Yoog Search. It's hijacked the default search in both Firefox and IE, and isn't being picked up by Avira, MalwareBytes, or Super AntiSpyware. Here's the logfiles:

Malwarebytes' Anti-Malware 1.31

Database version: 1456

Windows 5.1.2600 Service Pack 3

12/20/2008 10:44:54 AM

mbam-log-2008-12-20 (10-44-54).txt

Scan type: Quick Scan

Objects scanned: 74682

Time elapsed: 14 minute(s), 13 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

---------------------------------------------------

;*******************************************************************************

********************************************************************************

*

*******************

ANALYSIS: 2008-12-20 13:32:36

PROTECTIONS: 1

MALWARE: 24

SUSPECTS: 10

;*******************************************************************************

********************************************************************************

*

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

================================================================================

=

===================

Avira AntiVir PersonalEdition 8.0.1.30 Yes Yes

;===============================================================================

================================================================================

=

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

================================================================================

=

===================

00034347 dialer.su Dialers No 0 Yes No hkey_local_machine\software\microsoft\windows\currentversion\uninstall\switch

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Andrew\Cookies\andrew@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@doubleclick[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@atdmt[2].txt

00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@247realmedia[1].txt

00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@fastclick[1].txt

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@tribalfusion[2].txt

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@mediaplex[1].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@ad.yieldmanager[2].txt

00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@apmebf[2].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@bs.serving-sys[1].txt

00168108 Cookie/Tickle TrackingCookie No 0 Yes No C:\Documents and Settings\Nick\Cookies\nick@web.tickle[1].txt

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@server.iad.liveperson[2].txt

00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@advertising[1].txt

00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@statse.webtrendslive[2].txt

00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@ads.pointroll[1].txt

00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@overture[2].txt

00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@questionmarket[2].txt

00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@adrevolver[1].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@go[2].txt

00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Nick\Cookies\nick@go[1].txt

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Cynthia\Cookies\cynthia@atwola[2].txt

00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Andrew\Cookies\andrew@atwola[2].txt

03587590 Adware/Yassist Adware No 0 No No C:\Documents and Settings\Cynthia\Local Settings\Temp\DivE68.tmp\DivXInstaller.exe[

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.