Technology Forum

Technology Forum


Google redirection malware removal assistance

This is a discussion on Google redirection malware removal assistance within the Spyware forums, part of Technology category; Hii need some help removing some malware from my system. Everytime I click on a search in Google I am ...




Go Back   Technology Forum > Technology > Spyware

Google redirection malware removal assistance Google redirection malware removal assistance

Register FAQ Members List Calendar Search Today's Posts Mark All Read

Reply

 

Thread Tools Display Modes
  #1  
Old 09-07-2008, 10:24 AM
Tech Ace Tech Ace is offline
Senior Member
  
Join Date: Apr 2008
Posts: 30,703
Default Google redirection malware removal assistance



Hii need some help removing some malware from my system. Everytime I click on a search in Google I am redirected somewhere else evertime.Attached are the logs from Active Scan and Highjack This.I haven't disinfected my computer as per step three as the site says it is a function for paying customers.Is it worthwhile to pay for the program or is there another way. any help would be much appreciated.CheersMickLogfile of HijackThis v1.99.1Scan saved at 1:37:58 PM, on 7/09/2008Platform: windows xp SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\s ystem32\csrss.exeC:\WINDOWS\system32\winlogon.exeC :\WINDOWS\system32\services.exeC:\WINDOWS\system32 \lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDO WS\system32\svchost.exeC:\WINDOWS\system32\svchost .exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\syst em32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\ WINDOWS\system32\svchost.exeC:\WINDOWS\system32\sp oolsv.exeC:\WINDOWS\system32\CTSvcCDA.EXEC:\Progra m Files\Common Files\McAfee\HackerWatch\HWAPI.exeC:\Program Files\McAfee\SiteAdvisor\McSACore.exeC:\PROGRA~1\M cAfee\MSC\mcmscsvc.exec:\program files\common files\mcafee\mna\mcnasvc.exeC:\PROGRA~1\McAfee\VIR USS~1\mcods.exeC:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exec:\ PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exeC:\P ROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\PROGRA~1\Mc Afee\VIRUSS~1\mcsysmon.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\McAfee\MPF\MPFSrv.exeC:\PROGRA~1\McAfee\MPS\ mps.exeC:\WINDOWS\Explorer.EXEC:\Program Files\McAfee\MSK\MskSrver.exeC:\Program Files\McAfee\MPS\mpsevh.exeC:\PROGRA~1\mcafee.com\ agent\mcagent.exeC:\WINDOWS\system32\svchost.exeC: \WINDOWS\system32\MsPMSPSv.exeC:\WINDOWS\stsystra. exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\Prog ram Files\Dell Photo AIO Printer 924\dlccmon.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\P rogram Files\Logitech\Video\LogiTray.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\McAfee\MSK\MskAgent.exeC:\Program Files\Java\jre1.5.0_11\bin\jusched.exeC:\Program Files\DropBox\DropBox\DropBox.exeC:\Program Files\Dell Support\DSAgnt.exeC:\WINDOWS\system32\ctfmon.exeC: \Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exeC:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Digital Line Detect\DLG.exeC:\Program Files\LG Electronics\LG PC Sync\LGSyncManager.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\ dlcccoms.exeC:\WINDOWS\System32\alg.exeC:\Program Files\Logitech\Video\FxSvr2.exec:\progra~1\common~ 1\instal~1\update~1\isuspm.exeC:\Program Files\Common Files\InstallShield\UpdateService\agent.exec:\prog ram files\mcafee\msc\mcuimgr.exeC:\Program Files\Java\jre1.5.0_11\bin\jucheck.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exeC:\WINDOWS\system32\rundll32. exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/homepage/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://au.mcafee.com/root/regwizard/...optusnet.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhostR3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dllO3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNCO4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNCO4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMENameO4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exeO4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtim e.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe"O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"O4 - HKLM\..\Run: [DropBoxUtility] "C:\Program Files\DropBox\DropBox\DropBox.exe" /sO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startupO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exeO4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" bootO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologonO4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silentO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Digital Line Detect.lnk = ?O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG Electronics\LG PC Sync\LGSyncManager.exeO4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exeO4 - Global Startup: Picture Package Menu.lnk = ?O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO11 - Options group: [INTERNATIONAL] International*O14 - IERESET.INF: START_PAGE_URL=http://dsl.optusnet.com.au/O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...ploader.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{50F2DFA2-F6D4-490C-AC3C-E2A99BE2D75A}: NameServer = 85.255.116.114,85.255.112.91O17 - HKLM\System\CCS\Services\Tcpip\..\{8CFDC852-D5CD-4A6D-B8EE-BEAF8C38518A}: NameServer = 85.255.116.114,85.255.112.91O17 - HKLM\System\CCS\Services\Tcpip\..\{B0E1C0B7-B76F-4345-9DB6-8D5692DE4EC7}: NameServer = 85.255.116.114,85.255.112.91O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.114 85.255.112.91O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.114 85.255.112.91O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dllO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dllO18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL LO20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dllO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXEO23 - Service: dlcc_device - - C:\WINDOWS\system32\dlcccoms.exeO23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exeO23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exeO23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exeO23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exeO23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exeO23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exeO23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exeO23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeO23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exeO 23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeO23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exeO23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exeO23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exeO23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exeActive log;********************************************** ************************************************** ************************************************** *********************************ANALYSIS: 2008-09-07 15:30:42PROTECTIONS: 2MALWARE: 57SUSPECTS: 2;************************************************ ************************************************** ************************************************** *******************************PROTECTIONSDescript ion Version Active Updated;========================================== ================================================== ================================================== =====================================McAfee Internet Security Suite 2007 7.2 No NoMcAfee VirusScan Plus 11.2 No No;=============================================== ================================================== ================================================== ================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;========================================= ================================================== ================================================== ======================================00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@doubleclick[1].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@atdmt[2].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@tribalfusion[2].txt00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@mediaplex[1].txt00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@anm.co[1].txt00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@anm.co[1].txt00147806 Cookie/7search TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@7search[2].txt00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@clickbank[1].txt00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@clickbank[1].txt00149116 Cookie/Ccbill TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\Cookies\michael@ccbill[1].txt00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@findwhat[1].txt00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@findwhat[1].txt00162900 Cookie/MediaTickets TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@kinghost[1].txt00162900 Cookie/MediaTickets TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\Cookies\michael@kinghost[1].txt00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@com[1].txt00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@com[2].txt00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@stats1.clicktrack s[2].txt00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@xiti[1].txt00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@xiti[1].txt00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@gostats[1].txt00167744 Cookie/GoStats TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@gostats[2].txt00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@azjmp[1].txt00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temp\Cookies\rebecca@azjmp[1].txt00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@azjmp[1].txt00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@toplist[1].txt00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@counter.hitslink[1].txt00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@counter.hitslink[1].txt00167767 Cookie/WegCash TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@programs.wegcash[2].txt00167785 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@gamearena.com[2].txt00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@perf.overture[1].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temp\Cookies\rebecca@apmebf[1].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\Cookies\michael@apmebf[1].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@apmebf[2].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@apmebf[1].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@serving-sys[1].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@bs.serving-sys[2].txt00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@www.burstbeacon[2].txt00168114 Cookie/onestat.com TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@stat.onestat[2].txt00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@statse.webtrendsl ive[3].txt00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@statse.webtrendsl ive[2].txt00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temp\Cookies\rebecca@statse.webtrendslive[2].txt00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@fortunecity[1].txt00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@overture[2].txt00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@questionmarket[1].txt00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@metriweb[1].txt00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@888[1].txt00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@cassava[1].txt00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\Cookies\michael@cs.sexcounter[2].txt00175950 Cookie/cs.sexcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@cs.sexcounter[2].txt00180246 Cookie/XXXCounter TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@xxxcounter[1].txt00184086 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@image.checkmystat s.com[2].txt00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@stats1.reliablest ats[2].txt00187741 Cookie/BannerBank TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@ad10.bannerbank[1].txt00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temp\Cookies\rebecca@go[2].txt00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@go[1].txt00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@go[2].txt00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@target[2].txt00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@target[1].txt00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@did-it[2].txt00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@www.errorsafe[1].txt00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@errorsafe[2].txt00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@www3.addfreestats[1].txt00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@www6.addfreestats[2].txt00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@www1.addfreestats[1].txt00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@stats.drivecleane r[2].txt00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@drivecleaner[1].txt00296982 Cookie/Clixgalore TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@clixgalore[1].txt00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@citi.bridgetrack[2].txt00505447 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@go.winantispyware[1].txt00505449 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@winantispyware[2].txt01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@enhance[2].txt01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@enhance[1].txt01196326 Cookie/GoClick TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@goclick[2].txt01196326 Cookie/GoClick TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@goclick[1].txt01343188 Adware/WebSearch Adware No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\{39C28F3B-E161-4AF2-BAF8-58A77C0F6F00}\_extra\objects\cmdline.dll01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Michael\Cookies\michael@adserver.easyad[1].txt01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Rebecca\Cookies\rebecca@adserver.easyad[1].txt02660112 Application/MyWebSearch HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temp\apbarSp.Speedbit.exe02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\0YQS3B6Z\98550_DDB045.jpg[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\3AS6KJAC\t83222_Dr.Pissfront[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\3AS6KJAC\t84150_Dr.PissCD1[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\54SDL7QK\favicon[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\JNIS67T9\googleadsevices_com[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\JNIS67T9\t84151_Dr.PissCD2[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Rebecca\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714 092295550497DD56F5700402897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Rebecca\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B5 7B3142E455B38A6EB9201502897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Michael\Local Settings\Temporary Internet Files\Content.IE5\0YQS3B6Z\t98550_DDB045[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temporary Internet Files\Content.IE5\8FV0WM15\flashsecuritypolicy_xml[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\Documents and Settings\Rebecca\Local Settings\Temporary Internet Files\Content.IE5\F0IKDSVJ\v52[1].htm02897167 Exploit/iFrame HackTools No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Applicati on Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714 092295550497DD56F5700402897167 Exploit/iFrame HackTools No 0 Yes No C:\WINDOWS\system32\config\systemprofile\Applicati on Data\Microsoft\CryptnetUrlCache\Content\94308059B5 7B3142E455B38A6EB92015;=========================== ================================================== ================================================== ================================================== ==SUSPECTSSent Location ;================================================= ================================================== ================================================== ==============================No C:\Documents and Settings\Michael\Local Settings\Temp\bcsetup.exe[C:\Documents and Settings\Michael\Local Settings\Temp\bcsetup.exe][setup.exe]No C:\WINDOWS\system32\kdpjh.exe ;================================================= ================================================== ================================================== ==============================VULNERABILITIESId Severity Description ;================================================= ================================================== ================================================== ============================== 184380 MEDIUM MS08-002 184379 MEDIUM MS08-001 ;================================================= ================================================== ================================================== ==============================
Reply With Quote
Reply

« Help: redirecting search engine hits | Please help - Desktop warning message taking over my computer »
Thread Tools
Display Modes
Linear Mode Linear Mode


Similar Threads

Thread Thread Starter Forum Replies Last Post
Zlob Infection - Incomplete Removal, Requesting for assistance Tech Ace Spyware 0 09-11-2008 11:14 AM
need help with redirection malware Tech Ace Spyware 0 09-09-2008 02:04 AM
Malware removal help... Tech Ace Spyware 0 06-21-2008 12:35 PM
Urgent! My XP SP2 have malware activity!.. cannot remove using malware removal tool Tech Ace Windows XP 0 05-24-2008 03:13 AM
Well hidden malware, need assistance with removal Tech Ace Spyware 0 04-27-2008 09:28 PM

Networking | Windows Vista | Motherboards | Hard Drives | Virus Information | 0x8007f0f1 | hellzlittlespy | Chrome Plugins

Your Computer Networking, Hardware, Software, Windows, Spyware and Malware Info source.


Tech Articles: Cameras | Cell Phones | Security | Hardware | Software | Television

SEO | Domain Forum


All times are GMT. The time now is 02:27 PM.

Contact Us - Tech Forum - Sitemap - Tags - Privacy Statement - Top


Powered by vBulletin® Version 3.7.3