Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win32.Trojan.Yspy


  • This topic is locked This topic is locked

#1
kelkay

kelkay

    Member

  • Member
  • PipPipPip
  • 423 posts
Win32.trojan.yspy

File: C:\Program Files\Yahoo!\Messenger\yacscom.dll
GUID: {2B323CD9-50E3-11D3-9466-00A0C9700498}
RegistryKey:

Zone Alarm Pro found this yesterday. I thought it was a false positive on IE-Spyad software I had just installed before that. But now that I put ignore on it, and rescanned this morning....I see it is from Yahoo Messenger...so this would not be the same. Should I delete this like Zone Alarm believes, or do you also think this is a false positive? I just had a lot of help from someone who really helped me out. I need relief from worry about all these trojans, malware, adware, and other headaches....thank you in advance.
  • 0

Advertisements


#2
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Hey kelkay,

Better post a HijackThis log first. To do so,

Click here to download HJTInstall.exe
  • Save HJTInstall.exe to your desktop.
  • Doubleclick on the HJTInstall.exe icon on your desktop.
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed, it will launch Hijackthis.
  • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
  • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

  • 0

#3
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Here it is, thanks for replying!!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:14 PM, on 6/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\PROGRA~1\DrWeb\SpiderNT.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\DrWeb\spiderui.exe
C:\Program Files\DrWeb\spiderml.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...a...&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - (no file)
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [SpIDerNT] C:\PROGRA~1\DrWeb\spiderui.exe /agent
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (User 'Default user')
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: AT&T Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: PI Monitor.lnk = C:\Program Files\ArcSoft\PhotoImpression 5\PI Monitor.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {A7ECD556-D6F6-4F41-8C6B-14AB246801A0} (Secure Delivery) - http://kdx.omn.org/s...ery/omn/kdx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: SpIDer Guard for Windows NT (spidernt) - Doctor Web, Ltd. - C:\PROGRA~1\DrWeb\SpiderNT.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 12391 bytes
  • 0

#4
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Nothing out of the ordinary.
Let's do some scans.

First, disable the following protections until I give you the all clear.
This may restore/block repairs we may perform on your system.

Spybot S&D (Teatimer)

1. Run Spybot-S&D in Advanced Mode.
2. If it is not already set to do this Go to the Mode menu select "Advanced Mode"
3. On the left hand side, Click on Tools
4. Then click on the Resident Icon in the List
5. Uncheck "Resident TeaTimer" and OK any prompts.
6. Restart your computer.

Ad-Aware (Ad-Watch)

1. Right click on the Ad-Watch icon in the system tray.
2. At the bottom of the screen there will be two checkable items called "Active" and "Automatic".

Active: This will turn Ad-Watch On\Off without closing it
Automatic: Suspicious activity will be blocked automatically

3. Uncheck both of those boxes.

Spywareguard

Right click the running icon of Spywareguard in the system tray to open the program. Then go to Menu, File, and choose Exit. It will automatically restart at next boot.

Next,

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Then,

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Please post back with
- MBAM log
- SuperAntispyware log
  • 0

#5
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I did the Spy Bot S& D part. Now I see it is not in the taskbar on the bottom right of the screen at all. I guess that is partly what you wanted? Ad Aware is not in the system tray it is on the desktop. I did not see what you were talking about. If I right clicked, it did not have what you were talking about. So, it is very late...guess I will look at this when I am rested. I will probably get this done later on tomorrow evening.....going to my father's tomorrow.
  • 0

#6
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
That's fine. Just post back with the logs when you're done. :)
  • 0

#7
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I cannot do the Ad Aware step because I don't have it on the system tray. (bottom right screen-taskbar) If I right click the Ad Aware 2007 from the desk top, it does not do what you were speaking of. Now what? I don't know whether to skip this step or not. I am going to be leaving soon, and was curious about what to do next. I will be leaving and will be gone all day. Just leave a msg here on what you think the next step would be. THANK YOU SO MUCH for helping me.
  • 0

#8
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
You can skip the the Adwatch part. You'll be fine... :)
  • 0

#9
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I am now doing the quick scan. While I was gone today Dr. Web did find a trojan that was on the computer. It took care of it, and now I am just gonna see if there are more. I just went through this very recently...several days ago, and thought my computer was clean. I think my kids are getting the trojans from My Space or something they are doing. I will post scan results when done. Thank you. (Spywareguard is closed, and I am running the Anti-Malware scan)
  • 0

#10
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
The quick scan revealed no malware.

Malwarebytes' Anti-Malware 1.17
Database version: 858

9:25:29 PM 6/15/2008
mbam-log-6-15-2008 (21-25-29).txt

Scan type: Quick Scan
Objects scanned: 47469
Time elapsed: 4 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements


#11
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
How about the SuperAntispyware scan?
  • 0

#12
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I am on that step now.
  • 0

#13
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Here is this log, I don"t know how to retrieve the other log you requested. I fell asleep before this scan ever got through last night. It took a long time to run it. It also has set itself up to run each time I start my computer. Spybot S&D still does not run in the taskbar at bottom right. Should I put it back on the controls it had before, or just leave all the things you had me change?



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/15/2008 at 11:46 PM

Application Version : 4.15.1000

Core Rules Database Version : 3482
Trace Rules Database Version: 1473

Scan type : Complete Scan
Total Scan Time : 02:06:38

Memory items scanned : 411
Memory threats detected : 0
Registry items scanned : 8129
Registry threats detected : 4
File items scanned : 190376
File threats detected : 108

Browser Hijacker.Internet Explorer Zone Hijack
HKU\S-1-5-21-3792878029-4271234764-2959189486-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\doubleclick.net
HKU\S-1-5-21-3792878029-4271234764-2959189486-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\doubleclick.net#*
HKU\S-1-5-21-3792878029-4271234764-2959189486-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\doubleclick.net\www.ad
HKU\S-1-5-21-3792878029-4271234764-2959189486-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\doubleclick.net\www.ad#https

Adware.SurfSideKick
C:\Program Files\SurfSideKick 3

Adware.Apropos Media
C:\Program Files\Aprps

Adware.SpywareStrike
C:\Program Files\SpywareStrike

Adware.WhenU
C:\Program Files\Save
C:\Program Files\Common Files\WhenU
C:\Program Files\WHENUSEARCH

Adware.180solutions/ZangoSearch
C:\Program Files\Zango
C:\Program Files\Zango Programs

Adware.Surf Accuracy
C:\Program Files\SurfAccuracy

Adware.IST/ISTBar (Slotch Bar)
C:\Program Files\ISTBar

Adware.Ezula
C:\WINDOWS\system32\ezstub.exe
C:\WINDOWS\eZinstall.exe
C:\Program Files\Ezula
C:\Program Files\Web Offer

Trojan.SpySheriff
C:\Program Files\SpySheriff

Adware.WebHancer
C:\Program Files\WEBHANCER
C:\Program Files\whInstall

Spyware.WebSearch (WinTools/Huntbar)
C:\Program Files\Common Files\WinTools

Trojan.AdwarePunisher
C:\Program Files\AdwarePunisher

Adware.ClickSpring
C:\Program Files\PuritySCAN

Adware.Sandboxer (MemoryWatcher)
C:\Program Files\MemoryWatcher

Adware.WebNexus
C:\WINDOWS\system32\wuauclt.dll
C:\WINDOWS\wupdt.exe

Adware.BookedSpace
C:\WINDOWS\bsx32
C:\WINDOWS\bs2.dll
C:\WINDOWS\bs3.dll
C:\WINDOWS\bsx5.dll
C:\WINDOWS\bxxs5.dll
C:\WINDOWS\oo4.dll
C:\WINDOWS\system32\acd.dll
C:\WINDOWS\system32\anaamon.dll
C:\WINDOWS\system32\bs2.dll
C:\WINDOWS\system32\bs3.dll
C:\WINDOWS\system32\bsx5.dll
C:\WINDOWS\system32\bxsx5.dll
C:\WINDOWS\system32\bxxs5.dll
C:\WINDOWS\system32\oo4.dll
C:\WINDOWS\system32\rem00001.dll

Trojan.MalwareWipe
C:\Program Files\MalwareWipe.com

Trojan.WinFixer 2006
C:\Program Files\Common Files\WinFixer 2006
C:\Program Files\WinFixer_2006
C:\WINDOWS\system32\dfe1.exe

Trojan.NewDotNet
C:\Program Files\NewDotNet

Adware.Adservs
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._

Adware.Starware
C:\Program Files\Starware

Adware.HotBar/SpamBlockerUtility (Low Risk)
C:\Program Files\SpamBlockerUtility

Adware.HotBar/ShopperReports (Low Risk)
C:\Program Files\ShopperReports

Adware.IST/YourSiteBar
C:\Program Files\YourSiteBar

Trojan.UnSpyPC Spyware Scanner
C:\Program Files\UnSpyPC

Trojan.Unknown Origin
C:\WINDOWS\mslagent

Trojan.PestTrap
C:\Program Files\PestTrap

Trojan.RazeSpyware
C:\Program Files\RazeSpyware

Trojan.AdwareSheriff
C:\Program Files\AdwareSheriff

Trojan.RemedyAntiSpy
C:\Program Files\RemedyAntispy

Trojan.HitVirus
C:\Program Files\HitVirus

Trojan.ADWareBazooka
C:\Program Files\ADWareBazooka

Trojan.RegiFast
C:\Program Files\RegiFast

Adware.Toolbar888
C:\Program Files\Toolbar888

Trojan.SpyFalcon
C:\Program Files\SpyFalcon

Adware.ClearSearch
C:\Program Files\ClearSearch

Trojan.BraveSentry
C:\Program Files\BraveSentry

Adware.Best Offers Network
C:\Program Files\TBONBin

Adware.TrustInCash
C:\Program Files\TrustIn Bar
C:\Program Files\TrustIn Search
C:\Program Files\TrustIn Contextual
C:\Program Files\TrustIn Popups
C:\WINDOWS\system32\tisa.cnf

Trojan.Spyware Stormer
C:\Program Files\Spyware Stormer

Trojan.CDSC63R
C:\WINDOWS\system32\cdscsix3.dll

Adware.Elite Media
C:\WINDOWS\etb

Malware.AlertSpy
C:\Program Files\AlertSpy

Spyware.E2G
C:\Program Files\E2G

Adware.IPWins
C:\Program Files\ipwindows

Adware.BargainBuddy/NaviSearch
C:\Program Files\BullsEye Network
C:\Program Files\NaviSearch

Malware.RegFreeze
C:\Program Files\RegFreeze

Malware.Adware Finder
C:\Program Files\AdFinderToolbar
C:\Program Files\AdwareFinder

Malware.KillAndClean
C:\Program Files\KillAndClean

Malware.AntiVirusGolden
C:\Program Files\AntiviralGolden

Trojan.Media-Codec
C:\Program Files\Media-Codec
C:\Program Files\MMediaCodec

Malware.Antispyware Soldier
C:\Program Files\Antispyware Soldier

Adware.180solutions/Seekmo
C:\Program Files\Seekmo

Malware.DriveCleaner
C:\Program Files\DriveCleaner 2006 Free

Malware.PestCapture
C:\Program Files\PestCapture

Malware.AntiVermins
C:\Program Files\AntiVermins

Adware.AdSponsor
C:\Program Files\AdSponsor

Malware.MalwareAlarm
C:\Program Files\MalwareAlarm

Malware.ContraVirus
C:\Program Files\ContraVirus

Malware.SpyDawn
C:\Program Files\SpyDawn

Malware.MalwareStopper
C:\Program Files\MalwareStopper

Adware.Web Buying
C:\Program Files\Web Buying

Adware.IST/SideFind
C:\Program Files\SideFind

Unclassified.PC MightyMax
C:\Program Files\PC MightyMax

Malware.LocusSoftware Inc/AVSystemCare
C:\Program Files\AVSystemCare

Rogue.AntiVirusProtection
C:\Program Files\Antivirus Protection

Rogue.SpywareRemover
C:\Program Files\Spyware Remover

Rogue.Installer/Trace
C:\Program Files\180search assistant
C:\Program Files\180searchassistant
C:\Program Files\stc

Spyware.ShopNav
C:\Program Files\Srng

Rogue.MyNetProtector
C:\Program Files\MyNetProtector

Rogue.AdwareSpy
C:\Program Files\AdwareSpy

Rogue.ETDScanner
C:\Program Files\ETD Security Scanner

Rogue.MySpyProtector
C:\Program Files\MySpyProtector

Rogue.PCHealthPlan
C:\Program Files\PC Health Plan

Adware.Tracking Cookie
.247realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.a.websponsors.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adknowledge.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adlegend.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz3.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz3.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz6.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz6.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz7.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.cz7.clickzs.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.edge.ru4.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.nextag.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.nextag.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.perf.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.pro-market.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.pro-market.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.reduxads.valuead.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.reduxads.valuead.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.reduxads.valuead.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.reduxads.valuead.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.reduxads.valuead.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.teenpeople.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
ads.pointroll.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
ads4.blastro.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
adserver.matchcraft.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
freecodesource.advertserve.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
ipoint.targetpoint.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
view.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Firefox\Profiles\66suf89g.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.thumbplay.112.2o7.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.tremor.adbureau.net [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Kayla\Application Data\Mozilla\Profiles\default\wjmb53af.slt\cookies.txt ]
.socialmedia.com [ C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\bfi975b0.default\cookies.txt ]
.socialmedia.com [ C:\Documents and Settings\Kelly\Application Data\Mozilla\Firefox\Profiles\bfi975b0.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Firefox\Profiles\1tgxuu3o.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.trafficmp.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
.media6degrees.com [ C:\Documents and Settings\Kyle\Application Data\Mozilla\Profiles\default\3gmxk39s.slt\cookies.txt ]
  • 0

#14
koko_crunch

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Ok next,

Please download SmitfraudFix (by S!Ri) to your Desktop.

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.


Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlog...processutil.htm
  • 0

#15
kelkay

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Zone Alarm blocked me from going there, saying it was spy blocking.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP