[handhfan]

Okay. But you don't need to register to scan. You can scan without registering.

[Advertisements]

ahh well it took like 15 seconds to register so no real harm done. right now the scans at 8 percent and since theres only 20 gb of stuff on this box my grandpa calls a computer it shouldn't take long

[camster98]

ahh well it took like 15 seconds to register so no real harm done. right now the scans at 8 percent and since theres only 20 gb of stuff on this box my grandpa calls a computer it shouldn't take long

[handhfan]

Okay.

[camster98]

;***********************************************************************************************************************
************************************************************
ANALYSIS: 2009-08-18 23:15:47
PROTECTIONS: 2
MALWARE: 51
SUSPECTS: 3
;***********************************************************************************************************************
************************************************************
PROTECTIONS
Description Version Active Updated
;=======================================================================================================================
============================================================
CA Anti-Virus 9.0.0.115 Yes No
avast! antivirus 4.8.1335 [VPS 090817-0] 4.8.1335 No Yes
;=======================================================================================================================
============================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;=======================================================================================================================
============================================================
00041558 exploit/mhtredir.gen HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{527196A4-B1A3-4647-931D-37BA5AF23037}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@trafficmp[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@casalemedia[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@casalemedia[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@atdmt[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@tradedoubler[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@247realmedia[1].txt
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@bfast[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@fastclick[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@mediaplex[2].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@linksynergy[2].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@linksynergy[1].txt
00145869 Cookie/SpyLog TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@spylog[1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@revenue[2].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@xiti[1].txt
00167730 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@azjmp[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@statcounter[1].txt
00167760 Cookie/Hitslink TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\[email protected][2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@apmebf[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@burstnet[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@burstnet[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\[email protected][1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@adtech[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][4].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@advertising[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\[email protected][1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@overture[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@realmedia[1].txt
00171633 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@questionmarket[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@bluestreak[1].txt
00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@adrevolver[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@go[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][2].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Kenneth De Noble\Cookies\kenneth_de_noble@target[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@target[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\elizabeth_de_noble@atwola[2].txt
00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][1].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Documents and Settings\Elizabeth De Noble\Cookies\[email protected][2].txt
00590315 Rootkit/Agent.LNB HackTools No 0 Yes No C:\System Volume Information\_restore{24ACD26E-EE20-499B-B737-F5CABC75C6E3}\RP904\A0327482.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{24ACD26E-EE20-499B-B737-F5CABC75C6E3}\RP907\A0328661.sys
;=======================================================================================================================
============================================================
SUSPECTS
Sent Location 
;=======================================================================================================================
============================================================
No C:\Documents and Settings\psa30se_en_us.exe 
No C:\Documents and Settings\ytb612_efgsip.exe 
No C:\System Volume Information\_restore{24ACD26E-EE20-499B-B737-F5CABC75C6E3}\RP911\A0328930.exe 
;=======================================================================================================================
============================================================
VULNERABILITIES
Id Severity Description 
;=======================================================================================================================
============================================================
;=======================================================================================================================
============================================================

[handhfan]

Is your computer running better now?

[camster98]

yah its running almost as it was when it was new

[handhfan]

Your logs look clean. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. If you have any questions or other problems, please let me know. Other than that, and the steps below, you should be all set.

Follow these steps to uninstall Combofix and tools used in the removal of malware

• Click START then RUN
• Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

• Make sure you have an Internet Connection.
• Download OTC to your desktop and run it
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
• Click Yes to beging the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Please update Adobe Reader, by downloading and installing Adobe Reader 9.1.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:

• SpywareBlaster to help prevent spyware from installing in the first place.
• SpywareGuard gives you realtime protection from spyware.
• Super Antispyware OR Malwarebytes' Anti-Malware to help remove any spyware that may have gotten on your computer.
• MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites.
• ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed.
• Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. The installation of the Recovery Console in the computer will be our only defense against this threat. For more information and steps to install the Recovery Console see this article. Should you need assistance in installing the Recovery Console, please do not hesitate to ask.

To keep your operating system up to date visit Microsoft Windows Update monthly. Remember to be aware of what emails you open and websites you visit.

Have a safe and happy computing day!

[camster98]

ok thank you for your help.
have a good day

[handhfan]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.