BleepingComputer.com: All antivirus tools and anivirus tools aren't working

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

All antivirus tools and anivirus tools aren't working

#1 User is offline   Suchiththa 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 29-October 09

Posted 29 October 2009 - 10:25 PM

Hi,
I'm running windows on a macbook pro laptop using bootcamp.
it's an intel core 2 duo 2.8ghz
4 GB of ram i believe..
running windows and mac
mac snow leopard
windows xp service pack 3( this is where the issue is atm)
Nvidia Gforce 9600GT VGA card


i'm running windows on bootcamp and i'm having some issues only on windows at the moment...
1). Random adware showing up when i'm when i'm not even using my browser....
2). Tried to use all of the software recommended to fixing this but i get the error
"Windows cannot find the specified device, path or file. You may not have the appropriate permissions to access the item."
This message shows up once i have succesfully run any of the programs once and they even update themselves....and have ordered them to do anything. i.e superantispyware found adware .. when i asked it to remove it , it suddenly closed and i cannot open it again. same issue with malwarebytes and hijackthis and spybot search and destroy. as soon as it created the log it closed and i cant get it open again..I also managed to do a scan on panda active scan. the logs obtained from panda and avg 9.0 are below.Also i can scan with avg successfully but after it restarted the first tiem the resident shield disabled itself.just a note i have confirmed that the trojan thats affecting me is Zlob.kh
only CCcleaner runs successfully... Please help asap!!!!

also a question.. can spyware. etc. on my windows partition affect my mac partition???


Thank you..




Avg log(a week old now)

"Scan ""Scan whole computer"" was finished."
"Infections";"2";"2";"0"
"Warnings";"155";"155";"0"
"Folders selected for scanning:";"Scan whole computer"
"Scan started:";"Thursday, October 22, 2009, 6:10:09 PM"
"Scan finished:";"Thursday, October 22, 2009, 6:47:59 PM (37 minute(s) 50 second(s))"
"Total object scanned:";"192213"
"User who launched the scan:";"User"

"Infections"
"File";"Infection";"Result"
"C:\System Volume Information\_restore{05CBB0D5-E808-4B5D-9398-4C671E853589}\RP33\A0010857.exe";"Trojan horse Generic15.GXT";"Moved to Virus Vault"
"C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\BWCMUWSQ\3656b9eddb95cfb9d7f013ed46b015a2[1].htm";"Virus found FakeAlert";"Moved to Virus Vault"

"Warnings"
"File";"Infection";"Result"
"C:\Documents and Settings\User\Cookies\user@zedo[2].txt:\zedo.com.c1dd09f2";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@zedo[2].txt:\zedo.com.27f1639b";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@zedo[2].txt";"Found Tracking cookie.Zedo";"Healed"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt:\tacoda.net.ed9c50d1";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt:\tacoda.net.cd7ce44f";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt:\tacoda.net.5935e89";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt:\tacoda.net.4366831a";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt:\tacoda.net.27341d57";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@tacoda[1].txt";"Found Tracking cookie.Tacoda";"Healed"
"C:\Documents and Settings\User\Cookies\user@realmedia[1].txt:\realmedia.com.ef906bac";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@realmedia[1].txt:\realmedia.com.855b46d";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@realmedia[1].txt";"Found Tracking cookie.Realmedia";"Healed"
"C:\Documents and Settings\User\Cookies\user@overture[1].txt:\overture.com.d727de6f";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@overture[1].txt:\overture.com.bbef524a";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@overture[1].txt:\overture.com.52ca467a";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@overture[1].txt";"Found Tracking cookie.Overture";"Healed"
"C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt:\mediaplex.com.f652b123";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@mediaplex[1].txt";"Found Tracking cookie.Mediaplex";"Healed"
"C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt";"Found Tracking cookie.Doubleclick";"Healed"
"C:\Documents and Settings\User\Cookies\user@clickbank[1].txt:\clickbank.net.82079eb1";"Found Tracking cookie.Clickbank";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@clickbank[1].txt";"Found Tracking cookie.Clickbank";"Healed"
"C:\Documents and Settings\User\Cookies\user@atdmt[2].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@atdmt[2].txt:\atdmt.com.7247c262";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@atdmt[2].txt";"Found Tracking cookie.Atdmt";"Healed"
"C:\Documents and Settings\User\Cookies\user@advertising[2].txt:\advertising.com.525a5fb9";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@advertising[2].txt:\advertising.com.1dfa2206";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@advertising[2].txt";"Found Tracking cookie.Advertising";"Healed"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.ff92306";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.eec26c3e";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.e626e6be";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.b68f2b7b";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.8a47878";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.87a9ab5d";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.557bf2b0";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt:\ad.yieldmanager.com.539b0606";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[1].txt";"Found Tracking cookie.Yieldmanager";"Healed"
"C:\Documents and Settings\User\Cookies\user@247realmedia[1].txt:\247realmedia.com.ef906bac";"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@247realmedia[1].txt:\247realmedia.com.855b46d";"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Cookies\user@247realmedia[1].txt";"Found Tracking cookie.247realmedia";"Healed"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.f462b69f";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.f1d14556";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.dd15d628";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.cef1c7af";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.c1dd09f2";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.a5b6a132";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\zedo.com.27f1639b";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\yadro.ru.c77afad5";"Found Tracking cookie.Yadro";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\tribalfusion.com.dcc03271";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\trafficmp.com.f3e5803e";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\trafficmp.com.e2e71e33";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\trafficmp.com.ae53b8b";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\trafficmp.com.a00e30b4";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\trafficmp.com.37644bdb";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\tacoda.net.c4fe2ebb";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\tacoda.net.4366831a";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\tacoda.net.27341d57";"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\statse.webtrendslive.com.b4ca7df0";"Found Tracking cookie.Webtrendslive";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\smartadserver.com.c5827141";"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\smartadserver.com.5550c4ed";"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\smartadserver.com.3e749ab9";"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\smartadserver.com.321a5cf8";"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.c9034af6";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.6a1cf9e8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.606c3d3b";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.4b416ef8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.400f83f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\serving-sys.com.255d6f2f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\searchportal.information.com.3a8d7204";"Found Tracking cookie.Information";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.e9dbeb91";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.8642c85d";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.55564293";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.50e13b1b";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.44927ec";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.2df99d79";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revsci.net.26b016c3";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\revenue.net.bcf44ea1";"Found Tracking cookie.Revenue";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\realmedia.com.e14be39e";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\realmedia.com.855b46d";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\realmedia.com.125a868c";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\questionmarket.com.4dd5e426";"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\questionmarket.com.3eb5a9f1";"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\pro-market.net.bbf67f2d";"Found Tracking cookie.Pro-market";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\pro-market.net.b51604f4";"Found Tracking cookie.Pro-market";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\pro-market.net.679dd108";"Found Tracking cookie.Pro-market";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\pro-market.net.266912e2";"Found Tracking cookie.Pro-market";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\overture.com.d727de6f";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\overture.com.52ca467a";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\msnportal.112.2o7.net.7225be6f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\mediaplex.com.f652b123";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\mediaplex.com.dc30fb3c";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\media.adrevolver.com.7fd89687";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\m.webtrends.com.b4ca7df0";"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\hitbox.com.2b95f8a3";"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.fac3d6f0";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.9b41aa53";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.94ca190b";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.90da2802";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.8dd1284a";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.8a6435e9";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.6fd479aa";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\fastclick.net.57e8da10";"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\enhance.com.378d31e7";"Found Tracking cookie.Enhance";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\enhance.com.2ff9c31e";"Found Tracking cookie.Enhance";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\clickbank.net.82079eb1";"Found Tracking cookie.Clickbank";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.fb62dd4b";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.987e6b46";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.8c65eddd";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.80ad4799";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.650648e8";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.3a28db8d";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.1773afc";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.156cbc67";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\casalemedia.com.12e6c053";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\burstnet.com.c4fe2ebb";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\burstnet.com.a3218a37";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\burstnet.com.27341d57";"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\burstbeacon.com.c4fe2ebb";"Found Tracking cookie.Burstbeacon";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\bs.serving-sys.com.5bf1f00f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\bluestreak.com.bf396750";"Found Tracking cookie.Bluestreak";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\atdmt.com.9e6d7fd3";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\atdmt.com.74c5668";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\atdmt.com.7247c262";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.525a5fb9";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.1dfa2206";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adrevolver.com.f6cfcad4";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adrevolver.com.9b9d670a";"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adengage.com.6b2a3f1";"Found Tracking cookie.Adengage";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adbrite.com.d5e309c2";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adbrite.com.71beeff9";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\adbrite.com.44f92a69";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.ff92306";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.e626e6be";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.c982816c";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.b68f2b7b";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.b4be891c";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.8a47878";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.87a9ab5d";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.830b6f08";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.7bd525e5";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.712ec9fe";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.557bf2b0";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\ad.yieldmanager.com.539b0606";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\2o7.net.ffee2014";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\2o7.net.4ceb623c";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\2o7.net.29c43642";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\247realmedia.com.e6262787";"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite:\247realmedia.com.855b46d";"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
"C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\jyoigmof.default\cookies.sqlite";"Found Tracking cookie.Atdmt";"Healed"







Panda log


;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-10-29 07:35:08
PROTECTIONS: 1
MALWARE: 17
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus Free 9.0 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@atdmt[3].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@mediaplex[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@apmebf[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@overture[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@zedo[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@zedo[3].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@searchportal.information[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@target[1].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No c:\documents and settings\user\cookies\user@ads.addynamix[1].txt
02441996 Exploit/SWF.B Virus/Trojan No 0 Yes Yes c:\riot games\league of legends\air\assets\swfs\summoner.swf
02441996 Exploit/SWF.B Virus/Trojan No 0 Yes Yes c:\riot games\league of legends\air\assets\swfs\map2.swf
02441996 Exploit/SWF.B Virus/Trojan No 0 Yes Yes c:\riot games\league of legends\air\assets\swfs\login.swf
03074964 Trj/CI.A Virus/Trojan No 0 Yes Yes c:\documents and settings\user\my documents\downloads\setup.exe
03675576 Trj/Zlob.KH Virus/Trojan Yes 2 No No globalroot\device\__max++>\a3014288.x86.dll
04753203 Generic Trojan Virus/Trojan No 0 Yes Yes c:\windows\system32\eventlog.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
;===================================================================================================================================================================================




Also a note about CCleaner in the startup there is a new process in task manager so i checked out the registry entries in CCleaner... and there was a new entry which i have deleted once and disabled twice, but it does keep reappearing.It does seem to correspond to the process since....
the entry (in CCleaner) is called PopRock and the registry is under HKCU:Run and the location is C:\ DOCUME~1\User\LOCALS~1\Temp\a.exe

and the entry in task manager is a.exe
I do shut down this process as soon as i load up
it doesn't reappear(in task manager -but sometimes very rarely does) but the registry entry remains...


Thanks again

#2 User is offline   Suchiththa 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 29-October 09

Posted 30 October 2009 - 03:40 PM

Hi again guys
Just wanted to let ur'll know that i also ran VPRE and it removed 2 trojans and healed 4 files..
The log is saved on my windows XP but i cant for some reason manage to connect to the internet now on it. Could it be something to do with the trojan??? if possible i will try to get the end of the log of VPER and post it using a flash drive.Please do try to reply asap
Thanks

#3 User is offline   Suchiththa 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 3
  • Joined: 29-October 09

Posted 31 October 2009 - 12:38 PM

Hi again guys here's the VPER LOG




Scan completed.
Scan time: 00:15:37
Rootkits: 4401 scanned, 0 found
Processes: 28 scanned, 0 found
Modules: 1246 scanned, 0 found
Folders: 4390 scanned, 0 found
Files: 38543 scanned, 4 found
Registry: 44326 scanned, 2 found
Total: 92934 scanned, 6 found
6 threat traces were detected.
Starting clean.
Quarantine {77128BD6-4C14-4DA8-A1FB-26A9BCE998F6} completed.
Quarantine {6BA42DAD-1DC8-416F-88B0-8A8D110CABE5} completed.
Quarantine {0EBDFF0B-865C-4659-87FE-CF92EE3059E6} completed.
Quarantine {4EF81170-9ED0-4D6C-8326-E538360DEBCC} completed.
Clean completed.
Clean time: 00:00:04
4 threats were cleaned.

C:\VIPRERESCUE>

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users