BleepingComputer.com: Browser redirection hijack (Tubby)?

Jump to content

Forum Rules

When posting your problem, do not run and post a ComboFix log. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

If you have not received help after three days, please post a link to your topic HERE.
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Browser redirection hijack (Tubby)?

#1 User is offline   bocamike 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 22-May 11

Posted 22 May 2011 - 03:55 PM

Hi,

I am in charge of keeping our work computers virus-free. I have successfully used your site for reference in order to remove several viruses at work. Recently, my daughter inadvertently downloaded a browser hijack and possible virus to our home computer.

Doing my normal research and using all the normal tools, Malwarebytes, Ad-aware, ccleaner, SuperAntiSpyware in safe mode, it looks like I had the Browser Hijack.Tubby malware (among others). After following all the normal procedures everything looks clean in the logs and in the scan reports. However, all my browser searches are still getting redirected. Guess I need an experts help.

First SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/22/2011 at 02:51 AM

Application Version : 4.52.1000

Core Rules Database Version : 7110
Trace Rules Database Version: 4922

Scan type : Complete Scan
Total Scan Time : 01:47:35

Memory items scanned : 338
Memory threats detected : 0
Registry items scanned : 7868
Registry threats detected : 10
File items scanned : 88368
File threats detected : 209

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

Trojan.Agent/Gen-Krpytik
C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS\SHARED FILES\DOWNLOAD FILES\CRACK.EXE

Adware.Tracking Cookie
ia.media-imdb.com [ C:\Documents and Settings\anyone\Application Data\Macromedia\Flash Player\#SharedObjects\ZAQ5P45Y ]
media.mtvnservices.com [ C:\Documents and Settings\anyone\Application Data\Macromedia\Flash Player\#SharedObjects\ZAQ5P45Y ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.r1-ads.ace.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
pixel.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.track.parse.ly [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
105-bmp.googleadservices.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
a.media.abcfamily.go.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
a.media.soapnet.go.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
acvs.mediaonenetwork.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
bannerfarm.ace.advertising.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
bc.youporn.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
broadcast.piximedia.fr [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn-www.pornhub.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.eyewonder.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.insights.gravity.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.media.abcfamily.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn4.specificclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cloudfront.mediamatters.org [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
content.oddcast.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
core.insightexpressai.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
ds.serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
googleads.g.doubleclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
ia.media-imdb.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
input.insights.gravity.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
interclick.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
m1.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.mtvnservices.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.scanscout.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.socialvibe.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.tattomedia.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.thewb.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media1.break.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
msnbcmedia.msn.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
naiadsystems.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
objects.tremormedia.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
oddcast.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
piximedia.fr [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
s0.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
secure-uk.imrworldwide.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
secure-us.imrworldwide.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
service.twistage.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
sftrack.searchforce.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
spe.atdmt.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
static.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
udn.specificclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
videos.allelitepass.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
vmixmedia-7.vo.llnwd.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
www.pokertracker.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
www.pornhub.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
yahoo.serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
interclick.com [ C:\Documents and Settings\kids\Application Data\Macromedia\Flash Player\#SharedObjects\ZTU96YSU ]

Trojan.Agent/Gen-Bot
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\UNWISE.EXE
C:\PROGRAM FILES\DVDVIDEOSOFTTB\UNWISE.EXE

Second SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/22/2011 at 02:31 PM

Application Version : 4.52.1000

Core Rules Database Version : 7110
Trace Rules Database Version: 4922

Scan type : Complete Scan
Total Scan Time : 01:40:37

Memory items scanned : 318
Memory threats detected : 0
Registry items scanned : 7870
Registry threats detected : 0
File items scanned : 88093
File threats detected : 0

This post has been edited by hamluis: 23 May 2011 - 02:41 PM
Reason for edit: Moved from MRL to AII, no logs.

#2 User is offline   bocamike 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 2
  • Joined: 22-May 11

Posted 23 May 2011 - 06:56 PM

Hi,

After running several more programs, I have successfully removed the browser redirection Malware.

I know it is not recommended to use without supervision, but I ran ComboFix and then HitmanPro 3.5. It appears to have removed all the malicious Malware. If this solution causes a problem because I used ComboFix please remove these posts. Otherwise, I hope it can benefit others.

Thanks for this forum...

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users