Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus Xp 2008 Removal - Internet Being Redirected


  • Please log in to reply
2 replies to this topic

#1 WAWS

WAWS

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Largo, Fl
  • Local time:07:38 AM

Posted 02 September 2008 - 11:56 PM

I have been attempting to remove the Antivirus XP 2008 menace for over a week now. I had CA antivirus protection from my local ISP so I began with my ISP. They in turn escalated the call to CA antivirus. The repesentative there worked with me for two days before advising that I reload my operating system and start from scratch. Before taking such drastic action, I began my search within the Bleeping Computer forums.

I am running Windows XP and Internet Explorer

I have found a great deal of helpful info in the forums (and in addition to the scans etc. run with the CA antivirus tech), I have done the following as recomended on the forums:
Cleaned out temporary files, temporary Internet files and Recycle Bin
Scanned with Ad-Aware, Spybot Search and Destroy, Bit Defender (all multiple times) and McAfee Avert Stinger
Enabled Firewall
And attempted to download all the latest Window updates, but am unable to as the Internet is redirected when I attempt to do this.

I have rebooted, scanned, opened in Safe Mode With Networking repeatedly, but get redirected or the notice that the website is unavailable. I have had to download all of the spyware removal tools on a "travel" drive from one computer and then install the files on the infected computer. I am not sure what to try next and would greatly appreciate help in irradicating this pest once and for all.

Thank you!!!!!!!!!!!!!!

BC AdBot (Login to Remove)

 


m

#2 iisjman07

iisjman07

  • Members
  • 94 posts
  • OFFLINE
  •  
  • Local time:06:38 AM

Posted 03 September 2008 - 01:42 AM

Firstly, do as described in this tutorial to remove Antivirus XP:
http://www.bleepingcomputer.com/malware-re...tivirus-xp-2008
Sicne you're being re-directed, I recommend downloading malware bytes from here on a different PC:
http://www.download.com/Malwarebytes-Anti-...4-10804572.html
And the latest database:
http://www.malwarebytes.org/mbam/database/mbam-rules.exe

Then, through internet explorer run the Kaspersky Webscanner:
http://www.kaspersky.com/virusscanner

Please post the malwarebytes log and the kaspersky webscanner log (if possible) in a post here

Edited by iisjman07, 03 September 2008 - 01:47 AM.


#3 WAWS

WAWS
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Largo, Fl
  • Local time:07:38 AM

Posted 03 September 2008 - 12:16 PM

Thank you for your help below I have pasted the Kaspersky and Malwarebytes logs for your review:

KASPERSKY LOG:

Wednesday, September 3, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, September 03, 2008 14:14:52
Records in database: 1188101


Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes

Scan area My Computer
C:\
D:\
E:\
F:\

Scan statistics
Files scanned 68697
Threat name 4
Infected objects 156
Suspicious objects 0
Duration of the scan 00:45:48

File name Threat name Threats count
C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\EXGFE2NM\search44[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\EXGFE2NM\trace[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\EXGFE2NM\trace[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\EXGFE2NM\trace[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\R1YKDRJE\google_com[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\Documents and Settings\Sean D\Local Settings\Temporary Internet Files\Content.IE5\R1YKDRJE\search44[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\239127[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA0QWXFS.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA1TP7KY.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA3B91MP.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA3Z4QQU.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA4S4JDV.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCA7TJXRC.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCADKNIW9.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAH2MPDS.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAIV11O2.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAJUAV87.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAL7UC6R.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAMGAKUG.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCATF9JT7.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\acCAYNDDHI.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[10].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[11].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[8].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ac[9].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\ad[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\gateway[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\gateway[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\gateway[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\gateway[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\GetPageInfo[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\Homepage@x01[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\MA@TopRight[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\mediahit[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\mediahit[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\mediahit[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\PG@Bottom[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\Purple_Onion[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\01234567\undefined[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\acCA10ADJ4.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\acCACZ243O.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\acCAJN3GL2.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\acCAWV8GQZ.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[10].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[11].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[8].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ac[9].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ad[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\ad[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\gateway[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\GetPageInfo[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\GetPageInfo[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\GetPageInfo[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\GetPageInfo[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\Ghostbusters[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\Homepage@x01[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\index[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\mediahit[8].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\MediaList[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\PG@TopRight[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\shows[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\shows[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\undefined;dcmt=xml;sz=1x1;video_id=57203;geo=US;admod=US;tile=15;ord=503252933[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\undefined;dcmt=xml;sz=480x360;video_id=57203;geo=US;admod=US;tile=13;ord=503252933[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\@x01[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\@x01[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCA0MV49S.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCA3KU18Q.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCA3YKSWZ.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAC6E2QG.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCACBV9EP.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAFEVV7M.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAHPEXV7.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCALHSB1S.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCANG08ZP.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAPOWXOQ.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAQV71JF.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCARM3TM5.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCASUQ7U7.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAU7QURY.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAV7VF07.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAVC1U6C.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\acCAX1D9CV.htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[10].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[11].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[8].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ac[9].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ad[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\ad[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\Animated_Music_Videos[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\gateway[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\Homepage@x01[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\index[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\MA@Bottom[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\mediahit[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\mediahit[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\mediahit[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\mediahit[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\mediahit[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\MediaList[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\PG@TopRight[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\shows[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\undefined;dcmt=xml;sz=2x2;video_id=57203;geo=US;admod=US;tile=14;ord=503252933[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[7].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[8].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ac[9].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ad[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ad[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[4].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\GetPageInfo[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\mediahit[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\mediahit[3].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\mediahit[5].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\mediahit[6].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\MediaList[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\PG@Bottom[2].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\shows[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\ypqdredir[1].htm Infected: Trojan-Downloader.JS.Agent.cnn 1

C:\WINDOWS\Temp\TDSS8aea.tmp Infected: Backdoor.Win32.Agent.qmx 1

C:\WINDOWS\Temp\TDSS8bd4.tmp Infected: Trojan-Downloader.Win32.Small.acpi 1

C:\WINDOWS\Temp\TDSS8f30.tmp Infected: Rootkit.Win32.Clbd.jg 1

The selected area was scanned.

MALWAREBYTES' LOG:

Malwarebytes' Anti-Malware 1.26
Database version: 1107
Windows 5.1.2600 Service Pack 2

9/3/2008 10:57:27 AM
mbam-log-2008-09-03 (10-57-27).txt

Scan type: Full Scan (C:\|)
Objects scanned: 108062
Time elapsed: 16 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Sean D\My Documents\Sony.ACID.Pro.v6.0.Incl.Keygen-SSG\KeyGen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users