Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Malware Issues...


  • Please log in to reply
19 replies to this topic

#1 kerux99

kerux99

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 26 September 2008 - 04:01 PM

I believe my computer may be infected with something. For several days certain website pages have become "unloadable" even though said pages are readily available from other machines on my home network. Scans by Spybot & Adaware have turned up nothing. BitDefender v.10 did detect a virus it could not remove in an archive file [Trojan.Dropper.VBS.Small.B].

The affected pages seem to be secure login pages, but only some. For instance, I can browse Ebay freely, but if I try to login the sign-up page will only partially load & then goes into "wait" mode indefinitely. The PayPal login page is also unloadable on this machine...but all others have no problem getting to it. Any thoughts are welcome.

kerux99

Edited by kerux99, 26 September 2008 - 04:04 PM.


BC AdBot (Login to Remove)

 


m

#2 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 26 September 2008 - 04:55 PM

http://www.bleepingcomputer.com/forums/ind...mp;#entry944365

Would you run MBAM and post the log

what kind of archive did bitdefender find the worm in?

I would not use any confidental financial sites until I found out what was wrong, best to assume the worst

Edited by DaChew, 26 September 2008 - 04:56 PM.

Chewy

No. Try not. Do... or do not. There is no try.

#3 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 27 September 2008 - 12:24 PM

Here is the log for MBAM:

Malwarebytes' Anti-Malware 1.28
Database version: 1214
Windows 5.1.2600 Service Pack 3

9/27/2008 12:22:46 PM
mbam-log-2008-09-27 (12-22-46).txt

Scan type: Quick Scan
Objects scanned: 50772
Time elapsed: 21 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.


kerux99

#4 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 27 September 2008 - 12:40 PM

http://www.bleepingcomputer.com/forums/ind...mp;#entry948894

ATFCleaner and SAS from safe mode

I am sorry this will take quite a while so find something to do in the meantime

MBAM scans only take 2-3 minutes on my computer, I have very little running in the background
Chewy

No. Try not. Do... or do not. There is no try.

#5 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 27 September 2008 - 10:16 PM

Ran ATF & SAS. Here is SAS log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/27/2008 at 08:43 PM

Application Version : 4.21.1004

Core Rules Database Version : 3581
Trace Rules Database Version: 1569

Scan type : Complete Scan
Total Scan Time : 03:06:00

Memory items scanned : 174
Memory threats detected : 0
Registry items scanned : 6398
Registry threats detected : 0
File items scanned : 97158
File threats detected : 206

Adware.Tracking Cookie
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.buycom.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.dealnews.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.e-2dj6whl4sjdjwfq.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.e-2dj6wjliqlcjobo.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.popularscreensavers.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.popularscreensavers.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.powellsbooks.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.showcount.andale.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.showcount.andale.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.smileycentral.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
traffic.buyservices.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
www.burstbeacon.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
counter.hitslink.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
z.blogads.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.msnbc.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atwola.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
statse.webtrendslive.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
counter.marketplaceadvisor.channeladvisor.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
4.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
www.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.apmebf.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wfkicocjsfp.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjnygoc5seo.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wblysgczihp.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjlycocpkho.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wgmyciazaco.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjkyoldjgco.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.s.clickability.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.s.clickability.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.bellglobemediapublishing.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.phillycom.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]

kerux99

#6 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 27 September 2008 - 10:23 PM

rerun aftcleaner from normal mode and clean firefox


Test your secure login pages
Chewy

No. Try not. Do... or do not. There is no try.

#7 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 27 September 2008 - 11:12 PM

Firefox cleaned.

Pages loading much faster, but basic problem with secure login pages is unchanged. I tried in both IE and Seamonkey (Mozilla)....secure login pages for Ebay & PayPal will load about half way (according to taskbar gauge) and then stall indefinitely.

kerux99

#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 27 September 2008 - 11:23 PM

I am going to go way out a limb here, I had some issues with IE6, spybot sdhelper and sp3 and a certain website

I disabled an addon to isolate the problem

SP3 really tightened security and browsing

just a stab in the dark
Chewy

No. Try not. Do... or do not. There is no try.

#9 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 28 September 2008 - 07:18 AM

I can uninstall Spybot & see if there is any benefit. If SP3 is the problem...don't know exactly how to "roll" XP back to SP2 levels, or if that is even advisable. What stumps me is why only certain secure logins are affected...

kerux99

#10 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 28 September 2008 - 07:31 AM

Web pages use different software, my problem is just with IE6, firefox2 with the noscript addon works great

I would not suggest uninstalling SP3, it's too hard to get it to work already

The spybot addons are easily disabled in manage addons under tools in IE

You have to restart IE, be sure and enable them back after testing
Chewy

No. Try not. Do... or do not. There is no try.

#11 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 28 September 2008 - 07:39 PM

Tested IE6 with Spybot disabled...no improvement. Downloaded IE7 and tested....no improvement. Downloaded Firefox 3.0 and tested....no improvement. Specifically the Ebay sign-on page & Paypal (now owned by Ebay) continue to freeze up on all browsers while other pages including most secure logon pages continue to work fine.

kerux99

#12 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 29 September 2008 - 02:03 PM

well that road was a dead end

would you

Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.
Chewy

No. Try not. Do... or do not. There is no try.

#13 kerux99

kerux99
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:58 PM

Posted 30 September 2008 - 09:16 AM

Here is the new report followed by the others....

SmitFraudFix v2.354

Scan done at 8:53:22.87, Tue 09/30/2008
Run from C:\Documents and Settings\Joe\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\WINDOWS\zHotkey.exe
C:\PROGRA~1\Ahead\NEROPH~1\data\xtras\mssysmgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SHORTK~1\shklite.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\mozilla.org\SeaMonkey\seamonkey.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\system32\cmd.exe

hosts


C:\


C:\WINDOWS


C:\WINDOWS\system


C:\WINDOWS\Web


C:\WINDOWS\system32


C:\Documents and Settings\Joe


C:\Documents and Settings\Joe\Application Data


Start Menu


C:\DOCUME~1\Joe\FAVORI~1


Desktop


C:\Program Files


Corrupted keys


Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"


o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


AntiXPVSTFix
!!!Attention, following keys are not inevitably infected!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="sockspy.dll"


Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


RK



DNS

Description: NVIDIA nForce MCP Networking Controller - Packet Scheduler Miniport
DNS Server Search Order: 192.168.1.1
DNS Server Search Order: 68.238.96.12

HKLM\SYSTEM\CCS\Services\Tcpip\..\{D542BC0A-5FB9-41BE-B945-B8508D49E2E6}: DhcpNameServer=192.168.1.1 68.238.96.12
HKLM\SYSTEM\CS1\Services\Tcpip\..\{D542BC0A-5FB9-41BE-B945-B8508D49E2E6}: DhcpNameServer=192.168.1.1 68.238.96.12
HKLM\SYSTEM\CS2\Services\Tcpip\..\{D542BC0A-5FB9-41BE-B945-B8508D49E2E6}: DhcpNameServer=192.168.1.1 68.238.96.12
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 68.238.96.12
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 68.238.96.12
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 68.238.96.12


Scanning for wininet.dll infection


End


Here is the log for MBAM:

Malwarebytes' Anti-Malware 1.28
Database version: 1214
Windows 5.1.2600 Service Pack 3

9/27/2008 12:22:46 PM
mbam-log-2008-09-27 (12-22-46).txt

Scan type: Quick Scan
Objects scanned: 50772
Time elapsed: 21 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/27/2008 at 08:43 PM

Application Version : 4.21.1004

Core Rules Database Version : 3581
Trace Rules Database Version: 1569

Scan type : Complete Scan
Total Scan Time : 03:06:00

Memory items scanned : 174
Memory threats detected : 0
Registry items scanned : 6398
Registry threats detected : 0
File items scanned : 97158
File threats detected : 206

Adware.Tracking Cookie
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.ads.addynamix.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.bookfinder.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.buycom.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.dealnews.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.e-2dj6whl4sjdjwfq.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.e-2dj6wjliqlcjobo.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.icc.intellisrv.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.popularscreensavers.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.popularscreensavers.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.powellsbooks.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.showcount.andale.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.showcount.andale.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.smileycentral.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
banners.netcraft.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
traffic.buyservices.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
www.burstbeacon.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\default\t6geudpj.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tribalfusion.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.advertising.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.iacas.adbureau.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
counter.hitslink.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.questionmarket.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adopt.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.statcounter.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
z.blogads.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.msnbc.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.atwola.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.zedo.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
statse.webtrendslive.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
counter.marketplaceadvisor.channeladvisor.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
4.adbrite.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
www.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.apmebf.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
ads.revsci.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wfkicocjsfp.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.ads.pointroll.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjnygoc5seo.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
citi.bridgetrack.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.qnsr.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wblysgczihp.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjlycocpkho.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wgmyciazaco.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.dynamic.media.adrevolver.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.e-2dj6wjkyoldjgco.stats.esomniture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.collective-media.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.s.clickability.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.s.clickability.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.adinterax.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.bellglobemediapublishing.122.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.overture.com [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]
.phillycom.112.2o7.net [ C:\Documents and Settings\Joe\Application Data\Mozilla\Profiles\Joe\0h7t1ohg.slt\cookies.txt ]



kerux99

#14 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 30 September 2008 - 09:41 AM

the mbam and sas logs were already posted?

I don't see anything of significant concern in the scans thus far. Malware altering the hosts file usually add entries in the hosts file that blocks security sites, not ebay or paypal.

May be time to have him check his firewall settings. Another thing you could recommend is have him try doing a system restore before the problem started


comments when I asked an expert to look at this thread

I did a little research on bitdefender, it had a poor review for false positives, was very resource intensive

I saw where it was reccomended to relax the security level

I wonder if there's a possible overlap of protection with winpatrol

Damage caused by security programs is very hard to analyze and fix
Chewy

No. Try not. Do... or do not. There is no try.

#15 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:09:58 PM

Posted 30 September 2008 - 09:50 AM

as a side note, not malware related I can tell you INCD is something you don't want installed on your computer, even ahead admits it's not really compatible with windows xp

I moderate a dvd burning forum

the nvidia driver helper app is another thing to disable

http://www.pcpitstop.com/libraries/process...vsvc32.exe.html

this is open to debate

http://www.bleepingcomputer.com/startups/n....exe-11911.html
Chewy

No. Try not. Do... or do not. There is no try.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users