Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Bamital!inf


  • Please log in to reply
1 reply to this topic

#1 IanUSA

IanUSA

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 21 August 2010 - 05:48 PM

Greetings:

Firefox browser hijacked.

"Ultimate Defender" and "Animalware doctor" among other things.

Here's scan results per your instructions:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/21/2010 at 02:57 PM

Application Version : 4.41.1000

Core Rules Database Version : 5389
Trace Rules Database Version: 3201

Scan type : Complete Scan
Total Scan Time : 00:35:33

Memory items scanned : 310
Memory threats detected : 0
Registry items scanned : 5886
Registry threats detected : 0
File items scanned : 42131
File threats detected : 8

Adware.Tracking Cookie
C:\Documents and Settings\PCUser\Cookies\pcuser@hornycollector[1].txt
C:\Documents and Settings\PCUser\Cookies\pcuser@www.stopzilla[1].txt
media1.break.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\CVW3BTQR ]
cdn4.specificclick.net [ C:\Documents and Settings\PCUser\Application Data\Macromedia\Flash Player\#SharedObjects\JBEQ8CWX ]
crackle.com [ C:\Documents and Settings\PCUser\Application Data\Macromedia\Flash Player\#SharedObjects\JBEQ8CWX ]
www.naiadsystems.com [ C:\Documents and Settings\PCUser\Application Data\Macromedia\Flash Player\#SharedObjects\JBEQ8CWX ]
www.nudepornstartube.com [ C:\Documents and Settings\PCUser\Application Data\Macromedia\Flash Player\#SharedObjects\JBEQ8CWX ]

Rogue.AntiMalwareDoctor
C:\Documents and Settings\PCUser\Application Data\EA14AB1D9825F08A12ECD1C879280280


And from MBAM:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4459

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.13

8/21/2010 3:42:47 PM
mbam-log-2010-08-21 (15-42-47).txt

Scan type: Quick scan
Objects scanned: 127051
Time elapsed: 4 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\forceclassiccontrolpanel (Hijack.ControlPanelStyle) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

____________________________

Thank you for your help.

--Ian

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,759 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:28 AM

Posted 21 August 2010 - 07:40 PM

IAN yours looks good, please run this o\nline scan next and let me know how it's running.
NOTE: I've split you to your own topic so as nt to be confusing to the original poster.

ESET
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Export to text file... to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Eset Smart Installer icon on your desktop.
  • Check the "YES, I accept the Terms of Use"
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push "List of found threats"
  • Push "Export to text file", and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the "<<Back" button.
  • Push Finish
In your next reply, please include the following:
  • Eset Scan Log


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 21 August 2010 - 07:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users