Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antimalware Doctor


  • Please log in to reply
9 replies to this topic

#1 rodnocker1

rodnocker1

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 28 September 2010 - 03:52 AM

Hello,
I've done a search and came up empty so here goes.

I'm running Kaspersky Internet Secutiry 2010 and have been using it for a little over a year with no problems. I also have Hitman Pro and everything has been fine until now.

Last night I ran a full system scan with Kaspersky and now I am getting warnings costantly from a program associated with Hitman called "Antimalware Doctor". It keeps flashing me warnings about a bunch of different modules that are trying to take me to sites that "may contain explicit material" and also telling me that I am under "Hacker attack" from someone trying to "stole" my identification. Each of these warnings contains the warning that I am using an unregistered version which will not remove these modules and that I must register (PAY) to gain access to be able to remove the threats. My Kaspersky tells me that there has been an attempt by a Win generic host but that it has been blocked and that I am protected with no active threats.

Can anyone tell me about this "Antimalware Doctor"? Is this something that I need and want to pay for or do I need to try to get rid of this?

Thanks for any help.

BC AdBot (Login to Remove)

 


#2 JamesFrance

JamesFrance

  • Members
  • 283 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:France/Spain
  • Local time:03:28 AM

Posted 28 September 2010 - 04:30 AM

It is probably this:
http://www.bleepingcomputer.com/virus-remo...imalware-doctor

Surprising Kaspersky let it past.
James

#3 rodnocker1

rodnocker1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 28 September 2010 - 09:52 AM

That's the one alright! I knew I didn't have all of what it claimed and felt that by the way it acted that it in itself might be a " malicious" program, simply because it kept loading itself over and over, no matter how many times I closed it and it kept wanting me to purchase their "full protection".....I wonder if it would have protected me from itself??? Like you, I also was surprised Kaspersky let it through since it is up to date. I'll try the removal tools to get rid of it.
Thanks for the response and help!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,780 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:28 PM

Posted 28 September 2010 - 11:00 AM

I also was surprised Kaspersky let it through since it is up to date.

No single product is 100% foolproof and can prevent, detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense, safe computing and safe surfing habits provides the most complete protection.Please read How Malware Spreads - How did I get infected which explains the most common ways malware is contracted and spread.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 rodnocker1

rodnocker1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 28 September 2010 - 11:33 AM

I apologize for not being clear. I'm not depending on Kaspersky by itself but have several different programs running (or so I thought). This is the 1st time that something has gotten by all of them. I think this could have possibly came from an email that claimed to be from the USPS about a failed shipment delivery and not only did it get by my regular security, it was also scanned by Norton and all said it was clean with no virus/malware.

Edited by rodnocker1, 28 September 2010 - 12:13 PM.


#6 rodnocker1

rodnocker1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 29 September 2010 - 08:03 AM

Well I ran the rkill and it shut Antimalware Doctor down. I had a previous version of Malwarebytes installed that wouldn't update so I removed it and then installed the latest version. It ran for about 35-40 minutes and then suddenly shut my computer down and rebooted the system, which also reloaded the Antimalware Doctor.

I went through the procedure again with the same results. Both times when it rebooted, I received a message that my system had recovered from a fatal error. Could this be associated with running the program or might I have other issues?

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,780 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:28 PM

Posted 29 September 2010 - 08:22 AM

There are no guarantees or shortcuts when it comes to malware removal and the use of specialized fix tools, especially when dealing with backdoor Trojans, Botnets, IRCBots or rootkit components that can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Infections will vary and some will cause more harm to your system then others as a result of it having the ability to download more malicious files. Thus, sometimes it takes several efforts with different, the same or more powerful tools to do the job. Even then, with some types of malware infections, the task can be arduous.

Please download and scan with SUPERAntiSpyware Free
-- If you already use SUPERAntispyware, make sure you are using the most current version as it is frequently updated.
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • Follow these instructions: How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
-- If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner (listed under Popular Links) instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 rodnocker1

rodnocker1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 29 September 2010 - 11:04 AM

Thanks quietman,
I appreciate the help and will give that a try.

Edit to add: This is what SAS came up with:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/30/2010 at 03:43 AM

Application Version : 4.43.1000

Core Rules Database Version : 5608
Trace Rules Database Version: 3420

Scan type : Quick Scan
Total Scan Time : 01:36:00

Memory items scanned : 527
Memory threats detected : 0
Registry items scanned : 1938
Registry threats detected : 14
File items scanned : 11338
File threats detected : 200

Adware.Tracking Cookie
C:\Documents and Settings\Owner\cookies\owner@CA389XN6.txt
C:\Documents and Settings\Owner\cookies\owner@advertising[11].txt
C:\Documents and Settings\Owner\cookies\owner@bs.serving-sys[3].txt
C:\Documents and Settings\Owner\cookies\owner@ad.wsod[10].txt
C:\Documents and Settings\Owner\cookies\owner@questionmarket[1].txt
C:\Documents and Settings\Owner\cookies\owner@statcounter[6].txt
C:\Documents and Settings\Owner\cookies\owner@zedo[4].txt
C:\Documents and Settings\Owner\cookies\owner@apmebf[6].txt
C:\Documents and Settings\Owner\cookies\owner@fastclick[6].txt
C:\Documents and Settings\Owner\cookies\owner@revsci[7].txt
C:\Documents and Settings\Owner\cookies\owner@atdmt[6].txt
C:\Documents and Settings\Owner\cookies\owner@yieldmanager[5].txt
C:\Documents and Settings\Owner\cookies\owner@collective-media[3].txt
C:\Documents and Settings\Owner\cookies\owner@CA1CJEYU.txt
C:\Documents and Settings\Owner\cookies\owner@mediaplex[9].txt
C:\Documents and Settings\Owner\cookies\owner@ads.bleepingcomputer[1].txt
C:\Documents and Settings\Owner\cookies\owner@doubleclick[6].txt
C:\Documents and Settings\Owner\cookies\owner@CA4XA937.txt
C:\Documents and Settings\Owner\cookies\owner@serving-sys[1].txt
C:\Documents and Settings\Owner\cookies\owner@invitemedia[5].txt
a.ads2.msads.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
adknowledge.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
ads2.msads.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
b.ads2.msads.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
bannerfarm.ace.advertising.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
bc.youporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
broadcast.piximedia.fr [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
cdn.media.soapnet.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
cdn1.eyewonder.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
cdn2.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
content.yieldmanager.edgesuite.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
core.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
crackle.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
ia.media-imdb.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
interclick.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
m1.2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
machaikdcj.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
macromedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media.mtvnservices.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media.putfile.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media.scanscout.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media.socialvibe.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media.tattomedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media0.fux.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
media1.break.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
mediastore.verizonwireless.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
msnbcmedia.msn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
multistats.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
objects.tremormedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
oddcast.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
spe.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
track.trackads.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
trackads.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
udn.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
www.machaikdodgecj.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
www.naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
www.weborama.ru [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
yieldmanager.edgesuite.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
yo.static.presidiomedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\Z64DK3VJ ]
.doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.click2houston.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
advertising.sheknows.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.bravenet.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.oasn04.247realmedia.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.chitika.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.edge.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\2pg13nxi.default\cookies.sqlite ]

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID

Trojan.Agent/Gen
HKCR\idid

Adware.MyWebSearch/FunWebProducts
HKLM\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts\Installer
HKLM\SOFTWARE\FunWebProducts\Installer#Dir
HKLM\SOFTWARE\FunWebProducts\Installer#sr
HKLM\SOFTWARE\FunWebProducts\Installer#pl
C:\Program Files\FunWebProducts\Installr\1.bin
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts

Rogue.AntiMalwareDoctor
HKU\S-1-5-21-4283021946-963918322-4271176276-1003\Software\Antimalware Doctor Inc
HKU\S-1-5-21-4283021946-963918322-4271176276-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor
C:\Documents and Settings\Owner\Application Data\BB52BFEB6CD931D103C1870C8A5777DE

Malware.Trace
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

I'm have no idea what it all means but I do know that the SAS got rid of the "Antimalware Doctor" program.

Thanks once again.

Edited by rodnocker1, 30 September 2010 - 05:21 AM.


#9 rodnocker1

rodnocker1
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 30 September 2010 - 05:25 AM

I should have added that when I ran SAS the 1st time, my system rebooted by itself and "Antimalware Doctor was still on there. I ran it a second time this morning and everything is good.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,780 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:28 PM

Posted 30 September 2010 - 08:40 AM

Can you complete a scan with Malwarebytes now?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users