Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't know what's wrong with my laptop. Pleae help!?


  • Please log in to reply
2 replies to this topic

#1 akaellie

akaellie

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 06 December 2010 - 05:33 AM

I'm not sure exactly how to explain this, so I'm just gonna write down everything happened to my laptop and what I did from the beginning... This started happening to me a few days ago - when I clicked on Google search results on Firefox, it kept redirecting me to other websites (with low WOT ratings). I ignored it at first thinking that it was Google's new format, but I realized today that it was Google Redirect Virus. When I realized it, it hit me that before this redirecting happened, I did get a detection pop up from WinPatrol. I can't remember what it was but I think it was something about security.

So, I tried every instruction I could find on the internet and ended up solving the problem (I think). This is how I did:
I downloaded pretty much all the recommended spyware or trojan removers in the instructions I found and they all detected nothing, EXCEPT Hitman Pro 3.5 (64-bit) and PC Tools Spyware Doctor™ 2011. Hitman Pro detected a few 'suspicious' .dll files located in 'Windows' folder including false detections. I couldn't figure out whether those .dll files were dangerous or not, so I quarantined them instead of deleting them. When I ran a scan again after that, nothing came up except the false detections. Spyware Doctor detected actual hijack and trojan infections. I attached my history log but I copy and pasted it here to highlight the ones with alert icons:

12/6/2010 1:24:41 AM:606
Service Started
Spyware Doctor Service Application started
12/6/2010 1:24:41 AM:606
Anti-Malware Engine
Anti-Malware engine configuration loaded successfully.
12/6/2010 1:24:55 AM:958
Scan Started
Scan Type - Intelli-Scan
12/6/2010 1:25:11 AM:753
IntelliGuards status
All IntelliGuards were Enabled
12/6/2010 1:25:31 AM:33
Immunizer Results
ActiveX section has been immunized, Processed 8860 items.
12/6/2010 1:26:37 AM:896
Infection was detected on this computer
Threat Name - Spyware.Possible_Website_Hijack
Type - Bad Host Entry
Risk Level - High
Infection - 212.117.178.25, www.google.com
12/6/2010 1:26:37 AM:897
Infection was detected on this computer
Threat Name - Spyware.Possible_Website_Hijack
Type - Bad Host Entry
Risk Level - High
Infection - 212.117.163.43, search.yahoo.com

12/6/2010 1:28:32 AM:474
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 462704
Threats Detected - 1
Infections Detected - 2
12/6/2010 1:42:20 AM:367
Service Stopped
Spyware Doctor Service Application Stopped
12/6/2010 1:42:45 AM:286
Service Started
Spyware Doctor Service Application started
12/6/2010 1:42:45 AM:286
Anti-Malware Engine
Anti-Malware engine configuration loaded successfully.
12/6/2010 1:42:45 AM:366
IntelliGuards status
All IntelliGuards were Enabled
12/6/2010 1:42:45 AM:536
Smart Update
Smart Update has requested a reboot in order to finish installing updates.
12/6/2010 1:42:48 AM:8
Immunizer Results
ActiveX section has been immunized. No items were processed.
12/6/2010 1:56:34 AM:425
Smart Update
Smart Update has requested a reboot in order to finish installing updates.
12/6/2010 1:57:25 AM:12
Service Stopped
Spyware Doctor Service Application Stopped
12/6/2010 2:02:28 AM:911
Service Started
Spyware Doctor Service Application started
12/6/2010 2:02:28 AM:911
Anti-Malware Engine
Anti-Malware engine configuration loaded successfully.
12/6/2010 2:02:29 AM:1
IntelliGuards status
All IntelliGuards were Enabled
12/6/2010 2:02:31 AM:665
Immunizer Results
ActiveX section has been immunized. No items were processed.
12/6/2010 2:02:34 AM:607
Scan Started
Scan Type - Intelli-Scan
12/6/2010 2:03:05 AM:612
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/6/2010 2:03:05 AM:613
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/6/2010 2:03:05 AM:614
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/6/2010 2:03:05 AM:615
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/6/2010 2:03:05 AM:616
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/6/2010 2:03:05 AM:617
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Key
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme

12/6/2010 2:05:57 AM:950
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 463059
Threats Detected - 1
Infections Detected - 6
12/6/2010 2:09:30 AM:176
Scan Started
Scan Type - Intelli-Scan
12/6/2010 2:09:43 AM:184
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ru4.optout edge.ru4.com
12/6/2010 2:09:43 AM:192
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT 247realmedia.com
12/6/2010 2:09:43 AM:201
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT realmedia.com
12/6/2010 2:09:43 AM:380
Infection was detected on this computer
Threat Name - Spyware.TrustyHound!rem
Type - Cookie
Risk Level - Medium
Infection - untarget adbrite.com
12/6/2010 2:09:43 AM:509
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - aj_optout rotator.adjuggler.com
12/6/2010 2:09:43 AM:557
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - OptOut adtech.de
12/6/2010 2:09:43 AM:845
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ACID advertising.com
12/6/2010 2:09:43 AM:954
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - optout pro-market.net
12/6/2010 2:09:44 AM:5
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NETID01 revsci.net
12/6/2010 2:09:44 AM:108
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NAI adrevolver.com
12/6/2010 2:09:44 AM:114
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - id bluestreak.com
12/6/2010 2:09:44 AM:202
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - BOO www.burstnet.com
12/6/2010 2:09:44 AM:207
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - CMO casalemedia.com
12/6/2010 2:09:44 AM:531
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ID data.coremetrics.com
12/6/2010 2:09:44 AM:638
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - DotomiStatus dotomi.com
12/6/2010 2:09:45 AM:397
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ebOptOut serving-sys.com
12/6/2010 2:09:45 AM:593
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - fastclick fastclick.net
12/6/2010 2:09:46 AM:166
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - svid mediaplex.com
12/6/2010 2:09:46 AM:457
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ntad nextag.com
12/6/2010 2:09:46 AM:573
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - omniture_optout 2o7.net
12/6/2010 2:09:46 AM:845
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRID ads.pointroll.com
12/6/2010 2:09:46 AM:991
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - qoo quantserve.com
12/6/2010 2:09:47 AM:197
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ST questionmarket.com
12/6/2010 2:09:47 AM:249
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - pid smartadserver.com
12/6/2010 2:09:47 AM:298
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ADVIVA specificclick.net
12/6/2010 2:09:47 AM:359
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ADVIVA adviva.net
12/6/2010 2:09:47 AM:376
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - TID tacoda.net
12/6/2010 2:09:47 AM:537
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - TD_OPT_OUT tradedoubler.com
12/6/2010 2:09:47 AM:542
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - naiopt trafficmp.com
12/6/2010 2:09:47 AM:552
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ANON_ID tribalfusion.com
12/6/2010 2:09:47 AM:556
Infection was detected on this computer
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ID adlegend.com
12/6/2010 2:09:47 AM:759
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ITXTCtxtHistOff intellitxt.com
12/6/2010 2:09:47 AM:849
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - WTLOPTOUT webtrendslive.com
12/6/2010 2:09:47 AM:868
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - AFFICHE_W weborama.fr
12/6/2010 2:09:47 AM:978
Infection was detected on this computer
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - optout ad.yieldmanager.com
12/6/2010 2:09:48 AM:39
Infection was detected on this computer
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ZEDOIDA zedo.com
12/6/2010 2:10:04 AM:450
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/6/2010 2:10:04 AM:451
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/6/2010 2:10:04 AM:453
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/6/2010 2:10:04 AM:454
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/6/2010 2:10:04 AM:455
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/6/2010 2:10:04 AM:456
Infection was detected on this computer
Threat Name - Trojan-Downloader.Murlo
Type - Registry Key
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/6/2010 2:11:34 AM:53
Infection was detected on this computer
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\Software\Microsoft\Internet Explorer\SearchScopes, DefaultScope
12/6/2010 2:11:34 AM:55
Infection was detected on this computer
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page (32)
12/6/2010 2:11:34 AM:57
Infection was detected on this computer
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page

12/6/2010 2:11:34 AM:149
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 462982
Threats Detected - 5
Infections Detected - 45
12/6/2010 2:23:01 AM:714
Smart Update
Smart Update has requested a reboot in order to finish installing updates.
12/6/2010 2:35:48 AM:197
Immunizer Results
ActiveX section has been immunized. No items were processed.
12/6/2010 2:36:23 AM:973
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Key
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/6/2010 2:36:23 AM:979
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/6/2010 2:36:24 AM:9
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/6/2010 2:36:24 AM:15
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/6/2010 2:36:24 AM:21
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/6/2010 2:36:24 AM:25
Infection quarantined
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/6/2010 2:36:24 AM:55
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Key
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/6/2010 2:36:24 AM:56
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/6/2010 2:36:24 AM:56
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/6/2010 2:36:24 AM:57
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/6/2010 2:36:24 AM:57
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/6/2010 2:36:24 AM:58
Infection cleaned
Threat Name - Trojan-Downloader.Murlo
Type - Registry Value
Risk Level - High
Infection - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/6/2010 2:36:24 AM:76
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ZEDOIDA zedo.com
12/6/2010 2:36:24 AM:76
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - AFFICHE_W weborama.fr
12/6/2010 2:36:24 AM:77
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ANON_ID tribalfusion.com
12/6/2010 2:36:24 AM:78
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - TID tacoda.net
12/6/2010 2:36:24 AM:78
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ADVIVA specificclick.net
12/6/2010 2:36:24 AM:79
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ST questionmarket.com
12/6/2010 2:36:24 AM:79
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ID data.coremetrics.com
12/6/2010 2:36:24 AM:80
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - id bluestreak.com
12/6/2010 2:36:24 AM:80
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NAI adrevolver.com
12/6/2010 2:36:24 AM:81
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NETID01 revsci.net
12/6/2010 2:36:24 AM:81
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ACID advertising.com
12/6/2010 2:36:24 AM:82
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT realmedia.com
12/6/2010 2:36:24 AM:83
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT 247realmedia.com
12/6/2010 2:36:24 AM:83
Infection cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ru4.optout edge.ru4.com
12/6/2010 2:36:24 AM:167
Infection quarantined
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page
12/6/2010 2:36:24 AM:172
Infection quarantined
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page (32)
12/6/2010 2:36:24 AM:245
Infection quarantined
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\Software\Microsoft\Internet Explorer\SearchScopes, DefaultScope
12/6/2010 2:36:24 AM:283
Infection cleaned
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page
12/6/2010 2:36:24 AM:285
Infection cleaned
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page (32)
12/6/2010 2:36:24 AM:286
Infection cleaned
Threat Name - Spyware.TrustyHound!rem
Type - Modified Registry Value
Risk Level - Medium
Infection - HKEY_USERS\S-1-5-21-1444916539-229501974-3137623562-1000\Software\Microsoft\Internet Explorer\SearchScopes, DefaultScope
12/6/2010 2:36:24 AM:286
Infection cleaned
Threat Name - Spyware.TrustyHound!rem
Type - Cookie
Risk Level - Medium
Infection - untarget adbrite.com
12/6/2010 2:36:24 AM:301
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ID adlegend.com
12/6/2010 2:36:24 AM:301
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - naiopt trafficmp.com
12/6/2010 2:36:24 AM:302
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ADVIVA adviva.net
12/6/2010 2:36:24 AM:302
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - pid smartadserver.com
12/6/2010 2:36:24 AM:303
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRID ads.pointroll.com
12/6/2010 2:36:24 AM:304
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ntad nextag.com
12/6/2010 2:36:24 AM:304
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - svid mediaplex.com
12/6/2010 2:36:24 AM:305
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - fastclick fastclick.net
12/6/2010 2:36:24 AM:305
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - DotomiStatus dotomi.com
12/6/2010 2:36:24 AM:306
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - CMO casalemedia.com
12/6/2010 2:36:24 AM:306
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - BOO www.burstnet.com
12/6/2010 2:36:24 AM:307
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - optout pro-market.net
12/6/2010 2:36:24 AM:307
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - OptOut adtech.de
12/6/2010 2:36:24 AM:308
Infection cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - aj_optout rotator.adjuggler.com
12/6/2010 2:36:24 AM:328
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - optout ad.yieldmanager.com
12/6/2010 2:36:24 AM:329
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - WTLOPTOUT webtrendslive.com
12/6/2010 2:36:24 AM:329
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ITXTCtxtHistOff intellitxt.com
12/6/2010 2:36:24 AM:330
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - TD_OPT_OUT tradedoubler.com
12/6/2010 2:36:24 AM:330
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - qoo quantserve.com
12/6/2010 2:36:24 AM:330
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - omniture_optout 2o7.net
12/6/2010 2:36:24 AM:331
Infection cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ebOptOut serving-sys.com

12/6/2010 2:36:26 AM:979
Infections Quarantined/Removed Summary
Quarantined - 9
Quarantine Failed - 0
Removed - 45
Remove Failed - 0
12/6/2010 2:36:33 AM:311
Scan Started
Scan Type - Intelli-Scan
12/6/2010 2:39:46 AM:284
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 462042
Threats Detected - 0
Infections Detected - 0
12/6/2010 2:40:21 AM:901
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - aj_optout rotator.adjuggler.com
12/6/2010 2:40:21 AM:901
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - OptOut adtech.de
12/6/2010 2:40:21 AM:901
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - optout pro-market.net
12/6/2010 2:40:21 AM:902
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - BOO www.burstnet.com
12/6/2010 2:40:21 AM:902
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - CMO casalemedia.com
12/6/2010 2:40:21 AM:902
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - DotomiStatus dotomi.com
12/6/2010 2:40:21 AM:903
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - fastclick fastclick.net
12/6/2010 2:40:21 AM:903
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - svid mediaplex.com
12/6/2010 2:40:21 AM:903
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ntad nextag.com
12/6/2010 2:40:21 AM:904
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - PRID ads.pointroll.com
12/6/2010 2:40:21 AM:904
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - pid smartadserver.com
12/6/2010 2:40:21 AM:904
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ADVIVA adviva.net
12/6/2010 2:40:21 AM:905
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - naiopt trafficmp.com
12/6/2010 2:40:21 AM:905
IntelliGuard Detection Cleaned
Threat Name - Adware.Advertising
Type - Cookie
Risk Level - Low
Infection - ID adlegend.com
12/6/2010 2:40:21 AM:948
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ru4.optout edge.ru4.com
12/6/2010 2:40:21 AM:949
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT 247realmedia.com
12/6/2010 2:40:21 AM:949
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - RMOPTOUT realmedia.com
12/6/2010 2:40:21 AM:949
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ACID advertising.com
12/6/2010 2:40:21 AM:950
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NETID01 revsci.net
12/6/2010 2:40:21 AM:950
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - NAI adrevolver.com
12/6/2010 2:40:21 AM:950
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - id bluestreak.com
12/6/2010 2:40:21 AM:951
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ID data.coremetrics.com
12/6/2010 2:40:21 AM:951
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ST questionmarket.com
12/6/2010 2:40:21 AM:952
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ADVIVA specificclick.net
12/6/2010 2:40:21 AM:952
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - TID tacoda.net
12/6/2010 2:40:21 AM:952
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ANON_ID tribalfusion.com
12/6/2010 2:40:21 AM:953
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - AFFICHE_W weborama.fr
12/6/2010 2:40:21 AM:953
IntelliGuard Detection Cleaned
Threat Name - Application.TrackingCookies
Type - Cookie
Risk Level - Low
Infection - ZEDOIDA zedo.com
12/6/2010 2:40:22 AM:10
IntelliGuard Detection Cleaned
Threat Name - Spyware.TrustyHound!rem
Type - Cookie
Risk Level - Medium
Infection - untarget adbrite.com
12/6/2010 2:40:22 AM:79
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ebOptOut serving-sys.com
12/6/2010 2:40:22 AM:79
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - omniture_optout 2o7.net
12/6/2010 2:40:22 AM:80
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - qoo quantserve.com
12/6/2010 2:40:22 AM:81
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - TD_OPT_OUT tradedoubler.com
12/6/2010 2:40:22 AM:81
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - ITXTCtxtHistOff intellitxt.com
12/6/2010 2:40:22 AM:82
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - WTLOPTOUT webtrendslive.com
12/6/2010 2:40:22 AM:82
IntelliGuard Detection Cleaned
Threat Name - Trackware.Tracking Cookies!rem
Type - Cookie
Risk Level - Medium
Infection - optout ad.yieldmanager.com
12/6/2010 2:53:39 AM:645
Service Started
Spyware Doctor Service Application started
12/6/2010 2:53:39 AM:645
Anti-Malware Engine
Anti-Malware engine configuration loaded successfully.
12/6/2010 2:53:39 AM:935
IntelliGuards status
All IntelliGuards were Enabled
12/6/2010 2:53:43 AM:665
Immunizer Results
ActiveX section has been immunized. No items were processed.
12/6/2010 3:03:41 AM:508
Scan Started
Scan Type - Full Scan
12/6/2010 3:16:07 AM:155
Smart Update
Smart Update was unable to run because your license has been disabled. Please contact support for further assistance
12/6/2010 3:16:11 AM:577
Immunizer Results
ActiveX section has been immunized. No items were processed.
12/6/2010 3:29:08 AM:148
Scan Finished
Scan Type - Full Scan
Items Processed - 172381
Threats Detected - 0
Infections Detected - 0
12/6/2010 3:29:17 AM:472
Scan Started
Scan Type - Intelli-Scan
12/6/2010 3:32:14 AM:862
Scan Finished
Scan Type - Intelli-Scan
Items Processed - 461914
Threats Detected - 0
Infections Detected - 0
12/6/2010 3:32:58 AM:398
IntelliGuards status
All IntelliGuards were Deactivated for 15min
12/6/2010 3:33:01 AM:573
Immunizer Results
The ActiveX section has been Unimmunized, Processed 8860 items.
12/6/2010 3:33:01 AM:896
IntelliGuards status
All IntelliGuards were Enabled
12/6/2010 3:34:13 AM:515
Immunizer Results
ActiveX section has been immunized, Processed 8860 items.


During this process, WinPatrol detected something again and I got a 'WinPatrol File Type Change Alert' saying that file type association .SCR has been changed. I clicked 'no' that the change is not ok. But the same message popped up every couple minutes. After removing threat detections on Spyware Doctor, the redirecting stopped and everything worked fine. BUT, when I restarted the windows, a black screen appeared with a text 'Hitman Pro 3.5' and I had to press 'enter' in order to get to the log in screen. I thought it was caused by what I quarantined, so I uninstalled Hitman Pro. Also, I'm still getting this'WinPatrol File Type Change Alert' pop up so I know something's still wrong. You can see the message on 'problem1.jpg' file I attached. Also, when I checked 'File Types' tab on WinPatrol, I noticed that all programs shown on WinPatrol were associated to either Execuatble, .EXE, or .DLL as 'Command' and 'Microsoft Corporation' as 'Company' EXCEPT 'Screen saver'. You can see that on the 'problem2.jpg' file I attached.


Edit: Moved topic from Win 7 to the more appropriate forum. ~ Animal
1. How do I unquarantine what I quarantined on Hitman Pro? This program didn't make a quarantine folder even when I had it installed. (or I can't find one)

2. Could you tell me what's the problem with .SCR file on my laptop? How do I change it back to normal?

3. How do I make sure if my laptop is completely hijack, trojan free?

Please help me before anything gets worse! Thanks

122.161.58.19

Attached Files



BC AdBot (Login to Remove)

 


#2 akaellie

akaellie
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 06 December 2010 - 05:43 AM

I just restarted windows again after I posted this thread (the first time restarting after I uninstalled Hitman Pro) and that black screen with 'Hitman Pro' text didn't appear. BUT, the log in screen came up unusually slow. And when my desktop showed up, 2 invisible 'desktop.ini' files appeared as if I made them to be visible. I'm attaching the screen shot. Why is this happening? Please help!

Attached Files



#3 BoogieJack

BoogieJack

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 02 January 2011 - 07:49 PM

You might check with MicroSoft about the 2 desktop.ini files or do a search on the problem. This was a Vista problem when it first came out.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users