Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser redirection hijack (Tubby)?


  • Please log in to reply
1 reply to this topic

#1 bocamike

bocamike

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 22 May 2011 - 03:55 PM

Hi,

I am in charge of keeping our work computers virus-free. I have successfully used your site for reference in order to remove several viruses at work. Recently, my daughter inadvertently downloaded a browser hijack and possible virus to our home computer.

Doing my normal research and using all the normal tools, Malwarebytes, Ad-aware, ccleaner, SuperAntiSpyware in safe mode, it looks like I had the Browser Hijack.Tubby malware (among others). After following all the normal procedures everything looks clean in the logs and in the scan reports. However, all my browser searches are still getting redirected. Guess I need an experts help.

First SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/22/2011 at 02:51 AM

Application Version : 4.52.1000

Core Rules Database Version : 7110
Trace Rules Database Version: 4922

Scan type : Complete Scan
Total Scan Time : 01:47:35

Memory items scanned : 338
Memory threats detected : 0
Registry items scanned : 7868
Registry threats detected : 10
File items scanned : 88368
File threats detected : 209

Browser Hijacker.Tubby
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#URLInfoAbout
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar#EstimatedSize

Trojan.Agent/Gen-Krpytik
C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS\SHARED FILES\DOWNLOAD FILES\CRACK.EXE

Adware.Tracking Cookie
ia.media-imdb.com [ C:\Documents and Settings\anyone\Application Data\Macromedia\Flash Player\#SharedObjects\ZAQ5P45Y ]
media.mtvnservices.com [ C:\Documents and Settings\anyone\Application Data\Macromedia\Flash Player\#SharedObjects\ZAQ5P45Y ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.www.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.burstnet.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.r1-ads.ace.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.mediabrandsww.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
pixel.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.track.parse.ly [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.atwola.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
www.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.virginmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\anyone\Application Data\Mozilla\Firefox\Profiles\se8wd108.default\cookies.sqlite ]
105-bmp.googleadservices.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
a.media.abcfamily.go.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
a.media.soapnet.go.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
acvs.mediaonenetwork.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
bannerfarm.ace.advertising.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
bc.youporn.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
broadcast.piximedia.fr [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn-www.pornhub.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.eyewonder.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.insights.gravity.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn.media.abcfamily.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cdn4.specificclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
cloudfront.mediamatters.org [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
content.oddcast.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
core.insightexpressai.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
ds.serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
googleads.g.doubleclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
ia.media-imdb.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
input.insights.gravity.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
interclick.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
m1.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.mtvnservices.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.scanscout.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.socialvibe.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.tattomedia.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media.thewb.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
media1.break.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
msnbcmedia.msn.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
naiadsystems.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
objects.tremormedia.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
oddcast.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
piximedia.fr [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
s0.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
secure-uk.imrworldwide.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
secure-us.imrworldwide.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
service.twistage.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
sftrack.searchforce.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
spe.atdmt.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
static.2mdn.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
udn.specificclick.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
videos.allelitepass.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
vmixmedia-7.vo.llnwd.net [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
www.pokertracker.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
www.pornhub.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
yahoo.serving-sys.com [ C:\Documents and Settings\dad.OFFICE\Application Data\Macromedia\Flash Player\#SharedObjects\VVG8PKZX ]
interclick.com [ C:\Documents and Settings\kids\Application Data\Macromedia\Flash Player\#SharedObjects\ZTU96YSU ]

Trojan.Agent/Gen-Bot
C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\UNWISE.EXE
C:\PROGRAM FILES\DVDVIDEOSOFTTB\UNWISE.EXE

Second SuperAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/22/2011 at 02:31 PM

Application Version : 4.52.1000

Core Rules Database Version : 7110
Trace Rules Database Version: 4922

Scan type : Complete Scan
Total Scan Time : 01:40:37

Memory items scanned : 318
Memory threats detected : 0
Registry items scanned : 7870
Registry threats detected : 0
File items scanned : 88093
File threats detected : 0

Edited by hamluis, 23 May 2011 - 02:41 PM.
Moved from MRL to AII, no logs.


BC AdBot (Login to Remove)

 


#2 bocamike

bocamike
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:11 PM

Posted 23 May 2011 - 06:56 PM

Hi,

After running several more programs, I have successfully removed the browser redirection Malware.

I know it is not recommended to use without supervision, but I ran ComboFix and then HitmanPro 3.5. It appears to have removed all the malicious Malware. If this solution causes a problem because I used ComboFix please remove these posts. Otherwise, I hope it can benefit others.

Thanks for this forum...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users