|
|
#1
2nd Aug 2009, 07:08
|
|||
|
|||
|
Anytime I use Google, Yahoo, MSN, etc when i click on a link it automatically redirects me to random ads. Anyone know what caused this and how it can be fixed?
|
|
#2
2nd Aug 2009, 07:30
|
||||||||||||
|
||||||||||||
|
Follow the guide and a malware person will assist you > http://www.computer-juice.com/forums...-posting-7476/
__________________
My System: Hybr!d
|
|
#3
2nd Aug 2009, 08:13
|
|||
|
|||
|
SUPERAntiSpyware Scan Log
http://www.superantispyware.com Generated 08/01/2009 at 03:14 PM Application Version : 4.26.1000 Core Rules Database Version : 4032 Trace Rules Database Version: 1972 Scan type : Complete Scan Total Scan Time : 03:02:01 Memory items scanned : 588 Memory threats detected : 1 Registry items scanned : 7165 Registry threats detected : 5 File items scanned : 165885 File threats detected : 105 Trojan.Dropper/Sys-NV C:\WINDOWS\SYSTEM32\XWREG32.DLL C:\WINDOWS\SYSTEM32\XWREG32.DLL Unclassified.Unknown Origin HKU\S-1-5-21-3095785160-4041922383-2734342379-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{134F7664-943D-3BB9-65F5-70B91DF46C86} HKU\S-1-5-21-3095785160-4041922383-2734342379-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C} Adware.IWinGames HKU\S-1-5-21-3095785160-4041922383-2734342379-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990} Trojan.Unclassified/Helper-DD HKU\S-1-5-21-3095785160-4041922383-2734342379-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{AFD4AD01-58C1-47DB-A404-FBE00A6C5486} Trojan.Agent/Gen HKU\S-1-5-21-3095785160-4041922383-2734342379-1007\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{C9C42510-9B21-41C1-9DCD-8382A2D07C61} Adware.Tracking Cookie C:\Documents and Settings\Jackie\Cookies\jackie@specificmedia[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@guthyrenker.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@www.findstuff[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.pointroll[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@tribalfusion[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@247realmedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@112.2o7[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@waterfrontmedia.112 .2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@www.burstnet[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@invitemedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.lucidmedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@associatedcontent.1 12.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@www.toseeka[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@adbrite[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@clickthrough.kanood le[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@leeenterprises.112. 2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@serving-sys[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@collective-media[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@advertising[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@homestore.122.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@oasn04.247realmedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@fastclick[4].txt C:\Documents and Settings\Jackie\Cookies\jackie@media6degrees[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@zedo[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@couponmountain[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@media.adrevolver[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@atdmt[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@msnportal.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@adknowledge[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.right-ads[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ad.yieldmanager[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@interclick[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@blockbuster.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@yahooflickr.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@casalemedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@eas.apm.emediate[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.undertone[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@pubmatic.lucidmedia[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@toseeka[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@socialmedia[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@burstbeacon[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.us.e-planning[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@a1.interclick[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.quixsurf[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@specificclick[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@ge.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@tracking.realtor[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@www.burstbeacon[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@bs.serving-sys[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@bidsystem.adknowled ge[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@bluestreak[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@kanoodle[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.widgetbucks[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@ads.realtechnetwork[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@intermundomedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@dardenrestaurants.1 12.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@specificclick[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@yieldmanager[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@cgm.adbureau[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@shopica[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@adrevolver[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@doubleclick[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@fastclick[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@realmedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@apmebf[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@burstnet[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@kontera[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@mediaplex[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@lockedonmedia[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@overture[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@azjmp[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@questionmarket[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@cdn4.specificclick[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@oasn04.247realmedia[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@statcounter[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@trafficmp[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@wachovia.112.2o7[1].txt C:\Documents and Settings\Jackie\Cookies\jackie@revsci[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@insightexpressai[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@adserver.adtechus[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@advertising[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@at.atwola[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@bbfadnet[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@casalemedia[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@cb.adbureau[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@cdn4.specificclic k[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@fastclick[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@imrworldwide[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@insightexpressai[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@mediaplex[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@pro-market[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@revenue[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@sl3.kfactormedia[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@specificclick[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@tacoda[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@technoratimedia[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@toseeka[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@www.googleadservi ces[1].txt C:\Documents and Settings\Frankie\Cookies\frankie@www.googleadservi ces[2].txt C:\Documents and Settings\Frankie\Cookies\frankie@www.googleadservi ces[3].txt C:\Documents and Settings\Frankie\Cookies\frankie@yieldmanager[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@fastclick[2].txt C:\Documents and Settings\Jackie\Cookies\jackie@specificmedia[1].txt Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:40:57 AM, on 8/2/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.ex e C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Support.com\bin\tgcmd.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\notepad.exe C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe" O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Dell\Media Experience\DMXLauncher.exe" O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [DLA] "C:\WINDOWS\System32\DLA\DLACTRLW.EXE" O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf O4 - HKLM\..\Run: [SSRunScript] "C:\Program Files\Support.com\Charter\bin\SSRunScript.exe" /script "C:\Program Files\Support.com\Charter\vbs\verifyconnection.vbs " /args //b startupdelay O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe" O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe" O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe" O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [UserFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -u O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtim e.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe O4 - Global Startup: Digital Line Detect.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0C92900E-4D5A-4F04-ACC9-729E1767BBAE} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader45.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlmanager.akamaitools.com.edg...ex-2.0.6.0.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager...EGetPlugin.ocx O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/bar...webinstall.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Whale Client Components) - https://kmanywhere.kohls.com/Interna...WhlCompMgr.cab O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {AE6C4705-0F11-4ACB-BDD4-37F138BEF289} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader45.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab55579.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/gh...ylomplayer.cab O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} (Image Uploader Control) - http://cccamera.lifepics.com/net/Upl...Uploader57.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/G...onGameHost.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Filter hijack: text/html - {0f17e8da-ab71-41ab-b57f-eac6621161a9} - C:\WINDOWS\system32\xwreg32.dll O20 - AppInit_DLLs: c:\windows\system32\nafamamo.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.ex e -- End of file - 12942 bytes Malwarebytes' Anti-Malware 1.36 Database version: 1992 Windows 5.1.2600 Service Pack 3 8/2/2009 10:10:57 AM mbam-log-2009-08-02 (10-10-57).txt Scan type: Quick Scan Objects scanned: 124038 Time elapsed: 26 minute(s), 42 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) |
|
#4
2nd Aug 2009, 08:23
|
|||
|
|||
|
a couple of those scans were completed in the last couple days, but not today. Let me know if they will work or if i should re-scan. Thanks!
|
|
#5
3rd Aug 2009, 02:32
|
|||
|
|||
|
Thread closed as new one started with new scans, avoids confusion, someone will help shortly. Thanks.
|
