Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Virus & Other Malware Removal
Go to first new post How did you find PC CLEANER PRO on my c ...
Go to first new post Trojan: Win32/Alureon.FK - hijack this l ...
Go to first new post Black desktop, missing all shortcuts, fi ...
Go to first new post Missing Photos/Black Desktop/Phantom Use ...
Go to first new post Network, good; Internet, bad
Go to first new post Need Help
Go to first new post Odd Processes/SCODEF-CREDAT/possible vir ...
Go to first new post Google Hijacker/Google Search Result vir ...
Go to first new post server not found
Go to first new post slow computer, downloads over a few mb f ...
Go to first new post Ramnit virus, nearly cleared
Go to first new post Windows live Messenger Virus
Go to first new post We Got System Checked :-(
Go to first new post This setup thing keeps popping up everyd ...
Go to first new post Extremely unresponsive, massive hang-ups ...
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory monitor motherboard network operating system printer problem ram registry router slow software sound svchost.exe toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Another Google Redirect Issue (New)

Reply  
Thread Tools
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
27-Aug-2009, 11:50 PM #1
Another Google Redirect Issue
I was reading the previous thread regarding a Google Redirect Issue that I am having too. I followed the directions posted by Eddie5659 to run Malwarebytes' Anti-Malware & the Super Anti Spyware. I am posting the logs here below. Is there anything else you could recommend? I want to make sure the virus is gone. I'm not sure if the google redirect is still happening. I didn't try it. I'm going to have to cut the log in half and respond to this post and also post the Super Anti Spyware log because it's too long to post them both here.

Malwarebytes' Anti-Malware 1.40
Database version: 2707
Windows 5.1.2600 Service Pack 3
8/27/2009 4:14:19 PM
mbam-log-2009-08-27 (16-14-19).txt
Scan type: Quick Scan
Objects scanned: 102993
Time elapsed: 9 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 22
Registry Values Infected: 4
Registry Data Items Infected: 2
Folders Infected: 22
Files Infected: 166
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\sbsrv.coreservices (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbsrv.coreservices.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbwallpaper.wallpapermanager (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sbwallpaper.wallpapermanager.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerconfig.application (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerconfig.application.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.commband (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.commband.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.sbmain (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\spamblockerutility.sbmain.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00b498e3-0543-4624-8fde-1caf89a80550} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9882035-7745-47c7-8d5e-c11178f9c553} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e678cbdc-d022-41f5-ab21-c43dfd9dfc3e} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea232a0a-46f8-4d44-a30b-50321518a828} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{191 27ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43b f8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\sbtv (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SBTV (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Spam Blocker (Adware.Hotbar) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ms antispyware 2009 (Rogue.MSantiSpyware2009) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Client\Extensions\spam blocker for ms outlook (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\spamblockerutility 4.8.4 (Adware.Hotbar) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlocker (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\IESkins (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOI (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOI\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOI\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOL (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOL\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\HostOL\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\hstat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\ustat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility_Icons (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\15232814 (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\SpamBlockerUtility.log (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1056189.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1057258.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\1418656.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\2901491.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\889844.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\939832.sdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\ASPL1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\domains.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\hstat\3526.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\10000482 26 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\11213 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\15541 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\19052 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\20517 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\22254 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\241998 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\24625 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\261241 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\27503 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\279564 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\29130 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\34137 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\36079 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\468327 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\47484 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\540999 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\592059 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\6292 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\65502 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\70330 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\70449 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\72807 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\747867 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\751230 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\751231 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\80670 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\83505 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\90009 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\94407 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\TooltipXML\99795 (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\dynamic\ustat\3526.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\ads.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\btntrans.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\btntrans1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\business_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\buttondir.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\components.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\default.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz1.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz10.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz11.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz12.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz13.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz14.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz15.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz16.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz17.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz18.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz19.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz2.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz20.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz3.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz4.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz5.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz6.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz7.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz8.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_bidz9.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_categorize .mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_comparison .mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
Register for free to hide this ad!
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
27-Aug-2009, 11:51 PM #2
The rest of Malwarebyte's
Malwarebyts cont.

C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_em_PROFL_C A_flow_b_IEB.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_explorer-Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_explorer-people.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_fastutilit ies.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_favorites. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Games.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Hide.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_hotbarcom. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Hotmail.mn u (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_hsskin.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemster.mn u (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemsterie. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jemsteruk. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_jobsearch. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_Mails.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_new.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_premium.mn u (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_reun.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_ringtones. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_SearchBoxT rapper.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_searchfor. mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_searchgo.m nu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_weather.mn u (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Default_yellowpage s.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_10 00.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_20 00.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_30 00.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_ba r.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_bb ar1.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_lo gos.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_buttons_ot her.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\d_icons_weather.re s (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\email-def-511724-9595.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\email-t1-bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar-premium-hotbar-premium.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar-premium.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\hotbar_promo.htm (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\icons2.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\keywords.idx (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\keywords1.dat (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\layout.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\linkpathlegal.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\progress.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\sales_buttons.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\s_icons_buttons.re s (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\t2_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\top7.cdf (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\Top7_theweb.mnu (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\1\tsd_bg.res (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\ads.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\BtnTrans.xi p (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\BtnTrans1.x ip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\business_pr omo.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\buttondir.x ip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\default.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_1000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_2000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_3000.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_bar.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_bbar1.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_logos.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_but tons_other.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\d_icons_wea ther.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\email-t1-bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\hotbar-premium.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\hotbar_prom o.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\icons2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\keywords.xi p (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\keywords1.x ip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\layout.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\linkpathleg al.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\progress.xi p (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\sales_butto ns.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\samplegroup s2.txt (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\samplegroup s2.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\s_icons_but tons.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\t2_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\top7.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility\v3.0\SpamBlockerUtility\static\DownLoad\tsd_bg.xip (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility_Icons\MobileSidewalk_2.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility_Icons\Software_Online_8.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Documents and Settings\CORY\Application Data\SpamBlockerUtility_Icons\wallpapere1.ico (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\15232814\15232814 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\15232814\15232814.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\15232814\pc15232814ins (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Common\helper.sig (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\ADAPT_Installer.exe (Heuristics.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sdra64.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tapi.nfo (Trojan.Agent) -> Quarantined and deleted successfully.
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
27-Aug-2009, 11:53 PM #3
Super Anti Spyware Log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/27/2009 at 06:11 PM
Application Version : 4.27.1002
Core Rules Database Version : 4073
Trace Rules Database Version: 2013
Scan type : Complete Scan
Total Scan Time : 01:42:06
Memory items scanned : 567
Memory threats detected : 0
Registry items scanned : 7405
Registry threats detected : 0
File items scanned : 101281
File threats detected : 65
Adware.Tracking Cookie
C:\Documents and Settings\CORY\Cookies\cory@chitika[1].txt
C:\Documents and Settings\CORY\Cookies\cory@bridge1.admarketplace[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ad.yieldmanager[4].txt
C:\Documents and Settings\CORY\Cookies\cory@media.adfrontiers[1].txt
C:\Documents and Settings\CORY\Cookies\cory@content.yieldmanager[4].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.addynamix[2].txt
C:\Documents and Settings\CORY\Cookies\cory@nextag[2].txt
C:\Documents and Settings\CORY\Cookies\cory@mediaplex[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ad.yieldmanager[1].txt
C:\Documents and Settings\CORY\Cookies\cory@trafficmp[2].txt
C:\Documents and Settings\CORY\Cookies\cory@mediaplex[2].txt
C:\Documents and Settings\CORY\Cookies\cory@content.yieldmanager[3].txt
C:\Documents and Settings\CORY\Cookies\cory@casalemedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@cdn4.specificclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.pointroll[3].txt
C:\Documents and Settings\CORY\Cookies\cory@doubleclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@admarketplace[1].txt
C:\Documents and Settings\CORY\Cookies\cory@zedo[1].txt
C:\Documents and Settings\CORY\Cookies\cory@specificmedia[5].txt
C:\Documents and Settings\CORY\Cookies\cory@bluestreak[1].txt
C:\Documents and Settings\CORY\Cookies\cory@interclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@overture[2].txt
C:\Documents and Settings\CORY\Cookies\cory@revsci[3].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.cartoonnetwork[1].txt
C:\Documents and Settings\CORY\Cookies\cory@invitemedia[3].txt
C:\Documents and Settings\CORY\Cookies\cory@collective-media[1].txt
C:\Documents and Settings\CORY\Cookies\cory@toseeka[1].txt
C:\Documents and Settings\CORY\Cookies\cory@media6degrees[2].txt
C:\Documents and Settings\CORY\Cookies\cory@theclickcheck[2].txt
C:\Documents and Settings\CORY\Cookies\cory@a1.interclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@specificmedia[1].txt
C:\Documents and Settings\CORY\Cookies\cory@advertising[2].txt
C:\Documents and Settings\CORY\Cookies\cory@invitemedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@trafficmp[4].txt
C:\Documents and Settings\CORY\Cookies\cory@specificclick[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.addynamix[1].txt
C:\Documents and Settings\CORY\Cookies\cory@questionmarket[3].txt
C:\Documents and Settings\CORY\Cookies\cory@www.mynortonaccount[2].txt
C:\Documents and Settings\CORY\Cookies\cory@advertising[5].txt
C:\Documents and Settings\CORY\Cookies\cory@specificmedia[3].txt
C:\Documents and Settings\CORY\Cookies\cory@realmedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@specificclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@advertising[3].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.techguy[2].txt
C:\Documents and Settings\CORY\Cookies\cory@apmebf[1].txt
C:\Documents and Settings\CORY\Cookies\cory@questionmarket[1].txt
C:\Documents and Settings\CORY\Cookies\cory@atdmt[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.bridgetrack[1].txt
C:\Documents and Settings\CORY\Cookies\cory@intermundomedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@revsci[1].txt
C:\Documents and Settings\CORY\Cookies\cory@content.yieldmanager[1].txt
C:\Documents and Settings\CORY\Cookies\cory@oasn04.247realmedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@fastclick[2].txt
C:\Documents and Settings\CORY\Cookies\cory@advertising[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.pointroll[1].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.pointroll[2].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.bridgetrack[2].txt
C:\Documents and Settings\CORY\Cookies\cory@ads.addynamix[3].txt
C:\Documents and Settings\CORY\Cookies\cory@specificmedia[2].txt
C:\Documents and Settings\CORY\Cookies\cory@mediaplex[3].txt
C:\Documents and Settings\CORY\Cookies\cory@ad.yieldmanager[3].txt
C:\Documents and Settings\CORY\Cookies\cory@tribalfusion[2].txt
C:\Documents and Settings\CORY\Cookies\cory@trafficmp[1].txt
C:\Documents and Settings\CORY\Cookies\cory@fastclick[3].txt
Trojan.Agent/Gen
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\OTMJ8HQB\DARKSIDE[1].EXE
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
29-Aug-2009, 11:42 AM #4
Still not solved. Please help!
Bump
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
30-Aug-2009, 04:38 PM #5
HJT Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:31:50 PM, on 8/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
C:\WINDOWS\system32\srvany.exe
C:\pvsw\bin\w3dbsmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061129
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmaila.juno.com/webmail/new...unt=1181871974
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=5061129
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.0.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.0.0.135\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.0.0.135\coIEPlg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [BellSouthReportingAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; SpamBlockerUtility 4.8.4)" -"http://www.highlightskids.com/Gamesa...Mazes/h2mz.asp"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
O16 - DPF: {85BA505F-FD01-4A91-836C-F7D502E89C9A} (Image Uploader Control) - http://www.evite.com/html/imageUploa...eUploader4.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - https://disney.go.com/games/download...ameManager.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/pla.../installer.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.0.0.135\coIEPlg.dll
O18 - Filter hijack: text/html - {97fdb74a-a55f-41e9-8dbe-af100e472016} - C:\WINDOWS\system32\mst122.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pervasive.SQL Workgroup Engine - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
--
End of file - 11212 bytes
cgcalkins's Avatar
Computer Specs
Junior Member with 6 posts.
  
Join Date: Aug 2009
Experience: Intermediate
31-Aug-2009, 11:06 PM #6
Bump
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

Tags
eddie5659, google, malwarebytes, redirect, super anti spyware

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 12:17 AM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.