Sign in with
Sign up | Sign in
Your question

Browser hijacker, Adware AB.Helper, etc

Last response: in Windows Vista
Share
October 4, 2009 8:35:31 AM

People.... I need your help...

I am using Malware Bytes, Super Anti-Spyware and AVAST...

I just did some scanning yesterday and I believe everything's clean but then when I tried doing some scanning again i GOT THIS AGAIN...

I also did some deletion of previous restore points as what I read from previous searches regarding this problem...

I did not see anything from Malwarebytes and AVAST...only in Super AntiSpyware....Can someone help so I can get rid of this problem....


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/04/2009 at 03:46 PM

Application Version : 4.26.1000

Core Rules Database Version : 4144
Trace Rules Database Version: 2075

Scan type : Complete Scan
Total Scan Time : 01:06:54

Memory items scanned : 355
Memory threats detected : 0
Registry items scanned : 7129
Registry threats detected : 42
File items scanned : 45335
File threats detected : 20

Adware.HBHelper
HKLM\Software\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\InprocServer32#ThreadingModel
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ProgID
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\TypeLib
HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\VersionIndependentProgID
HKCR\URLSearchHook.ToolbarURLSearchHook.1
HKCR\URLSearchHook.ToolbarURLSearchHook
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\0\win32
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\FLAGS
HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}\1.0\HELPDIR
C:\PROGRAM FILES\FAST BROWSER SEARCH\IE\TBHELPER.DLL

Adware.Tracking Cookie
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@ad.yieldmanager[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@doubleclick[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.doubleclick[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.yieldmanager[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.yieldmanager[3].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adbrite[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.bootcampmedia[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@apmebf[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@clicktorrent[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@content.yieldmanager[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@content.yieldmanager[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@doubleclick[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@fastclick[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@imrworldwide[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@overture[2].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@statcounter[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@stats.adbrite[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@tribalfusion[1].txt
C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@zedo[1].txt

Browser Hijacker.Deskbar
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\0
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\0\win32
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\FLAGS
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}\1.0\HELPDIR
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version
HKCR\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
HKCR\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}\ProxyStubClsid
HKCR\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}\ProxyStubClsid32
HKCR\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}\TypeLib
HKCR\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}\TypeLib#Version
HKCR\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
HKCR\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}\ProxyStubClsid
HKCR\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}\ProxyStubClsid32
HKCR\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}\TypeLib
HKCR\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}\TypeLib#Version
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\ProxyStubClsid
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\ProxyStubClsid32
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\TypeLib
HKCR\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\TypeLib#Version
October 4, 2009 10:43:31 AM

The tracking cookies can be eliminated by deleting cookies with IE. As far as the rst of 'findings' from super spyware lol, it looks like those results may be normal. Unless the system is giving problems, I wouldn't worry about it.

http://forums.superantispyware.com/viewtopic.php?f=2&t=...
m
0
l
October 14, 2009 4:27:45 PM

Thanks a lot!!! :D 
m
0
l
!