Its a virus..

[evilfantasy]

Thats part of Yahoo search.

Also post an uninstall list.

Create An Uninstall List

• Start HijackThis
  
• Click on the Open the Misc Tools section
  
• Click on the Open Uninstall Manager button.
  
• Click on the Save list button and specify where you would like to save this file and click Save.
  • When you press Save button a notepad will open with the contents of that file.
• Copy and paste that list in your reply.

[Shynnie]

Must i do it know or wait the for the scans to finish/

[Shynnie]

An Uninstall List

Adobe Bridge 1.0
Adobe Common File Installer
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2
Adobe Stock Photos 1.0
Adobe® Photoshop® Album Starter Edition 3.2
Bank Windhoek Teller Application
Borland Delphi 6
BusinessObjects 6
CAB Bureau Application - SQL Version
Crystal Reports
Crystal Reports 10
Enterprise Architect 7.0 - 30 Day Trial
ESET Online Scanner
eSocket.web
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Home Media Server 4.0.0.0072
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows XP (KB915865)
HP Display Assistant
IDEAL Software dycodoc 1.0
InfoSlips ForMe. Viewer
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Adapters and Drivers
InterVideo WinDVD Recorder
J2SE Development Kit 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2
Java(TM) 6 Update 2
Macromedia Flash Player
Macromedia Flash Player 8
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft ActiveSync 3.7
Microsoft Device Emulator version 1.0 - ENU
Microsoft Document Explorer 2005
Microsoft Document Explorer 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft ODBC .NET Data Provider
Microsoft Office 2003 Web Components
Microsoft Office Professional Edition 2003
Microsoft Project 2000
Microsoft Silverlight
Microsoft SQL Server 2000
Microsoft SQL Server 2000 Reporting Services Developer Edition
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Analysis Services
Microsoft SQL Server 2005 Backward compatibility
Microsoft SQL Server 2005 Books Online (English) (May 2007)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Integration Services
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
Microsoft SQL Server 2005 Notification Services
Microsoft SQL Server 2005 Reporting Services
Microsoft SQL Server 2005 Tools
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Virtual PC 2004
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual SourceSafe 2005 - ENU
Microsoft Visual Studio .NET Enterprise Architect 2003 - English
Microsoft Visual Studio 2005 Professional Edition - ENU
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601)
Microsoft Web Publishing Wizard 1.53
Mozilla Firefox (2.0.0.
MSDN Library for Visual Studio 2005
MSDN Library for Visual Studio 2005
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
NetBeans IDE 5.0
Nokia Connectivity Cable Driver
Nokia Lifeblog 2.1
Nokia MTP driver
Nokia PC Connectivity Solution
Nokia PC Suite
Nokia Software Launcher
PDF Complete
PDF Creator Pilot 3.6 Demo
PhoenixXM
Promotional Items
QuickTime
Rapid SQL 7.2.0
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Sitara
Sony USB Driver
SQL Anywhere Studio 8
SQLXML4
SUPERAntiSpyware Free Edition
Sybase Adaptive Server IQ 12
TaskManager
TaskManager
TaskManager
TaskManager
Teller Application for Terminal Services
TextPad 4.7
Tilos Application Server 2.2
Tilos Database Server 2.2
Tilos_API_Build_2_2_19
Trend Micro OfficeScan Client
Update for Windows XP (KB938828)
Virtual Print Engine v3.50 R1 Enterprise Edition 32-Bit
VNC 3.3.4
WIDCOMM Bluetooth Software
Windows Communication Foundation
Windows Driver Package - Nokia Modem  (06/12/2006 6.81.0.21)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows Presentation Foundation
Windows Server 2003 Service Pack 1 Administration Tools Pack
Windows Workflow Foundation
WinRAR archiver
WinSQL Lite
WinZip
Wormux (remove only)
Your Uninstaller! 2006 Version 5

[Shynnie]

House Call log

The rest is

#Trend Micro HouseCall - Storage of detected incidents
#Thu Feb 21 10:14:50 CAT 2008
scanned.pattern.type=malware,grayware,system.grayware,vulnerability.software
system.username=FortunatoM
infectivethreats.failed.reason=
infectivethreats.type=
created=2008-02-21 08\:11\:59 CAT
personalize=false
infectivethreats.amount=1,1,1,1,1
vulnerabilities.type=software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software,software,software,software,software,
software,software,software,software,software
system.ip=192.168.104.112
scanned.pattern.version=511700,58100,60900,8200
system.architecture=x86
infectivethreats.class=grayware,grayware,grayware,grayware,grayware
infectivethreats.failed.amount=
infectivethreats.removed=1,1,1,1,1
scanned.count=0,0,52093,1
scanned.engine.version=-16,-16,500001060,532001011
infectivethreats=COOKIE_2O7,COOKIE_HITBOX,SPYWARE_TRAK_CULREMOT.11,COOKIE_LIVEPERSON,ADWARE_SCREENSAVERS
scanned.engine.type=main,main,system,system
vulnerabilities=MS07-009,MS07-008,MS07-007,MS07-006,MS06-070,MS07-004,MS07-003,MS06-075,MS05-027,MS05-026,
MS05-032,MS05-033,MS07-019,MS06-060,MS07-015,MS07-017,MS06-063,MS06-064,MS07-011,MS07-014,MS06-066,
MS07-013,MS06-068,MS05-039,MS05-036,MS05-045,MS04-043,MS05-042,MS04-044,MS05-043,MS04-041,MS05-040,
MS05-001,MS05-041,MS06-054,MS07-025,MS07-024,MS06-052,MS06-053,MS07-022,MS06-050,MS06-051,MS07-027,
MS07-020,MS06-058,MS07-021,MS06-057,MS06-056,MS05-049,MS05-048,MS05-008,MS05-047,MS05-007,MS05-046,
MS02-020,MS05-053,MS02-039,MS05-050,MS05-051,MS05-011,MS05-012,MS06-041,MS07-034,MS07-033,MS07-035,
MS06-040,MS06-046,MS06-045,MS06-048,MS07-031,MS05-013,MS05-016,MS05-015,MS05-018,MS05-019,MS06-033,
MS06-032,MS06-030,MS07-041,MS07-045,MS06-036,MS06-035,MS06-039,MS07-050,MS07-057,MS07-058,MS07-056,
MS06-025,MS06-027,MS06-028,MS07-061,MS07-064,MS07-069,MS06-018,MS06-014,MS06-015,MS06-006,MS06-007,
MS06-008,MS06-002,MS06-003
infectivethreats.failed=
domain=housecall65.trendmicro.com
implementation=html/java

[Shynnie]

More log from housecall

[file cleanup - saving space - attachment deleted by admin]

[Shynnie]

Spyware

[file cleanup - saving space - attachment deleted by admin]

[Shynnie]

Logfile of Trend Micro HijackThis v2.0.2


[file cleanup - saving space - attachment deleted by admin]

[evilfantasy]

Go to C:\Documents and Settings\UserName\.housecall\log and see if you can find the log from Housecall that shows what was scanned and/or removed.


Your Java is out of date.
Older versions of Java have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version(s) of Java components and update.
 
Step 1 - Get the new version

• Go to the Sun Java Download Page
  
• On the Sun Java page scroll to the 4th download.
  
• 
  
• Click the button and choose the options.
  • Platform Windows
    
  • Language English
  • Next place a check mark in the box to agree to the License Agreement.
• "I agree to the Java SE Runtime Environment 6 License Agreement"
  
• Click Continue
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Then from your desktop double-click on jre-6u4-windowsi586-p.exe to install the newest version.
  
• Follow the prompts to complete the installation.

Step 2 - Remove old version(s)

• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel > Add/Remove programs and remove all older versions of Java.
  
• Uninstall
• J2SE Development Kit 5.0 Update 6
• Java 2 Runtime Environment, SE v1.4.2
• Java(TM) 6 Update 2[/color]
  
• Do not remove Java 6 Update 4
  
• Click the Remove or Change/Remove button.
  
• Repeat as many times as necessary to remove each old Java version.
• Restart your computer once all Java components are removed.

Step 3 - Remove old folder(s)

• Double click My Computer on the desktop, Locate this folder: C:\Program Files\Java
  
• Open the Java folder and delete any subfolders except the jre1.6.0_04 folder which was just created by the newest Java installation.

----------

Update your Mozilla Firefox Browser
Recently there have been vulnerabilities detected in older versions of Mozilla Firefox.
It is strongly suggested that you update to the current version.
Mozilla Firefox 2.0.0.12
You can update it by clicking Help > Check for updates...

----------

Download SDFix.exe and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following:

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
  
• Choose your usual account.
• Open the extracted SDFix folder and double click RunThis.bat to start the script.
  
• Type Y to begin the cleanup process.
  
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard).
  
• Finally add the contents of the Report.txt in your next post.

----------

Next post add
SDFix log
NEW Hijackthis log

[Shynnie]

Morning

I cant find the log from housecall maybe i didnt save it.
I'm updating my java then i'll remove the older version.

Thanks

[Shynnie]

This will take long due to time difference, cause when its day here you are already sleeping by then.

Firefox is taking forever to finish downloading.

I'll paste the two log files once i finish. Does my PC look healthy?

Many thanks

[evilfantasy]

I need the SDFix and Hijackthis logs.

[Shynnie]

HJT LOg

[file cleanup - saving space - attachment deleted by admin]

[evilfantasy]

SDFix log?

[Shynnie]

DrWeb

[file cleanup - saving space - attachment deleted by admin]

[evilfantasy]

Download SDFix.exe and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following:

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
  
• Choose your usual account.
• Open the extracted SDFix folder and double click RunThis.bat to start the script.
  
• Type Y to begin the cleanup process.
  
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard).
  
• Finally add the contents of the Report.txt in your next post.

----------

Next post add
SDFix log
NEW Hijackthis log