Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows xp [resault 5 google] new window opens an then redirected


  • This topic is locked This topic is locked
18 replies to this topic

#1 seb-it

seb-it

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 27 July 2010 - 12:15 PM

i have just joined this site i am not very good with computers an i despratly need help to fix my [ibm think pad] as i have tryed every thing basicly every time i type something into google and click on the resaults a new window opens headed results 5 google end redirects me to random sites but not every time and then sometime a window will just pop open randomly with google hope can someone please help me as it is really annoying and i have spent so much time on the internet reading with no joy

Edited by hamluis, 27 July 2010 - 01:14 PM.
Moved from XP to Am I Infected forum ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 AM

Posted 27 July 2010 - 03:42 PM

Hello and welcome.


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware (v1.46) and save it to your desktop.
Before you save it rename it to say zztoy.exe


alternate download link 1
alternate download link 2
MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 28 July 2010 - 12:35 PM

hi there thanks for answering me so quickly both the tdss and malware bytes didnt come up with any thing heres the malware bytes report


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/07/2010 18:17:01
mbam-log-2010-07-28 (18-17-01).txt

Scan type: Quick scan
Objects scanned: 111532
Time elapsed: 8 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 28 July 2010 - 12:39 PM

and heres the tdss roport thanks


2010/07/28 17:55:35.0636 TDSS rootkit removing tool 2.4.0.0 Jul 22 2010 16:09:49
2010/07/28 17:55:35.0636 ================================================================================
2010/07/28 17:55:35.0636 SystemInfo:
2010/07/28 17:55:35.0636
2010/07/28 17:55:35.0636 OS Version: 5.1.2600 ServicePack: 3.0
2010/07/28 17:55:35.0636 Product type: Workstation
2010/07/28 17:55:35.0636 ComputerName: ANONYMOUS
2010/07/28 17:55:35.0636 UserName: Owner
2010/07/28 17:55:35.0636 Windows directory: C:\WINDOWS
2010/07/28 17:55:35.0636 System windows directory: C:\WINDOWS
2010/07/28 17:55:35.0636 Processor architecture: Intel x86
2010/07/28 17:55:35.0636 Number of processors: 1
2010/07/28 17:55:35.0636 Page size: 0x1000
2010/07/28 17:55:35.0636 Boot type: Normal boot
2010/07/28 17:55:35.0636 ================================================================================
2010/07/28 17:55:36.0006 Initialize success
2010/07/28 17:55:42.0055 ================================================================================
2010/07/28 17:55:42.0055 Scan started
2010/07/28 17:55:42.0055 Mode: Manual;
2010/07/28 17:55:42.0055 ================================================================================
2010/07/28 17:55:43.0106 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/07/28 17:55:43.0177 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2010/07/28 17:55:43.0247 aeaudio (3cb6ae5435987b1f8c83fd2730479878) C:\WINDOWS\system32\drivers\aeaudio.sys
2010/07/28 17:55:43.0327 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/07/28 17:55:43.0387 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/07/28 17:55:43.0467 AFD (38d7b715504da4741df35e3594fe2099) C:\WINDOWS\System32\drivers\afd.sys
2010/07/28 17:55:43.0567 AgereSoftModem (aff071b6290776e1fa162837c35eac78) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2010/07/28 17:55:43.0647 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/07/28 17:55:43.0898 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/07/28 17:55:43.0928 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/07/28 17:55:44.0048 ati2mtag (2fbdfec8cd60cec3d55e615865333033) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2010/07/28 17:55:44.0148 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/07/28 17:55:44.0198 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/07/28 17:55:44.0288 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
2010/07/28 17:55:44.0368 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2010/07/28 17:55:44.0408 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys
2010/07/28 17:55:44.0468 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/07/28 17:55:44.0539 Belkin701F (79a2dd3b444321b40ea65c6f4606fdbc) C:\WINDOWS\system32\DRIVERS\BLKWGNv7.sys
2010/07/28 17:55:44.0689 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/07/28 17:55:44.0729 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/07/28 17:55:44.0779 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/07/28 17:55:44.0819 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/07/28 17:55:44.0909 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2010/07/28 17:55:44.0969 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/07/28 17:55:45.0159 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/07/28 17:55:45.0229 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/07/28 17:55:45.0300 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/07/28 17:55:45.0350 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/07/28 17:55:45.0430 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/07/28 17:55:45.0520 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/07/28 17:55:45.0570 DumpDrv (b327281012b48bd73f587799f9f29be2) C:\WINDOWS\system32\drivers\DumpDrv.sys
2010/07/28 17:55:45.0630 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/07/28 17:55:45.0790 exFat (4d893323dae445e34a4c9038b0551bc9) C:\WINDOWS\system32\drivers\exFat.sys
2010/07/28 17:55:45.0840 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/07/28 17:55:45.0880 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/07/28 17:55:45.0931 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/07/28 17:55:45.0971 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/07/28 17:55:46.0031 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2010/07/28 17:55:46.0131 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2010/07/28 17:55:46.0241 Fs_Rec (30d42943a54704ef13e2562911dbfcea) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/07/28 17:55:46.0271 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/07/28 17:55:46.0401 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/07/28 17:55:46.0541 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/07/28 17:55:46.0621 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/07/28 17:55:46.0742 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/07/28 17:55:46.0832 IBMPMDRV (bf648877413f6160e480814a24942b65) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
2010/07/28 17:55:46.0982 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/07/28 17:55:47.0072 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/07/28 17:55:47.0112 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/07/28 17:55:47.0152 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2010/07/28 17:55:47.0212 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/07/28 17:55:47.0242 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/07/28 17:55:47.0292 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/07/28 17:55:47.0333 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/07/28 17:55:47.0373 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
2010/07/28 17:55:47.0423 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/07/28 17:55:47.0493 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/07/28 17:55:47.0613 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/07/28 17:55:47.0663 klmd24 (6485ad0a17a0d6286b4d44c652adabb2) C:\WINDOWS\system32\drivers\klmd.sys
2010/07/28 17:55:47.0803 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/07/28 17:55:47.0853 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/07/28 17:55:47.0983 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/07/28 17:55:48.0034 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/07/28 17:55:48.0094 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/07/28 17:55:48.0134 MountMgr (1a1faa5102466f418494e94ff9b0b091) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/07/28 17:55:48.0214 MRxDAV (6a7c4ac5b52155115dee97995c1cf157) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/07/28 17:55:48.0314 MRxSmb (d09b9f0b9960dd41e73127b7814c115f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/07/28 17:55:48.0374 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/07/28 17:55:48.0434 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/07/28 17:55:48.0474 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/07/28 17:55:48.0524 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/07/28 17:55:48.0564 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/07/28 17:55:48.0604 Mup (6546fe6639499fa4bef180bdf08266a1) C:\WINDOWS\system32\drivers\Mup.sys
2010/07/28 17:55:48.0664 NDIS (b5b1080d35974c0e718d64280761bcd5) C:\WINDOWS\system32\drivers\NDIS.sys
2010/07/28 17:55:48.0704 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/07/28 17:55:48.0735 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/07/28 17:55:48.0775 NdisWan (b053a8411045fd0664b389a090cb2bbc) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/07/28 17:55:48.0815 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/07/28 17:55:48.0845 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/07/28 17:55:48.0885 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/07/28 17:55:48.0985 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/07/28 17:55:49.0055 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
2010/07/28 17:55:49.0115 Ntfs (ae8cad8f28db13b515a68510a539b0b8) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/07/28 17:55:49.0185 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/07/28 17:55:49.0215 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/07/28 17:55:49.0245 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/07/28 17:55:49.0305 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/07/28 17:55:49.0335 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/07/28 17:55:49.0375 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/07/28 17:55:49.0426 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/07/28 17:55:49.0516 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2010/07/28 17:55:49.0556 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2010/07/28 17:55:49.0806 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/07/28 17:55:49.0856 PSched (d8e11d311785f89f1d70a28b0e879127) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/07/28 17:55:49.0896 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/07/28 17:55:49.0956 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/07/28 17:55:50.0157 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/07/28 17:55:50.0217 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
2010/07/28 17:55:50.0257 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/07/28 17:55:50.0297 RasPppoe (2c9d4620a0fd35de1828370b392f6e2d) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/07/28 17:55:50.0357 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/07/28 17:55:50.0407 Rdbss (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/07/28 17:55:50.0437 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/07/28 17:55:50.0477 rdpdr (47ea20320e3d6fdc7b7bb22b2b881ca6) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/07/28 17:55:50.0527 RDPWD (e8e3107243b16a549b88d145ec051b06) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/07/28 17:55:50.0587 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/07/28 17:55:50.0677 rspndr (743d7d59767073a617b1dcc6c546f234) C:\WINDOWS\system32\DRIVERS\rspndr.sys
2010/07/28 17:55:50.0727 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/07/28 17:55:50.0767 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/07/28 17:55:50.0808 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/07/28 17:55:50.0848 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/07/28 17:55:50.0958 SjyPkt (3d7ef286e806f9bd9339aa52e28dcd67) C:\WINDOWS\System32\Drivers\SjyPkt.sys
2010/07/28 17:55:51.0068 smwdm (9b8aeed0dc8198efb83d06baf2fab2e2) C:\WINDOWS\system32\drivers\smwdm.sys
2010/07/28 17:55:51.0158 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/07/28 17:55:51.0198 SR (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/07/28 17:55:51.0278 Srv (30efed0c77d59ae0cacb0b5c756767ed) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/07/28 17:55:51.0348 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
2010/07/28 17:55:51.0428 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/07/28 17:55:51.0468 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/07/28 17:55:51.0649 SynTP (1cde0a5c0416187b9b89e03980c6e8de) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2010/07/28 17:55:51.0699 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/07/28 17:55:51.0749 Tcpip (ba8c046d98345129723e6bcaa1e8ab99) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/07/28 17:55:51.0849 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/07/28 17:55:51.0899 TDTCP (c0578456f29e5f26285f81b7b71fe57d) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/07/28 17:55:51.0939 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/07/28 17:55:52.0069 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/07/28 17:55:52.0169 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
2010/07/28 17:55:52.0260 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/07/28 17:55:52.0350 usbccgp (c18d6c74953621346df6b0a11f80c1cc) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/07/28 17:55:52.0410 usbehci (52674b5dbee499342a599c7771abecaa) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/07/28 17:55:52.0450 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/07/28 17:55:52.0510 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/07/28 17:55:52.0540 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/07/28 17:55:52.0600 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/07/28 17:55:52.0660 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/07/28 17:55:52.0700 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/07/28 17:55:52.0780 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/07/28 17:55:52.0850 WLANRB (a6a1906a0106a11237f9ee39456b25bd) C:\WINDOWS\system32\DRIVERS\MA401RB.sys
2010/07/28 17:55:52.0981 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/07/28 17:55:53.0031 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/07/28 17:55:53.0071 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/07/28 17:55:53.0121 ================================================================================
2010/07/28 17:55:53.0121 Scan finished
2010/07/28 17:55:53.0121 ================================================================================
2010/07/28 17:56:49.0452 Deinitialize success

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 AM

Posted 28 July 2010 - 01:33 PM

Hmm,let's see if safe mode shows it.

Next run ATF and SAS: If you cannot access Safe Mode,run in normal ,but let me know.

Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program
.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.


Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 28 July 2010 - 04:02 PM

i have run super as you instucted and tryed to reboot in safe mode, i got black screen with white writing and then a blue screen that says :
a problem has been detected and windows has been shut down to prevent damage to your computer. if this is the first time you seen this stop error screen , restart your computer, if this screen appears again follow this steps: check for viruses, remove newly installed hard drives or hard drive controlers, check your hard drive to make sure it is properly configured and terminated. run CHKDSK / F to check for hard drive corruption and then restart your computer. techinacl information : *** STOP: 0x000007B (0xF8958528, 0xC0000034, 0x00000000, 0x00000000)

Problem is that I tried to restart it but i got the same thing

I am now using my parners pc so i can write this to you

PLEASE HELP!

THANK YOU, Seb

Edited by seb-it, 28 July 2010 - 04:23 PM.


#7 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 28 July 2010 - 04:11 PM

o i fargot the scan found 134 files mostly cookies what do i do now thanks

Edited by seb-it, 28 July 2010 - 04:20 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 AM

Posted 29 July 2010 - 09:51 AM

So you scanned with SAS but not in safe mode and got a bunch of cookies??

If so let's see if we can fix safe mode first.
SUPERAntiSypware has a built in "Repairs" feature to fix policy restrictions and certain Windows settings which are sometimes targeted by malware infection. To use this feature, launch SUPERAntiSypware.
  • Click the Repairs tab.
  • Click on (highlight) "Repair broken SafeBoot key" and then click the Repair button.
  • You may be asked to reboot your computer for the changes to take effect.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 29 July 2010 - 11:32 AM

i cant get past the blue screen to window what do i do it has a black screen with options

safe mode
safe mode with networking
safe mode with comand prompt
enable boot logging
enable vga mode
last known good configuration
directory services restore mode
debugging mode
disable automatic restart on system failure
start windows normaly
reboot
retern toos choices menu

or i click safe mode and get options

microsoft windows recovery console
microsoft windows xp profesional

Edited by seb-it, 29 July 2010 - 11:45 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 AM

Posted 29 July 2010 - 11:53 AM

or i click safe mode and get options

microsoft windows recovery console
microsoft windows xp profesional <<---
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 29 July 2010 - 12:05 PM

i just get a blue screen that says :

a problem has been detected and windows has been shut down to prevent damage to your computer. if this is the first time you seen this stop error screen , restart your computer, if this screen appears again follow this steps: check for viruses, remove newly installed hard drives or hard drive controlers, check your hard drive to make sure it is properly configured and terminated. run CHKDSK / F to check for hard drive corruption and then restart your computer.

techinacl information :

*** STOP: 0x000007B (0xF8958528, 0xC0000034, 0x00000000, 0x00000000)

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:11 AM

Posted 29 July 2010 - 12:15 PM

I will ask someone to look at this....
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 29 July 2010 - 12:24 PM

thank you, I ll hold on

#14 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 29 July 2010 - 01:29 PM

ah it will switch on not in safe mode so
i rapaired broken safe boot key and now safe mode works is there any thing eles i need to do

Edited by seb-it, 29 July 2010 - 01:34 PM.


#15 seb-it

seb-it
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:08:11 AM

Posted 29 July 2010 - 01:47 PM

this is the scan resaults from sas

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/28/2010 at 09:38 PM

Application Version : 4.41.1000

Core Rules Database Version : 5281
Trace Rules Database Version: 3093

Scan type : Complete Scan
Total Scan Time : 00:42:21

Memory items scanned : 438
Memory threats detected : 0
Registry items scanned : 4921
Registry threats detected : 2
File items scanned : 26872
File threats detected : 134

Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\owner@ads.bleepingcomputer[1].txt
s0.2mdn.net [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\ZX7NLDRU ]
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@ad.yieldmanager[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@adbrite[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.associatedcontent[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.gossipcenter[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.myadplatform[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.myadplatform[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[6].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.pubmatic[7].txt
C:\Documents and Settings\NetworkService\Cookies\system@ads.smartadx[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adserve.podaddies[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adserve.podaddies[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adtech[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertise[6].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertising[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@advertising[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adviva[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@apmebf[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@associatedcontent.112.2o7[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[6].txt
C:\Documents and Settings\NetworkService\Cookies\system@atdmt[7].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@bs.serving-sys[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@bs.serving-sys[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz1.91423.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz4.91419.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz4.91457.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz4.91469.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz5.91423.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz6.91419.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz6.91469.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz9.91469.blueseek[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@clickpayz9.91469.blueseek[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@clicksor[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[10].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[11].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[6].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[7].txt
C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[9].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@doubleclick[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@imrworldwide[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@lovefilm.db.advertising[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[4].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[5].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[6].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[7].txt
C:\Documents and Settings\NetworkService\Cookies\system@mediaplex[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@myroitracking[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@tradedoubler[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@trafficmp[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@trafficmp[3].txt
adultwebmastercenter.biz [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
advprotraffic.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
bc.youporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
cdn5.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
cdnb.adultmembersarea.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
gw.callingbanners.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
ia.media-imdb.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
macromedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
media.scanscout.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
media1.break.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
objects.tremormedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
s0.2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
secure-uk.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
stat.easydate.biz [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
static.xxxmatch.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
videos.allelitepass.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
vidii.hardsextube.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.alphaporno.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.bleeptube.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.mofosex.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.pornhub.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.pornkeeper.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.pornme.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.porntown.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.sextube.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.sunporno.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
www.youngpornmovies.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\M68WJYRU ]
.interclick.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.avgtechnologies.112.2o7.net [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.paypal.112.2o7.net [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stopzilla.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.stopzilla.com [ C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Adware.Flash Tracking Cookie
C:\Documents and Settings\Owner\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M68WJYRU\S0.2MDN.NET
C:\Documents and Settings\Owner\Application Data\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\M68WJYRU\SECURE-US.IMRWORLDWIDE.COM

Malware.Trace
C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
HKU\S-1-5-21-1708537768-1935655697-2147069939-1003\Software\QNB2EB90WX

Adware.AdRotator
HKU\S-1-5-21-1708537768-1935655697-2147069939-1003\Software\RZDVL2F27W




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users