Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

popup explorer script errors & redirects


  • Please log in to reply
2 replies to this topic

#1 krash1975

krash1975

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 30 April 2011 - 08:51 PM

Its been 3 days. I have re-run the DDS & attach scans and can post if needed.
I found that advertising cookies are added to my D&S/local Settings/Cookies subdir every few seconds.
Also lots of IE content being stored on my PC even though I have no browser open.

Thank you.

BC AdBot (Login to Remove)

 


#2 Computerproblem101

Computerproblem101

  • Members
  • 140 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 30 April 2011 - 09:28 PM

Run Superantispyware. Http://www.superantispyware.com - download it, update it, run full scan.

- remove anything found, reboot your PC and also post the log here.

#3 krash1975

krash1975
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:53 AM

Posted 01 May 2011 - 08:21 PM

Thank you for your reply.
I ran the spyware scanner and here is the log file.
BTW, I still have the same issues after the scan & reboot (redirects in IE & Mozilla, IE script error windows with no open IE)

Thanks again for your help.
------------------------------------------------------------------------------------------------
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/01/2011 at 06:38 PM

Application Version : 4.51.1000

Core Rules Database Version : 6966
Trace Rules Database Version: 4778

Scan type : Quick Scan
Total Scan Time : 00:28:10

Memory items scanned : 744
Memory threats detected : 0
Registry items scanned : 4399
Registry threats detected : 3
File items scanned : 14667
File threats detected : 40

Adware.SideStep Toolbar
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D714A94F-123A-45CC-8F03-040BCAF82AD6}
HKCR\CLSID\{D714A94F-123A-45CC-8F03-040BCAF82AD6}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D714A94F-123A-45CC-8F03-040BCAF82AD6}

Adware.Tracking Cookie
C:\Documents and Settings\Ray\Cookies\ray@tacoda.at.atwola[1].txt
C:\Documents and Settings\Ray\Cookies\ray@segment-pixel.invitemedia[1].txt
C:\Documents and Settings\Ray\Cookies\ray@adlegend[2].txt
C:\Documents and Settings\Ray\Cookies\ray@ads.pubmatic[1].txt
C:\Documents and Settings\Ray\Cookies\ray@advertising[2].txt
C:\Documents and Settings\Ray\Cookies\ray@collective-media[1].txt
C:\Documents and Settings\Ray\Cookies\ray@questionmarket[2].txt
C:\Documents and Settings\Ray\Cookies\ray@trafficengine[1].txt
C:\Documents and Settings\Ray\Cookies\ray@legolas-media[2].txt
C:\Documents and Settings\Ray\Cookies\ray@bridge2.admarketplace[1].txt
C:\Documents and Settings\Ray\Cookies\ray@advertise[1].txt
media.mtvnservices.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\CBER8WK7 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Pam\Application Data\Macromedia\Flash Player\#SharedObjects\CBER8WK7 ]
C:\Documents and Settings\Pam\Cookies\pam@imrworldwide[2].txt
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.adultswim.com [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]
.keybank.112.2o7.net [ C:\Documents and Settings\Sean\Application Data\Mozilla\Firefox\Profiles\zqg8txlh.default\cookies.sqlite ]

Trojan.Agent/Gen-Faldesc
C:\DOCUMENTS AND SETTINGS\SEAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\ZQG8TXLH.DEFAULT\EXTENSIONS\MOVEPLAYER@MOVENETWORKS.COM\PLATFORM\WINNT_X86-MSVC\PLUGINS\NPMNQMP07074039.DLL




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users