Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is it Malware or bad disc


  • Please log in to reply
33 replies to this topic

#1 Moeever

Moeever

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 08 April 2012 - 02:02 PM

Several programs flash to Not Responding then go white then start running. You can see them on task manager going back and forth running, not running and cpu performance started showing huge usage by Firefox and then svchost and other pograms. It started with browsers, Mozilla Firefox first, Explorer, then I added pale moon which was more stable but started there too. Includes Media Player and Windows games, but it is getting worse with Open Office and Roxio and Media Monkey now going into not responding flashes. After awhile using browsers they tend to get stable. I have run malware, RKill, chkdsk, TDSSKiller, and SAS. While some trojan and malware items have been identified and cleaned the program is getting worse. I have Norton 360 and stopped its firewall in favor of Windows firewall. I have done a lot of CD ripping and results are getting bad. I have an HP Pavilion laptop about 3 years old so isn't it more likely the drive going bad?
Moeever

Edited by Moeever, 08 April 2012 - 02:17 PM.


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 08 April 2012 - 02:18 PM

Can you please post the logs from your scans?

#3 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 08 April 2012 - 03:02 PM

19:24:21.0029 2592 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
19:24:22.0712 2592 ============================================================
19:24:22.0712 2592 Current date / time: 2012/03/17 19:24:22.0712
19:24:22.0712 2592 SystemInfo:
19:24:22.0712 2592
19:24:22.0713 2592 OS Version: 6.1.7601 ServicePack: 1.0
19:24:22.0713 2592 Product type: Workstation
19:24:22.0713 2592 ComputerName: AHRUSKA-PC
19:24:22.0714 2592 UserName: A. Hruska
19:24:22.0714 2592 Windows directory: C:\Windows
19:24:22.0714 2592 System windows directory: C:\Windows
19:24:22.0714 2592 Running under WOW64
19:24:22.0714 2592 Processor architecture: Intel x64
19:24:22.0714 2592 Number of processors: 2
19:24:22.0715 2592 Page size: 0x1000
19:24:22.0715 2592 Boot type: Normal boot
19:24:22.0715 2592 ============================================================
19:24:27.0452 2592 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:24:27.0483 2592 \Device\Harddisk0\DR0:
19:24:27.0495 2592 MBR used
19:24:27.0495 2592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23812000
19:24:27.0495 2592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23812800, BlocksNum 0x1C1A800
19:24:28.0013 2592 Initialize success
19:35:34.0806 2384 Scan finished
19:35:34.0806 2384 ============================================================
19:35:34.0853 2456 Detected object count: 0
19:35:34.0853 2456 Actual detected object count: 0
19:36:33.0072 0352 Deinitialize success
If you need actual scan results, please advise. Gave you beginning and end

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 04/07/2012 at 15:49:48.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe


Rkill completed on 04/07/2012 at 15:51:25.

Edited by Moeever, 08 April 2012 - 04:22 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 08 April 2012 - 03:08 PM

Please run Malwarebytes and Super Anti-Spyware and post the logs.

#5 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 08 April 2012 - 03:18 PM

Here's the original Malwarebytes. SAS is running on an external drive will send original when that is finished.
Malwarebytes Anti-Malware (PRO) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.31.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
A. Hruska :: AHRUSKA-PC [administrator]

Protection: Disabled

3/31/2012 7:29:45 PM
mbam-log-2012-03-31 (19-29-45).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 440671
Time elapsed: 4 hour(s), 13 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 08 April 2012 - 03:19 PM

Since the scans are over a week old, can you redo the scans, and is this drive from another machine?

#7 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 08 April 2012 - 08:26 PM

Here's the SAS Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/08/2012 at 00:35 AM

Application Version : 5.0.1146

Core Rules Database Version : 8424
Trace Rules Database Version: 6236

Scan type : Complete Scan
Total Scan Time : 07:43:45

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 667
Memory threats detected : 0
Registry items scanned : 67927
Registry threats detected : 2
File items scanned : 287678
File threats detected : 166

Adware.Tracking Cookie
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\NWV1IRZ3.txt [ /invitemedia.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\8DQICJQL.txt [ /mediaplex.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\ZHCG8195.txt [ /accounts.youtube.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\TL7PB3E2.txt [ /amazon-adsystem.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\SP6I7PJH.txt [ /apmebf.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\P70WA1X4.txt [ /microsoftsto.112.2o7.net ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\9D2SJOMX.txt [ /accounts.google.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\OAQ8PZXK.txt [ /atdmt.com ]
C:\Users\A. Hruska\AppData\Roaming\Microsoft\Windows\Cookies\ZP7W40R7.txt [ /doubleclick.net ]
C:\USERS\A. HRUSKA\Cookies\8DQICJQL.txt [ Cookie:a. hruska@mediaplex.com/ ]
C:\USERS\A. HRUSKA\Cookies\ZHCG8195.txt [ Cookie:a. hruska@accounts.youtube.com/accounts ]
C:\USERS\A. HRUSKA\Cookies\SP6I7PJH.txt [ Cookie:a. hruska@apmebf.com/ ]
C:\USERS\A. HRUSKA\Cookies\P70WA1X4.txt [ Cookie:a. hruska@microsoftsto.112.2o7.net/ ]
C:\USERS\A. HRUSKA\Cookies\9D2SJOMX.txt [ Cookie:a. hruska@accounts.google.com/ ]
C:\USERS\A. HRUSKA\Cookies\OAQ8PZXK.txt [ Cookie:a. hruska@atdmt.com/ ]
C:\USERS\A. HRUSKA\Cookies\ZP7W40R7.txt [ Cookie:a. hruska@doubleclick.net/ ]
core.insightexpressai.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UVEZ895Q ]
konac.kontera.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\UVEZ895Q ]
accounts.youtube.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.usatoday1.112.2o7.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.idgenterprise.112.2o7.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.estat.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.linksynergy.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
sales.liveperson.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\A. HRUSKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KNN3AM3Q.MO\COOKIES.SQLITE ]

Adware.Zugo
(x86) HKU\S-1-5-21-96734591-3152791261-1517739710-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}

Trojan.Agent/Gen-Tracur
C:\PROGRAM FILES (X86)\STUMBLEUPON\PREUNINSTALL.EXE

Trojan.Agent/Gen-Toggle
C:\USERS\A. HRUSKA\PICTURES\INSTALLER_ADOBE_PHOTOSHOP.EXE

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 11 April 2012 - 01:02 PM

SAS Found 3 issues, but only 2 of them look like false positives.

Please perform the following, so that we can get the exact specs of your computer. This will better assist us in helping you more.

Publish a Snapshot using Speccy

The below is for those who cannot get online

Please take caution when attaching a text file to your post if you cannot copy/paste the link to your post, you will need to edit it to make sure that your Windows Key is not present.

#9 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 April 2012 - 01:59 PM

http://speccy.piriform.com/results/bo2G4A8mgUNt6eT3A041RZj

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 11 April 2012 - 02:09 PM

I see that you are using Norton, I would like for you to remove it and install something much much better like Avast or MSE.

Norton Removal Tool

Then I would like for you download and burn to a CD Seagate SeaTools from http://www.seagate.com and perform a drive test.

#11 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 April 2012 - 04:58 PM

I will be out of town until next Tues so will proceed at that time. Thanks.

#12 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 April 2012 - 01:56 PM

There has been a change of plans so I will be here and able to proceed with issue. However, I have a long history with Norton and another 4 months on subscription for this and other computers. Please let me know your reasoning for deleting.

#13 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 12 April 2012 - 01:58 PM

Norton is not as good of a program as people make it out to be. It is notorious for causing issues and slowing down systems to a halt.

#14 Moeever

Moeever
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 April 2012 - 02:35 PM

So which do you recommend?

#15 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:30 AM

Posted 12 April 2012 - 02:40 PM

I recommend Microsoft security essentials




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users