Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random radio stations running all at once


  • Please log in to reply
25 replies to this topic

#1 radioblast

radioblast

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 08:43 AM

Hello -

Two days ago my PC started playing random radio stations at once and I can't seem to find any virus through Norton. I ran Malwarebytes which found nothing and I've tried 4 different Restore System points. The restore points give me an error message that it did not complete successfully. My system is Win 7 Home Premium, 32-bit.

 

As the PC is running right now Norton has quickly shown it has blocked a couple of attacks and I wasn't able to write the name down quick enough, but they stated the attacks were blocked.

 

The radio stations are running right now and slowing my system down.

 

Please let me know if I need to provide additional information and if you're able to help.

 

Thank you for your time.

radioblast



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 03 August 2013 - 08:44 AM

:welcome:

 

Let's have a look..

 

:step1:  Install and run MBAM

 

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 12:24 PM

Thank you for the reply. I've run the full Malwarebytes and attaching the information below. The radio stations continue to play so I will now start on the TDSSKiller and report back the information here.

 

Thanks again,

radioblast

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Cathy-PC :: HOMEPC [administrator]

8/3/2013 10:04:17 AM
mbam-log-2013-08-03 (10-04-17).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 584094
Time elapsed: 2 hour(s), 58 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\Users\Cathy-PC\Downloads\U_0332_01_L.msi (PUP.Optional.AskToolbar) -> No action taken.
C:\Windows\Installer\60d8a85.msi (PUP.Optional.AskToolbar) -> No action taken.
C:\Program Files\NCSoft\Aion\bin32\game.dll (Malware.Packer.T) -> Quarantined and deleted successfully.
C:\ProgramData\9co6z3.dat (Malware.Packer.PEX) -> Quarantined and deleted successfully.
c:\users\paul\appdata\local\temp\301.tmp (Trojan.FakeAlert.ED) -> Quarantined and deleted successfully.
C:\Users\Paul\AppData\Local\Temp\878D.tmp (Trojan.FakeAlert.ED) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\5ff16f4d-2dc8dff4 (Malware.Packer.PEX) -> Quarantined and deleted successfully.
C:\Windows\Temp\ksmvidsfqyxwimtdfgc.bfg (Malware.Packer.PEX) -> Quarantined and deleted successfully.

(end)



#4 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 03 August 2013 - 12:26 PM

I suspect TDSSKiller will find Rootkit.Harbinger, this is mostly a cause of the radio stations you're hearing. If it find it, you may cure it.


Edited by GodfatherKing, 03 August 2013 - 12:27 PM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#5 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 12:53 PM

That was it. Rootkit.boot.harbinger.a..... cured and sounds now gone.

 

And although my Norton is on and running I still have the Red X flag on the toolbar in the action center telling me Spyware (important) and Network firewall (important)... as if they aren't on?

 

Thank you again.



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 03 August 2013 - 01:04 PM

We are not done yet...

 

:step1: First rerun MBAM (post again the log)

 

:step2: Download SUPERAntiSpyware Free (aka SAS)

  •  Double-click SAS -setup.exe and follow the prompts to install the program.
  • At the end, be sure to Check for Updates to be sure it is current
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log back here.
  • Be sure to reboot the computer after you post the log.

:step3: Proceed with instructions giving for ESET.

 

Your question about Norton has to do with the infection that has damage it. We'll re install it, but not now. First removing malware.


Edited by GodfatherKing, 03 August 2013 - 01:05 PM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 01:13 PM

Ok - rerun the full Malwarebytes? Will be 3 hours before I post again, but I'll do it if the quick scan won't do.

 

Thanks,

radioblast



#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 03 August 2013 - 01:14 PM

Yes, but this time put everything in quarantine. 


Edited by GodfatherKing, 03 August 2013 - 01:14 PM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 01:17 PM

Will do. I'll post back here when all is completed.

radioblast



#10 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 03 August 2013 - 01:22 PM

:thumbup2: Perfect. Just do the scan at your own speed, we're not doing a fast contest.  :bounce:

 

I will see it probably tomorrow. 

Have good and nice evening.  


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#11 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 04:23 PM

Got the Malwarebytes completed and posting below. Will run the SuperAnti..... coming up.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.03.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Cathy-PC :: HOMEPC [administrator]

8/3/2013 2:18:43 PM
mbam-log-2013-08-03 (14-18-43).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 583667
Time elapsed: 2 hour(s), 23 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Cathy-PC\Downloads\U_0332_01_L.msi (PUP.Optional.AskToolbar) -> Quarantined and deleted successfully.
C:\Windows\Installer\60d8a85.msi (PUP.Optional.AskToolbar) -> Quarantined and deleted successfully.

(end)



#12 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 03 August 2013 - 05:03 PM

All in quarantine ... post from SuperAntiSpyware and ready to reboot.

Thank you again

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/03/2013 at 05:36 PM

Application Version : 5.6.1020

Core Rules Database Version : 10665
Trace Rules Database Version: 8477

Scan type       : Quick Scan
Total Scan Time : 00:09:24

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 752
Memory threats detected   : 0
Registry items scanned    : 32278
Registry threats detected : 0
File items scanned        : 8186
File threats detected     : 178

Adware.Tracking Cookie
 C:\Users\Cathy-PC\AppData\Roaming\Microsoft\Windows\Cookies\cathy_facciolo@ads.tentonhammer[1].txt [ /ads.tentonhammer ]
 C:\Users\Cathy-PC\AppData\Roaming\Microsoft\Windows\Cookies\DZZ2UXDU.txt [ /account.station.sony.com ]
 .fastclick.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .mm.chitika.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adbrite.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .apmebf.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.sexyhair.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.sexyhair.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.sexyhair.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.sexyhair.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 tracking.waterfrontmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .nextag.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .nextag.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .nextag.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .nextag.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .insightexpressai.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 statse.webtrendslive.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .getclicky.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .static.getclicky.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 in.getclicky.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .statcounter.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .liveperson.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .liveperson.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 sales.liveperson.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 bayerhfcu.onlineaccounts.org [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .specificclick.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .247realmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 oasc09.247realmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .serving-sys.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .2o7.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .2o7.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .advertising.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adxpose.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .yieldmanager.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adtech.de [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .questionmarket.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .questionmarket.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.adtech.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adtech.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adtech.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adtech.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .lucidmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .revsci.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adbrite.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.addynamix.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .collective-media.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pro-market.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 accounts.youtube.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .accounts.google.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .realmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .realmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 network.realmedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .apmebf.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .mediaplex.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .mediaplex.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .www.burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .adbrite.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .tribalfusion.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.burstnet.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 fidelity.rotator.hadj7.adjuggler.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .a1.interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .interclick.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 accounts.google.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 click.sureonlinefind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 click.sureonlinefind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .advertising.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .advertising.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .tacoda.at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .tacoda.at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .tacoda.at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .tacoda.at.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ar.atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .advertising.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atwola.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 www.symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .symptomfind.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .doubleclick.net [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\CATHY-PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]



#13 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 04 August 2013 - 07:27 AM

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

==

 

Now you'll need to reinstall Norton, because it isn't working good more. So remove it and then reinstall it.

 

==

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


Edited by GodfatherKing, 04 August 2013 - 07:31 AM.

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#14 radioblast

radioblast
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 04 August 2013 - 10:59 AM

Ok, when I turned on the PC this morning SAS wanted to run so I allowed it and it picked up more, posted below. I'll make sure Windows, Java, Adobe and Flash are all updated then work on the Security Check.

I noticed that SAS went off before I could tell it to delete or quarantine the Trojans. Is there a way I can do that now?

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/04/2013 at 11:49 AM

Application Version : 5.6.1020

Core Rules Database Version : 10666
Trace Rules Database Version: 8478

Scan type       : Complete Scan
Total Scan Time : 02:30:01

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 730
Memory threats detected   : 0
Registry items scanned    : 40492
Registry threats detected : 0
File items scanned        : 235374
File threats detected     : 21

Trojan.Agent/Gen-StartPage
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1008\A0127928.EXE
 C:\SYSTEM VOLUME INFORMATION\_RESTORE{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1008\A0127932.EXE

Adware.Tracking Cookie
 account.goodgamestudios.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 cdn.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 click.searchnation.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 content-ssl.yieldmanager.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 content.flashtrackz.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 content.yieldmanager.edgesuite.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 convoad.technoratimedia.net [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 core.insightexpressai.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 flashtrackz.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 media.mtvnservices.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 media.y8.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 media1.break.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 objects.tremormedia.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 secure-us.imrworldwide.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 swf.trustorymedia.netdna-cdn.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 tracking.empowernetwork.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 www.crackle.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]
 www.entrepreneur.com [ C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\MSUTDYC6 ]



#15 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:36 AM

Posted 04 August 2013 - 11:00 AM

Download Malwarebytes Anti-Rootkit from HERE to your Desktop.

  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users