Results 1 to 6 of 6
  1. #1
    Member
    Join Date
    Jan 2013
    Posts
    2
    Points
    0

    Question Help Please everytime I scan the computer with Malwarebytes I get the same results

    Help please everytime I run Malwarebytes scan this message keeps popping up and then it "supposedly" removes it then it requires I restart the computer, I do that and then run another scan and magically it reappears. This is the message I am getting: Trojan.0Access Registry Data HKCR\CLSID\{5839fca9-774d-42a1-acda-d6a79037f57f}\inprocserver321
    I am not really all that proficient in computers when it comes to the removal of trojans and viruses, but i thought that was what the antivirus and malwarebytes scans were suppose to do and this isn't getting removed. I also had Symantec on my computer one day the next day it was gone. I don't know what happened to it. So I have ran the scans that I was told to do when I started this post and here are the results, Can someone Please Help Me with this situation.

    This is the results from the Malwrebytes scan:

    Malwarebytes Anti-Malware 1.70.0.1100
    Malwarebytes : Free anti-malware download

    Database version: v2013.01.06.03

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 8.0.7601.17514
    Front Desk Left :: FL023-2 [administrator]

    1/6/2013 7:46:51 AM
    mbam-log-2013-01-06 (07-46-51).txt

    Scan type: Full scan (C:\|D:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 287256
    Time elapsed: 31 minute(s), 10 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 1
    HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-18\$b3251e8568dbcb7c30b2518bc7991aab\n.) Good: (fastprox.dll) -> Delete on reboot.

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    This is the results from first scan:
    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 01/09/2013 at 11:58 AM

    Application Version : 5.6.1014

    Core Rules Database Version : 9846
    Trace Rules Database Version: 7658

    Scan type : Complete Scan
    Total Scan Time : 00:33:15

    Operating System Information
    Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 627
    Memory threats detected : 0
    Registry items scanned : 36602
    Registry threats detected : 0
    File items scanned : 126973
    File threats detected : 198

    Adware.Tracking Cookie
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\OTM33RL6.txt [ /ads.adk2.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\6AEQ4138.txt [ /doubleclick.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\8FIAJ8WW.txt [ /www.burstnet.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\YTIYWUPL.txt [ /7.rotator.wigetmedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\RMS61XMU.txt [ /realmedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\NBJQYKDI.txt [ /collective-media.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\UO2A83CG.txt [ /mediaplayercom.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\Q0Q8GYJU.txt [ /atwola.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\1OYLKMUZ.txt [ /ar.atwola.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\1ID4FUFB.txt [ /bs.serving-sys.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\5YHWB9B2.txt [ /burstnet.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\SGZ0LUCO.txt [ /ads.pubmatic.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\FD5LLCFU.txt [ /yieldmanager.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\M9HRQAVT.txt [ /lfstmedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\C3ZW9I6F.txt [ /interclick.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\YUA5PU3I.txt [ /7.rotator.trafficbee.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\IWEIWVD6.txt [ /invitemedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\SAAOA1FJ.txt [ /clicksor.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\Q3ZTXPAC.txt [ /dc.tremormedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\PLVXOM6S.txt [ /zedo.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\WDHMSK90.txt [ /mediaplex.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\TFC3QXDF.txt [ /pro-market.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\NGLWC74S.txt [ /apmebf.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\CIQFU7D2.txt [ /revsci.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\XRQ2G6MW.txt [ /ads.redorbit.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\RGZ6YKRB.txt [ /clickbank.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\S3LWT027.txt [ /ads.creative-serving.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\CD0Z4Y2Y.txt [ /network.realmedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\FGOS9XL3.txt [ /adbrite.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\OW63GW33.txt [ /myroitracking.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\LMZMYODU.txt [ /tribalfusion.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\0AHX0ZNV.txt [ /atdmt.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\3SSAE1KE.txt [ /questionmarket.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\C15SP9NN.txt [ /track.adform.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\5BEL7AQQ.txt [ /specificclick.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\6I8T4WNJ.txt [ /fastclick.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\ZWBPGMCQ.txt [ /imrworldwide.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\6U5PIL2T.txt [ /ads.pointroll.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\NYKN38J7.txt [ /advertising.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\P50VSKHN.txt [ /ad.yieldmanager.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\T3DJZPXY.txt [ /tacoda.at.atwola.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\HRO3UA36.txt [ /realnetworks.112.2o7.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\IMALSS6O.txt [ /casalemedia.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\XGYJM87S.txt [ /serving-sys.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\10EUMJMZ.txt [ /adtechus.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\34RPTPVR.txt [ /media6degrees.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\5ZTUMG77.txt [ /yadro.ru ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\B5QIJ420.txt [ /ads.us.e-planning.net ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\LWJZC613.txt [ /a1.interclick.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\DJ1K5S2Z.txt [ /pointroll.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\UO0W10RV.txt [ /ad.mlnadvertising.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\H5PSALRB.txt [ /ru4.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\GUXSQMMP.txt [ /at.atwola.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\OUGN7L62.txt [ /insightexpressai.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\BSSA3ZUG.txt [ /statcounter.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\23ZMMW26.txt [ /amazon-adsystem.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\KYWETEGL.txt [ /redorbit.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\QSUYNE99.txt [ /gr.burstnet.com ]
    C:\Users\Front Desk Left\AppData\Roaming\Microsoft\Windows\Cookies\W61H1SFU.txt [ /ads.undertone.com ]
    C:\USERS\FRONT DESK LEFT\Cookies\8FIAJ8WW.txt [ Cookie:front desk left@www.burstnet.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\NBJQYKDI.txt [ Cookie:front desk left@collective-media.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\UO2A83CG.txt [ Cookie:front desk left@mediaplayercom.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\1OYLKMUZ.txt [ Cookie:front desk left@ar.atwola.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\1ID4FUFB.txt [ Cookie:front desk left@bs.serving-sys.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\FD5LLCFU.txt [ Cookie:front desk left@yieldmanager.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\M9HRQAVT.txt [ Cookie:front desk left@lfstmedia.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\C3ZW9I6F.txt [ Cookie:front desk left@interclick.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\YUA5PU3I.txt [ Cookie:front desk left@7.rotator.trafficbee.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\SAAOA1FJ.txt [ Cookie:front desk left@clicksor.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\Q3ZTXPAC.txt [ Cookie:front desk left@dc.tremormedia.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\PLVXOM6S.txt [ Cookie:front desk left@zedo.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\WDHMSK90.txt [ Cookie:front desk left@mediaplex.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\NGLWC74S.txt [ Cookie:front desk left@apmebf.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\CIQFU7D2.txt [ Cookie:front desk left@revsci.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\XRQ2G6MW.txt [ Cookie:front desk left@ads.redorbit.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\RGZ6YKRB.txt [ Cookie:front desk left@clickbank.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\CD0Z4Y2Y.txt [ Cookie:front desk left@network.realmedia.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\FGOS9XL3.txt [ Cookie:front desk left@adbrite.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\OW63GW33.txt [ Cookie:front desk left@myroitracking.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\LMZMYODU.txt [ Cookie:front desk left@tribalfusion.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\0AHX0ZNV.txt [ Cookie:front desk left@atdmt.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\3SSAE1KE.txt [ Cookie:front desk left@questionmarket.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\C15SP9NN.txt [ Cookie:front desk left@track.adform.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\5BEL7AQQ.txt [ Cookie:front desk left@specificclick.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\6I8T4WNJ.txt [ Cookie:front desk left@fastclick.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\ZWBPGMCQ.txt [ Cookie:front desk left@imrworldwide.com/cgi-bin ]
    C:\USERS\FRONT DESK LEFT\Cookies\6U5PIL2T.txt [ Cookie:front desk left@ads.pointroll.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\NYKN38J7.txt [ Cookie:front desk left@advertising.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\P50VSKHN.txt [ Cookie:front desk left@ad.yieldmanager.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\T3DJZPXY.txt [ Cookie:front desk left@tacoda.at.atwola.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\HRO3UA36.txt [ Cookie:front desk left@realnetworks.112.2o7.net/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\IMALSS6O.txt [ Cookie:front desk left@casalemedia.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\XGYJM87S.txt [ Cookie:front desk left@serving-sys.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\10EUMJMZ.txt [ Cookie:front desk left@adtechus.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\34RPTPVR.txt [ Cookie:front desk left@media6degrees.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\5ZTUMG77.txt [ Cookie:front desk left@yadro.ru/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\LWJZC613.txt [ Cookie:front desk left@a1.interclick.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\DJ1K5S2Z.txt [ Cookie:front desk left@pointroll.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\H5PSALRB.txt [ Cookie:front desk left@ru4.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\GUXSQMMP.txt [ Cookie:front desk left@at.atwola.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\KYWETEGL.txt [ Cookie:front desk left@redorbit.com/ ]
    C:\USERS\FRONT DESK LEFT\Cookies\QSUYNE99.txt [ Cookie:front desk left@gr.burstnet.com/ ]
    ia.media-imdb.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8F8RW99F ]
    objects.tremormedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8F8RW99F ]
    stat.to.cupidplc.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8F8RW99F ]
    www.googleadservices.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    webstats.aetna.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    webstats.aetna.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .tracking.dsmmadvantage.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    Health Insurance Quote - Medical Insurance Quotes for Affordable Health Plans [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6aekywpc5oeo.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wmkywmcjeho.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6whk4elazabo.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wnmyspdzoap.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .counter.inkfrog.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wmmykkazifq.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6afkyqnd5kcp.stats.esomniture.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    intermediaceli.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    intermediaceli.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.trafficbee.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.trafficbee.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.trafficbee.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.wigetmedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.wigetmedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    7.rotator.wigetmedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\FRONT DESK LEFT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X2Y4LOOQ.DEFAULT\COOKIES.SQLITE ]

    This is the results from the HijackThis scan:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:50:46 PM, on 1/9/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\Front Desk Left\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYP42NRO\HijackThis[1].exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\notepad.exe
    C:\Windows\system32\taskeng.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
    O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: dkab_device - - C:\Windows\system32\DKabcoms.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    --
    End of file - 6569 bytes
    Last edited by wahiya; 01-09-2013 at 02:01 PM.

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello wahiya,
    • Welcome to Help2Go.
    • My name is fireman4it and I will be helping you with your Malware problem.

      Please take note of some guidelines for this fix:
    • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
    • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
    • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
    • Finally, please reply using the Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
    • I will be analyzing your log. I will get back to you with instructions.



    Do you have a USB Flash Drive you can use?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member
    Join Date
    Jan 2013
    Posts
    2
    Points
    0

    Default

    yes i do have a flash drive but i always worry about getting a virus on it from an infected computer

  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.


    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.


    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.


    On the System Recovery Options menu you will get the following options:
      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    Are you still there?

    If you are please follow the instructions in my previous post.

    If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

    Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

    Thanks for understanding

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    There had been no reply from the topic starter in 5 days. Due to inactivity, this topic is now closed.
    If you are the topic starter and need this topic reopened, send me a message.

    Everyone else, please begin a new topic.

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-