Submit Your Article Forum Rules FAQ About Us
Search the forums:

Tech Support Team

Join Now!Nav Seperator FAQNav Seperator GalleryNav Seperator TutorialsNav Seperator BlogNav Seperator SearchNav Seperator Today's PostsNav Seperator Mark Forums ReadNav Seperator Navigation Right

Hello and Welcome to Tech Support Team! Before you can start posting and answering questions, you'll have to register. Registration is fast, simple and absolutely free! Feel free to browse through existing questions by choosing the forum you want to visit below.


Tech Support Team » Malware Removal & Security » Malware Removal » FakeAdvert Trojan, possibly partially fixed

Notices
Before creating a new thread, we ask that you please read our Removal guide first: Malware Removal Guide - Read Before Posting. We also advise you reading this thread before continuing: P2P programs - please remove before posting for help

NOTE: NEVER follow someone elses fix. Just because the symptoms may appear to be the same, it does NOT mean your system has the same malware infection. ALWAYS start a new thread so that a member of our Security Team can take you through the steps of cleaning your computer.

Reply
Thread Tools
 
  #1 (permalink)   Top
Old 12th April 2011, 03:33 AM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
FakeAdvert Trojan, possibly partially fixed
Hello tech support team

A week or so ago I aquired a virus. It took up all my hard drive space and caused my computer to shutdown after a few minutes whenever I logged in. It also disabled my task manager. I changed the file attribute to "hidden" for ALL of my files, so my desktop became barren. Speaking of the desktop it removed or hid that too(the picture I mean) I think it also does something involving running the virus(es) using Internet Explorer? Every so often I'd get error messages saying the script couldn't be read on an internet explorer web page (different often times)

I used tasklist in cmd to get to my task manager and end an unrecognized process (I often look at my task manager, so I know what usually is running) This so far has killed the complete use of my hard drive space, so my computer stays on.

I changed the hidden attribute off so my files are back.

I cleared my temp files in windows, internet, and local files.

I've run super spyware free, macafee, and malaware bytes several times. Everytime they were run they'd remove more FakeAdvert or simular trojan viruses.

Running super spyware also fixed my task manager so it's no longer disabled.

So as far as I can tell, the only remaining portion is the internet explorer part, which seems to continuously resupply my FakeAdvert virus supply >.<

Otherwise I was going to come to you to ensure I'd cleared the viruses permanently. You helped me a ton in the past

***** LOGS *****

**Super spyware**

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 04/11/2011 at 08:56 PM

Application Version : 4.33.1000

Core Rules Database Version : 6814
Trace Rules Database Version: 4626

Scan type : Complete Scan
Total Scan Time : 00:40:53

Memory items scanned : 598
Memory threats detected : 0
Registry items scanned : 6343
Registry threats detected : 0
File items scanned : 35524
File threats detected : 42

Adware.Tracking Cookie
C:\Documents and Settings\pgaegler\Cookies\pgaegler@mediabrandsww[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@insightexpressa i[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@educationcom.11 2.2o7[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@content.yieldma nager[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@imrworldwide[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@dc.tremormedia[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@track.justforco ndos[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@media6degrees[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.blogtalkrad io[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adlegend[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@revsci[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@serving-sys[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adserver.adtech us[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.undertone[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.clickbow l[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@specificmedia[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.pointroll[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.seekfind s[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.hippofin d[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.clickwha le[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@specificclick[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.findxml[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@a1.interclick[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@user.lucidmedia[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.lycos[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@collective-media[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adbrite[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.bighealthtr ee[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@questionmarket[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@cdn.jemamedia[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@advertise[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@tribalfusion[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@search.boltfind[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@pointroll[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@2o7[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adxpose[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ru4[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@realmedia[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@interclick[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@content.yieldma nager[3].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@invitemedia[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@bs.serving-sys[2].txt


***Malware Bytes***

Malwarebytes' Anti-Malware 1.46
Malwarebytes

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/11/2011 7:40:25 PM
mbam-log-2011-04-11 (19-40-25).txt

Scan type: Full scan (C:\|)
Objects scanned: 213331
Time elapsed: 49 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


***Crusty.exe(hjt)***

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:21, on 4/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\WINDOWS\system32\WebUpdateSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\Crusty.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrB kGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBa ttLog
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe " -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.su.edu
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = su.edu
O17 - HKLM\Software\..\Telephony: DomainName = su.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = su.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = su.edu
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = su.edu
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: SSIRuntimeService - Unknown owner - C:\Program Files\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe (file missing)
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: Web Update Service by PowerProgrammer (WebUpdate) - Data Perceptions / PowerProgrammer - C:\WINDOWS\system32\WebUpdateSvc.exe

--
End of file - 10952 bytes


Thanks all and let me know what to do
Last edited by Patient Kain; 12th April 2011 at 03:52 AM.
Reply With Quote
  #2 (permalink)   Top
Old 12th April 2011, 03:44 AM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
__Internet Explorer Script Error___

! An error has occured in the script on this page.

Line: 76
Char: 1
Error: 'win2' is null or not an object
Code: 0
URL: http:// (((obviously don't click the site or go to it))) searchresults.iqnetsearch.com/affinity_link_heavy.html?vw=aef394f2a7960b75f7942d 1db284fe9c]Untitled Document[/url]

Do you want to continue running scripts on this page?

_Yes_ _No_


^^^^^^Just got that error message box popped up, I think it's the work of the virus(es)

PS I don't even use IE, I use firefox

Openened my computer today and another IE script thing from this site: edge.aperture.displaymarketplace.com/audmeasure.gif?liveConClientID=4316443142505&Pixel ID=186

Another just now:
line: 53
Char: 3
Error: Object required
Code: 0
URL: http:// trafficking.nabbr.com/generate_preview/1/847?autoplay=1

Again, obviusly do not visit the sites! lol
Last edited by Patient Kain; 12th April 2011 at 07:10 PM.
Reply With Quote
  #3 (permalink)   Top
Old 13th April 2011, 02:25 AM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 04/12/2011 at 09:01 PM

Application Version : 4.33.1000

Core Rules Database Version : 6822
Trace Rules Database Version: 4634

Scan type : Complete Scan
Total Scan Time : 00:36:08

Memory items scanned : 584
Memory threats detected : 0
Registry items scanned : 5977
Registry threats detected : 0
File items scanned : 35653
File threats detected : 10

Adware.Tracking Cookie
C:\Documents and Settings\pgaegler\Cookies\pgaegler@mediabrandsww[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@media6degrees[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adserver.adtech us[2].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@ads.pubmatic[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adbrite[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@trafficking.nab br[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adxpose[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@invitemedia[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@adserver.adtech us[1].txt
C:\Documents and Settings\pgaegler\Cookies\pgaegler@findology[1].txt
Reply With Quote
  #4 (permalink)   Top
Old 13th April 2011, 02:27 AM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
I am wondering, is it safe too use my computer like normal? Will the virus potentially steal passwords or keylog? :O

Thanks in advance
Reply With Quote
  #5 (permalink)   Top
Old 13th April 2011, 11:03 PM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
candystand.com/play-random-game/trident-layers-factory?utm_source=adon_www.searchnecessary.org&ut m_medium=cpc&utm_campaign=adon9_568729_257127_1139 73_21983_

Another of those pesky IE script error things
Reply With Quote
  #6 (permalink)   Top
Old 17th May 2011, 12:19 AM
Patient Kain's Avatar
Newcomer
  
Join Date: Jun 2009, 31 posts.
Reputation: Patient Kain is on a distinguished road
Got a new computer :P Problem solved! Lol
Reply With Quote
Reply

Only registered members can participate in forum threads. You must register or log in to contribute.


« Previous Thread | Next Thread »
Thread Tools

Forum Jump


All times are GMT. The time now is 09:08 PM.

Contact Us - Tech Support Team - Terms of Service - Top


Member Login
Forgot Password?



Post A Question!
Useful Links
Main Menu
Home
Forum Rules
FAQ
About Us
Welcome Pack
Search the forums
TST Mobile
Contact Us
Send Message

These are the 8 most used thread tags
Tag Cloud
geforce modem monitor no ring response no signal nvidia soft modem win7
Copyright © Tech Support Team, Inc. All rights reserved.
TechSupportTeam.org is an Privacy Policy and Legal Powered by vBulletin® Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 ©2008, Crawlability, Inc.