adload_r.akj trojan

Question

Using AVG Free.  Google, IE, and now Firefox redirecting.  Scan captured adload_r one time but does not now.  Must run rkill to get virus stopped then it comes right back.  Have current version of MSRT, AVG,   Cannot seem to get rid of malware.  thx.  Dell Servce tag: Service tag removed per privacy policy > Inspiron mini windows 7 Logfile of Trend Micro HijackThis v2.0.4Scan saved at 10:31:31 PM, on 1/11/2011Platform: Windows 7  (WinNT 6.00.3504)MSIE: Internet Explorer v9.00 (9.00.7930.16406)Boot mode: NormalRunning processes:C:\Windows\system32	askhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Dell\DellDock\DellDock.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXEC:\Windows\system32\igfxsrvc.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\WSED\WSED.exeC:\Program Files\CapsLKNotify\CapsLKNotify.exeC:\Program Files\syncables\syncables desktop\syncables.exeC:\Program Files\Dell Support Center\bin\sprtcmd.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVG\AVG10\avgtray.exeC:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exeC:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exeC:\Windows\system32\conhost.exeC:\Program Files\syncables\syncables desktop\jre\bin\javaw.exeC:\Program Files\syncables\syncables desktop\OTiSyncApp.exeC:\Program Files\AVG\AVG10\avgui.exeC:\Windows\system32	askhost.exeC:\virus removal\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0
pwinext.dllO2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0
pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0
pwinext.dllO4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -sO4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exeO4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exeO4 - HKLM\..\Run: [WSED] C:\Program Files\WSED\WSED.exeO4 - HKLM\..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exeO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] 'C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe'O4 - HKLM\..\Run: [Syncables] C:\Program Files\syncables\syncables desktop\syncables.exeO4 - HKLM\..\Run: [dellsupportcenter] 'C:\Program Files\Dell Support Center\bin\sprtcmd.exe' /P dellsupportcenterO4 - HKLM\..\Run: [SunJavaUpdateSched] 'C:\Program Files\Common Files\Java\Java Update\jusched.exe'O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] 'C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe' /runcleanupscriptO4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exeO4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exeO4 - Global Startup: SRS Premium Sound.lnk = ?O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dllO18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dllO23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exeO23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exeO23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exeO23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exeO23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE--End of file - 8109 bytes

bamajim · Answer

I see you have installed MalwareBytes AnitMalware.

Please post the last log from MBAM

To do that; Open MalwareBytes ->> Select Logs ->> Then Open the last log.

Copy and paste the results in your reply.

tcasterman · Answer

MalwareBytes, last log

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5504

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1/11/2011 1:24:56 PM
mbam-log-2011-01-11 (13-24-56).txt

Scan type: Full scan (C:\|)
Objects scanned: 235306
Time elapsed: 1 hour(s), 34 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

================end malwarebytes log =========================================

AVG Scan log (last)

"Scan ""Whole computer scan"" completed."
"Infections";"2";"1";"1"
"Warnings";"81";"81";"0"
"Folders selected for scanning:";"Whole computer scan"
"Scan started:";"Tuesday, January 11, 2011, 10:55:54 PM"
"Scan finished:";"Tuesday, January 11, 2011, 11:18:04 PM (22 minute(s) 9 second(s))"
"Total object scanned:";"690124"
"User who launched the scan:";"George"

"Infections"
"";"File";"Infection";"Result"
"";"C:\Windows\explorer.exe (3400):\memory_00010000";"Trojan horse Adload_r.AKJ";"Object is inaccessible."
"";"C:\Windows\explorer.exe (3400)";"Trojan horse Adload_r.AKJ";""

"Warnings"
"";"File";"Infection";"Result"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt:\zedo.com.dd15d628";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt:\zedo.com.cef1c7af";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt:\zedo.com.c1dd09f2";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt:\zedo.com.a5b6a132";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt:\zedo.com.27f1639b";"Found Tracking cookie.Zedo";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@zedo[3].txt";"Found Tracking cookie.Zedo";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@tribalfusion[4].txt:\tribalfusion.com.dcc03271";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@tribalfusion[4].txt";"Found Tracking cookie.Tribalfusion";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@tribalfusion[3].txt:\tribalfusion.com.dcc03271";"Found Tracking cookie.Tribalfusion";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@tribalfusion[3].txt";"Found Tracking cookie.Tribalfusion";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.f3e5803e";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.e2e71e33";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.dcfed39c";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.ae53b8b";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.a00e30b4";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt:\trafficmp.com.37644bdb";"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@trafficmp[3].txt";"Found Tracking cookie.Trafficmp";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.db46cecc";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.ac41fe5a";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.6a1cf9e8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.606c3d3b";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.4b416ef8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.400f83f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt:\serving-sys.com.255d6f2f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@serving-sys[2].txt";"Found Tracking cookie.Serving-sys";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt:\ru4.com.c1091511";"Found Tracking cookie.Ru4";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt:\ru4.com.83b89ffa";"Found Tracking cookie.Ru4";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt:\ru4.com.82a499d7";"Found Tracking cookie.Ru4";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt:\ru4.com.6d8c821e";"Found Tracking cookie.Ru4";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt:\ru4.com.5a5e0633";"Found Tracking cookie.Ru4";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@ru4[1].txt";"Found Tracking cookie.Ru4";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@revsci[2].txt:\revsci.net.44927ec";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@revsci[2].txt:\revsci.net.2df99d79";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@revsci[2].txt";"Found Tracking cookie.Revsci";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@realmedia[4].txt:\realmedia.com.855b46d";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@realmedia[4].txt:\realmedia.com.125a868c";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@realmedia[4].txt";"Found Tracking cookie.Realmedia";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@realmedia[3].txt:\realmedia.com.855b46d";"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@realmedia[3].txt";"Found Tracking cookie.Realmedia";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@pointroll[2].txt:\pointroll.com.f2d5a6f6";"Found Tracking cookie.Pointroll";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@pointroll[2].txt:\pointroll.com.72c0abc9";"Found Tracking cookie.Pointroll";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@pointroll[2].txt";"Found Tracking cookie.Pointroll";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@mediaplex[2].txt:\mediaplex.com.f652b123";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@mediaplex[2].txt:\mediaplex.com.dc30fb3c";"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@mediaplex[2].txt";"Found Tracking cookie.Mediaplex";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@m.webtrends[2].txt:\m.webtrends.com.b4ca7df0";"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@m.webtrends[2].txt";"Found Tracking cookie.Webtrends";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@hitbox[1].txt:\hitbox.com.bbf2a6e8";"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@hitbox[1].txt:\hitbox.com.2b95f8a3";"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@hitbox[1].txt";"Found Tracking cookie.Hitbox";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.fb62dd4b";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.987e6b46";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.80ad4799";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.350339d4";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.2d37ad26";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt:\casalemedia.com.1773afc";"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@casalemedia[1].txt";"Found Tracking cookie.Casalemedia";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@bs.serving-sys[1].txt:\bs.serving-sys.com.5bf1f00f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@bs.serving-sys[1].txt";"Found Tracking cookie.Serving-sys";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[2].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[2].txt:\atdmt.com.7247c262";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[2].txt";"Found Tracking cookie.Atdmt";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[1].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[1].txt:\atdmt.com.7247c262";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@atdmt[1].txt";"Found Tracking cookie.Atdmt";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt:\advertising.com.893d35c2";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[4].txt";"Found Tracking cookie.Advertising";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.893d35c2";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.525a5fb9";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@advertising[2].txt";"Found Tracking cookie.Advertising";"Healed"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@adbrite[3].txt:\adbrite.com.f796fd05";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@adbrite[3].txt:\adbrite.com.d5e309c2";"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
"";"C:\Users\George\AppData\Roaming\Microsoft\Windows\Cookies\Low\george@adbrite[3].txt";"Found Tracking cookie.Adbrite";"Healed"
====================== END Avg Scan log ======================================================================

bamajim · Answer

Please read carefully and follow these steps. Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here. If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of 'TDSSKiller.[Version]_[Date]_[Time]_log.txt'. Please copy and paste the contents of that file here.

Virus & Spyware

Was this post helpful?