Results 1 to 3 of 3

Thread: win32.fraudload.edt

  1. 2011-02-11, 07:46 #1
    Vandetta
    Vandetta is offline
    Junior Member
    Join Date
    Feb 2011
    Posts
    7

    Default win32.fraudload.edt

    heya,


    i'm kinda new at these forums. and at posting such problems like this, i'm not very expirienced with computers, so sorry if i did something wrong.

    i noticed my problem because my window (window 7) tasks deactivated, and i had to click on those, to use them again. this happened very often. and every 20min an internet explorer window popped up, with commercial pages.

    after a scan my AVG 2011 free version hasnt found anything, but after a check with spybot i found win32.fraudload.edt and some other problems.

    well, i'm not sure if i was reading this on this forums, or some other, but someone suggested to download superantispyware, and sca the computer (just scan) so i let it scan through the night. because i dont know how to look at spybots logs i hope this superantispyware could help you. if you need an other log, please tell me exactly how to do it

    Well, here the logs:

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 02/11/2011 at 02:58 AM

    Application Version : 4.48.1000

    Core Rules Database Version : 6376
    Trace Rules Database Version: 4188

    Scan type : Complete Scan
    Total Scan Time : 02:43:39

    Memory items scanned : 793
    Memory threats detected : 1
    Registry items scanned : 14308
    Registry threats detected : 2
    File items scanned : 230204
    File threats detected : 110

    Trojan.Agent/Gen-FakeSecurity
    C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
    C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
    (x86) [NtWqIVLZEWZU] C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
    C:\WINDOWS\LTIMYA.EXE
    C:\WINDOWS\LTIMYB.EXE
    C:\Windows\Prefetch\LTIMYB.EXE-AE2AF6DC.pf

    Adware.Tracking Cookie
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@uclick[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.creative-serving[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fl01.ct2.comclick[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CAZXEXBD.txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.intergi[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserving.versaneeds[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vdwp.solution.weborama[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.yieldmanager[8].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserver01[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@myroitracking[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.harrenmedianetwork[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserver.adtechus[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@trafficking.nabbr[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vidasco.rotator.hadj7.adjuggler[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@invitemedia[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.active-tracking[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@media6degrees[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adtech[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bforbank.solution.weborama[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eyewonder[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@im.banner.t-online[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@revsci[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@rotator.adjuggler[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@harrenmedianetwork[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adfunky[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@weborama[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@imrworldwide[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.clicmanager[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@doubleclick[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@serving-sys[6].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adservercentral[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@opti.inextmedia[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eas.apm.emediate[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@sevenoneintermedia.112.2o7[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tradedoubler[4].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@clicksor[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox-affiliate[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.advancedmn[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.tlvmedia[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.cpxcenter[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bs.serving-sys[6].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.ad4game[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.horyzon-media[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.zanox-affiliate[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tracking.hannoversche[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww381.smartadserver[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt.combing[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adjuggler[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adc-serv[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.zanox[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adfarm1.adition[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww251.smartadserver[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atwola[10].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@advertising[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CA94W881.txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.usenext[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@traffictrack[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad1.adfarm1.adition[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad6media[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bmw2.solution.weborama[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@collective-media[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fidelity.rotator.hadj7.adjuggler[1].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tribalfusion[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adition[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@screensavers[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fastclick[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@webmasterplan[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad2.adfarm1.adition[3].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www3.smartadserver[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@keyword-advertising.web[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserverplus[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@smartadserver[2].txt
    C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adxpose[1].txt
    cdn4.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    cdn5.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    enterotracker.de [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    files.youporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    i.adultswim.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    imagesrv.adition.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    media.mtvnservices.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    media.scanscout.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    media.socialvibe.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    media1.break.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    mediapartner.bigpoint.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    objects.tremormedia.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    s0.2mdn.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    secure-us.imrworldwide.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    vidii.hardsextube.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.adservercentral.info [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.adserverplatform.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.alphaporno.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.naiadsystems.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.pornme.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.porntelecast.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.pornyeah.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.sexyfunpics.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    www.ziporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    wwwstatic.megaporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
    xpornclips.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]

    Malware.Trace
    C:\Windows\TASKS\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
    (x86) HKU\S-1-5-21-1429241148-346156278-3124775494-1000\Software\NtWqIVLZEWZU

    Adware.Vundo/Variant-MSFake
    C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\CSVIEW_REV248\D3DCOMPILER_42.DLL
    C:\STUFF\GAMES\BLACK AND WHITE 2\CRAP\CSVIEW_REV248\D3DCOMPILER_42.DLL


    i hope it helps >.< the other posts about the same problem confused me a lot, and the "how to remove guide" didnt wort at me at all.
  2. 2011-02-11, 16:07 #2
    tashi
    tashi is offline
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,961

    Default

    Hello Vandetta,

    In case you missed it please see the forum FAQ which includes guidelines for this forum and also instructions on posting preliminary DDS logs in post #2.
    "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

    Then start a new topic, copy paste the DDS.txt log into it and a volunteer analyst will advise you when available.

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
  3. 2011-02-11, 17:51 #3
    tashi
    tashi is offline
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,961

    Default

    New topic: http://forums.spybot.info/showthread.php?t=61576
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules