Vandetta
2011-02-11, 08:46
heya,
i'm kinda new at these forums. and at posting such problems like this, i'm not very expirienced with computers, so sorry if i did something wrong.
i noticed my problem because my window (window 7) tasks deactivated, and i had to click on those, to use them again. this happened very often. and every 20min an internet explorer window popped up, with commercial pages.
after a scan my AVG 2011 free version hasnt found anything, but after a check with spybot i found win32.fraudload.edt and some other problems.
well, i'm not sure if i was reading this on this forums, or some other, but someone suggested to download superantispyware, and sca the computer (just scan) so i let it scan through the night. because i dont know how to look at spybots logs i hope this superantispyware could help you. if you need an other log, please tell me exactly how to do it
Well, here the logs:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 02/11/2011 at 02:58 AM
Application Version : 4.48.1000
Core Rules Database Version : 6376
Trace Rules Database Version: 4188
Scan type : Complete Scan
Total Scan Time : 02:43:39
Memory items scanned : 793
Memory threats detected : 1
Registry items scanned : 14308
Registry threats detected : 2
File items scanned : 230204
File threats detected : 110
Trojan.Agent/Gen-FakeSecurity
C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
(x86) [NtWqIVLZEWZU] C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
C:\WINDOWS\LTIMYA.EXE
C:\WINDOWS\LTIMYB.EXE
C:\Windows\Prefetch\LTIMYB.EXE-AE2AF6DC.pf
Adware.Tracking Cookie
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@uclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.creative-serving[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fl01.ct2.comclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CAZXEXBD.txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.intergi[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserving.versaneeds[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vdwp.solution.weborama[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.yieldmanager[8].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserver01[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@myroitracking[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.harrenmedianetwork[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserver.adtechus[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@trafficking.nabbr[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vidasco.rotator.hadj7.adjuggler[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@invitemedia[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.active-tracking[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@media6degrees[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adtech[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bforbank.solution.weborama[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eyewonder[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@im.banner.t-online[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@revsci[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@rotator.adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@harrenmedianetwork[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adfunky[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@weborama[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@imrworldwide[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.clicmanager[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@doubleclick[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@serving-sys[6].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adservercentral[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@opti.inextmedia[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eas.apm.emediate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@sevenoneintermedia.112.2o7[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tradedoubler[4].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@clicksor[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox-affiliate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.advancedmn[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.tlvmedia[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.cpxcenter[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bs.serving-sys[6].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.ad4game[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.horyzon-media[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.zanox-affiliate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tracking.hannoversche[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww381.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt.combing[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adc-serv[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.zanox[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adfarm1.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww251.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atwola[10].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@advertising[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CA94W881.txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.usenext[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@traffictrack[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad1.adfarm1.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad6media[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bmw2.solution.weborama[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@collective-media[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fidelity.rotator.hadj7.adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tribalfusion[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@screensavers[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fastclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@webmasterplan[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad2.adfarm1.adition[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www3.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@keyword-advertising.web[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserverplus[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adxpose[1].txt
cdn4.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
cdn5.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
enterotracker.de [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
files.youporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
i.adultswim.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
imagesrv.adition.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.mtvnservices.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.scanscout.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.socialvibe.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media1.break.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
mediapartner.bigpoint.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
objects.tremormedia.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
s0.2mdn.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
secure-us.imrworldwide.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
vidii.hardsextube.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.adservercentral.info [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.adserverplatform.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.alphaporno.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.naiadsystems.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.pornme.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.porntelecast.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.pornyeah.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.sexyfunpics.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.ziporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
wwwstatic.megaporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
xpornclips.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
Malware.Trace
C:\Windows\TASKS\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
(x86) HKU\S-1-5-21-1429241148-346156278-3124775494-1000\Software\NtWqIVLZEWZU
Adware.Vundo/Variant-MSFake
C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\CSVIEW_REV248\D3DCOMPILER_42.DLL
C:\STUFF\GAMES\BLACK AND WHITE 2\CRAP\CSVIEW_REV248\D3DCOMPILER_42.DLL
i hope it helps >.< the other posts about the same problem confused me a lot, and the "how to remove guide" didnt wort at me at all.
i'm kinda new at these forums. and at posting such problems like this, i'm not very expirienced with computers, so sorry if i did something wrong.
i noticed my problem because my window (window 7) tasks deactivated, and i had to click on those, to use them again. this happened very often. and every 20min an internet explorer window popped up, with commercial pages.
after a scan my AVG 2011 free version hasnt found anything, but after a check with spybot i found win32.fraudload.edt and some other problems.
well, i'm not sure if i was reading this on this forums, or some other, but someone suggested to download superantispyware, and sca the computer (just scan) so i let it scan through the night. because i dont know how to look at spybots logs i hope this superantispyware could help you. if you need an other log, please tell me exactly how to do it
Well, here the logs:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 02/11/2011 at 02:58 AM
Application Version : 4.48.1000
Core Rules Database Version : 6376
Trace Rules Database Version: 4188
Scan type : Complete Scan
Total Scan Time : 02:43:39
Memory items scanned : 793
Memory threats detected : 1
Registry items scanned : 14308
Registry threats detected : 2
File items scanned : 230204
File threats detected : 110
Trojan.Agent/Gen-FakeSecurity
C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
(x86) [NtWqIVLZEWZU] C:\USERS\VELMINSKAS\APPDATA\LOCAL\TEMP\LCN.EXE
C:\WINDOWS\LTIMYA.EXE
C:\WINDOWS\LTIMYB.EXE
C:\Windows\Prefetch\LTIMYB.EXE-AE2AF6DC.pf
Adware.Tracking Cookie
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@uclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.creative-serving[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fl01.ct2.comclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CAZXEXBD.txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.intergi[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserving.versaneeds[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vdwp.solution.weborama[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.yieldmanager[8].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserver01[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@myroitracking[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.harrenmedianetwork[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adserver.adtechus[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@trafficking.nabbr[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@vidasco.rotator.hadj7.adjuggler[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@invitemedia[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.active-tracking[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@media6degrees[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adtech[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bforbank.solution.weborama[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eyewonder[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@im.banner.t-online[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@revsci[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@rotator.adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@harrenmedianetwork[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adfunky[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@weborama[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@imrworldwide[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.clicmanager[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@doubleclick[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@serving-sys[6].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adservercentral[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@opti.inextmedia[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@eas.apm.emediate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@sevenoneintermedia.112.2o7[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tradedoubler[4].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@clicksor[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@zanox-affiliate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.advancedmn[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.tlvmedia[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.cpxcenter[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bs.serving-sys[6].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.ad4game[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@yieldmanager[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ads.horyzon-media[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.zanox-affiliate[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tracking.hannoversche[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww381.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt.combing[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adc-serv[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atdmt[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.zanox[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adfarm1.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ww251.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@atwola[10].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@advertising[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@CA94W881.txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www.usenext[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@traffictrack[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad1.adfarm1.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad6media[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@bmw2.solution.weborama[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@collective-media[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fidelity.rotator.hadj7.adjuggler[1].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@tribalfusion[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adition[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@screensavers[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@fastclick[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@webmasterplan[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad2.adfarm1.adition[3].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@www3.smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@keyword-advertising.web[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@ad.adserverplus[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@smartadserver[2].txt
C:\Users\Velminskas\AppData\Roaming\Microsoft\Windows\Cookies\velminskas@adxpose[1].txt
cdn4.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
cdn5.specificclick.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
enterotracker.de [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
files.youporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
i.adultswim.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
imagesrv.adition.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.mtvnservices.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.scanscout.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media.socialvibe.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
media1.break.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
mediapartner.bigpoint.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
objects.tremormedia.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
s0.2mdn.net [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
secure-us.imrworldwide.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
vidii.hardsextube.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.adservercentral.info [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.adserverplatform.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.alphaporno.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.naiadsystems.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.pornme.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.porntelecast.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.pornyeah.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.sexyfunpics.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
www.ziporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
wwwstatic.megaporn.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
xpornclips.com [ C:\Users\Velminskas\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SBNUA47M ]
Malware.Trace
C:\Windows\TASKS\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
(x86) HKU\S-1-5-21-1429241148-346156278-3124775494-1000\Software\NtWqIVLZEWZU
Adware.Vundo/Variant-MSFake
C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\CSVIEW_REV248\D3DCOMPILER_42.DLL
C:\STUFF\GAMES\BLACK AND WHITE 2\CRAP\CSVIEW_REV248\D3DCOMPILER_42.DLL
i hope it helps >.< the other posts about the same problem confused me a lot, and the "how to remove guide" didnt wort at me at all.