Sign in to follow this  
Followers 0
Goodwill44

What is C:\Windows\Prefetch and C:\Windows\Update.exe?

30 posts in this topic

My Superantispyware says that I have 4 infected files that should be deleted immediately.

 

 

Two are C:\Windows\Temp\(random letters and numbers).exe

 

Two are C:\Windows\Prefetch\Update(numbers and letters).exe

 

Then I have 126 cookies that were detected...

 

I need help, I need to know if my computer is under attack?

 

 

Thanks

 

 

~Goodwill44.

 

 

Share this post


Link to post
Share on other sites
SUPERAntiSpyware Scan Log


 

Generated 07/15/2013 at 05:32 PM

 

Application Version : 5.6.1020

 

Core Rules Database Version : 10611

Trace Rules Database Version: 8423

 

Scan type       : Complete Scan

Total Scan Time : 00:53:24

 

Operating System Information

Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)

UAC Off - Administrator

 

Memory items scanned      : 456

Memory threats detected   : 0

Registry items scanned    : 71572

Registry threats detected : 0

File items scanned        : 62400

File threats detected     : 131

 

Adware.Tracking Cookie

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\brandon@xxxxxx[2].txt [ /xxxxxxxx ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\88EBJKHA.txt [ /insightexpressai.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\JJEHXKA4.txt [ /ru4.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\A19VSYRO.txt [ /network.realmedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\VHO9A0MZ.txt [ /lucidmedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\13KF0XO1.txt [ /casalemedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1F8A2IWE.txt [ /fastclick.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\2MIGMJ54.txt [ /ads.pubmatic.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1O2JWNHN.txt [ /revsci.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9XREGM94.txt [ /questionmarket.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\6VLA3YG3.txt [ /specificclick.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\UK9OIPIO.txt [ /ads.bridgetrack.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\06EP5YGZ.txt [ /mediaplex.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\XPRF5GXI.txt [ /zedo.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1HDFFLKM.txt [ /doubleclick.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\AI46W3FT.txt [ /media.adfrontiers.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\LCKXWVX4.txt [ /clickbooth.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\D97QTQCR.txt [ /bs.serving-sys.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\IKD251HD.txt [ /mshakers.rotator.hadj7.adjuggler.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9IDVFNCD.txt [ /t.pointroll.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\EGKM2WYM.txt [ /ads.adk2.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\98ES3I1V.txt [ /ads.creative-serving.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\XM3BD2NS.txt [ /tribalfusion.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\4PW8PWGE.txt [ /pointroll.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\W11KIVT8.txt [ /pro-market.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\N9D8WY0V.txt [ /burstnet.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\YZC0EUI4.txt [ /c.atdmt.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\Q67W19X0.txt [ /ad.360yield.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\CJFYRYND.txt [ /ar.atwola.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\HGK1SLJB.txt [ /realmedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\Y2X8AU04.txt [ /ads.p161.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9E2VVBPN.txt [ /ad.mlnadvertising.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\LMALVMSH.txt [ /interclick.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\I3MQNA6X.txt [ /atwola.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\EUUHOBM6.txt [ /invitemedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\CS1UDJBV.txt [ /ads.us.e-planning.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\JNP0RWIS.txt [ /at.atwola.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\C8KK33JI.txt [ /media6degrees.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\MY0406K3.txt [ /collective-media.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\A75SYXLO.txt [ /ads.undertone.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\RWQT74IB.txt [ /ad.yieldmanager.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\30JZS6G8.txt [ /apmebf.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\64IA3Q0B.txt [ /a.intentmedia.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\G2ZOKUSF.txt [ /track.adform.net ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\BD1B4U49.txt [ /247realmedia.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\0AGZD2DE.txt [ /tacoda.at.atwola.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\GD3P0AHK.txt [ /a1.interclick.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\U0PRZCRM.txt [ /serving-sys.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\H7KR0CWG.txt [ /adtechus.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\GAK6UP6M.txt [ /ads.pointroll.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\24NB799Y.txt [ /advertising.com ]

C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\41F9275V.txt [ /www.burstnet.com ]

.doubleclick.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.imrworldwide.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.imrworldwide.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.timeinc.122.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

findnsave.ledger-enquirer.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.estat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.legolas-media.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.legolas-media.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

in.getclicky.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.statcounter.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.msnbc.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

statse.webtrendslive.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.e-2dj6wjlyeiazceo.stats.esomniture.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.e-2dj6wjlyghdpcfo.stats.esomniture.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

pulse-analytics-beacon.reutersmedia.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.s.clickability.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.xiti.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.xiti.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

media.gsimedia.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.usnews.122.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.warnerbros.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.leeenterprises.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.nhl.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.survey.g.doubleclick.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.nakedcelebgallery.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

insight.torbit.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.statcounter.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.s.clickability.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.histats.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.histats.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.sonygs.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

core.insightexpressai.com [ C:\USERS\BRANDON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\6X9AJ33N ]

C:\USERS\BRANDON\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BRANDON@APMEBF[1].TXT [ /APMEBF ]

C:\USERS\BRANDON\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BRANDON@REVSCI[1].TXT [ /REVSCI ]

 

Adware.Somoto

C:\USERS\BRANDON\DOWNLOADS\CHEATENGINE62.EXE

 

Trojan.Dropper/Win-NV

C:\WINDOWS\TEMP\3653B14C-5A82-412D-88FA-D531185DFABD\UPDATE.EXE

C:\WINDOWS\TEMP\A0F751FB-10C2-4B87-8594-7D77422EC057\UPDATE.EXE

C:\Windows\Prefetch\UPDATE.EXE-416143E6.pf

C:\Windows\Prefetch\UPDATE.EXE-EB004BFD.pf

 

 

I have Adblock and WOT, I dont see how they track my cookies if I cant see ads?

Share this post


Link to post
Share on other sites

Cheatengine64.exe is considered questionable, however those numbered files maybe benign.

 

Best thing to do is to submit those files as a False Positive and if they are found to be harmful the Malware team will let you know.

 

As for Adblock and WOT....

 

Adblock will only block you from seeing adverts it does not prevent from tracking.

 

WOT will only give insight into good or bad rated sites.

 

If you really wish to stop tracking cookies you will have to change your browser set up.

Share this post


Link to post
Share on other sites

Is it safe to delete the Adware Cookies?

 

Tracking cookies are not harmful just more of an anoyance, yes it is perfectly safe to delete/remove them.

 

I don't want creeps tracking my every move.

 

Sadly a fact of life, yes even with TOR believe it or not.

 

How do I do that?

 

Not sure what you're referring to ?

Share this post


Link to post
Share on other sites

Well one way is to stop using Google!

 

Although Google Chrome is a (slightly) different thing you will still easily be tracked, I haven't used Chrome in some time never liked it.

 

You could try incorporating Ghostery you'll be pleasantly surprised at how much "tracking" goes on "behind the scenes".

 

Also regularly cleaning out your temp files after every session with a program like CCleaner.

 

Personally I prefer PaleMoon as my browser choice and set it up for privacy and never except Third Party Cookies. I haven't had any tracking cookies even when online and running a scan with SAS.

Share this post


Link to post
Share on other sites

All are free.

 

Ghostery is a plug-in.

 

CCleaner is a standalone cleaner (there are paid versions but you don't have to choose those ones). just run after every session, make sure you look at the tabs and check what you wish to check.

 

 

PaleMoon is a browser (mozilla based Gecko engine slimmed down with less bells and whistles).

 

 

Share this post


Link to post
Share on other sites

I got ghostery, already 3 on the website!

 

I still wanna know about Palemoon, but I wanna know if it's all good to get out of safemood.

 

seth.avazutracking.net popped up earlier today and I wanna know if it's safe to get out of it.

Share this post


Link to post
Share on other sites

seth.avazutracking.net adds random advertising to web pages, open up task manager and try to find a process [randomname].exe, then locate the appdata file(usually hidden by default) and remove files
%AppData%\Protector-[rnd].exe
%AppData%\result.db
%AllUsersProfile%\{random}\
%AllUsersProfile%\{random}\*.lnk

 

Then look for registry items (only use this manual method if you are comfortable dabbling ib the registry as one false move could destroy your system)

HKEY_LOCAL_

MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuardCLSID
HKEY_LOCAL_
MACHINESOFTWAREMicrosoftInternet ExplorerToolbar “Debtpuma/ilivid Toolbar” - (or something similar)
HKEY_LOCAL_
MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}
“Debtpuma.com Toolbar” - (ilivid.com etc)
HKEY_LOCAL_
MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuardCurVer
HKEY_LOCAL_
MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuard.1
HKEY_LOCAL_
MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}

Share this post


Link to post
Share on other sites

CCleaner wants to keep my persistant logins on yahoo, is that safe?

 

Depends if you want to keep your passwords/auto log ins.

Share this post


Link to post
Share on other sites

I couldn't find anything, is my computer infected?

 

i didn't see any randomname.exe's

 

Only my malware bytes,SuperAntiSpyware,explorer.exe(I believe that is IE),18 Chrome.exe*32,taskmngr,and winlogon (system),ccleaner,avast,dllhost.

Share this post


Link to post
Share on other sites

I believe that those were false, my Microsoft scanning tool just went through like 500k files or something and picked up nothing.

 

Still haven't found anything involving random.exe files

 

Havent found anything that contains seth.avazutracking.net

Share this post


Link to post
Share on other sites

The Trojan.Dropper/Win-NV came back again..

 

Should I file them as false reports, this is my 3rd scan and they came back.

Share this post


Link to post
Share on other sites

I'm still in safemode, I can't find "[RandomName].exe"

 

Does that mean it's infected my computer and I can't find it, or does it mean I don't have it and I'm fine?

 

Staying in safe-mode until your reply.

Share this post


Link to post
Share on other sites

Sorry but I am a voluntary Mod, I had other things to sort out.

 

Boot into normal mode and download DDS run it and post the DDS log here so we can see what's happening and where.

Share this post


Link to post
Share on other sites

When I was in safe-mode, I couldn't find the [randomname].exe file, but I also didn't enter the website, i clicked out of it because wot blocked it before it took me there.

 

Do I still need to go back to safe-mode and look for it?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0