Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads pop up in new tab


  • Please log in to reply
10 replies to this topic

#1 mrmatt2

mrmatt2

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 03 February 2013 - 08:56 PM

Hi,

Hope you can help..


Noticed a while ago, whenever I open a new link from Google, the new tab opens along with another which shows an ad. The ads vary in item. I ran Malwarebytes,MSE, superanitspyware and eset online scanner, but none have been able to tackle it. A few of these programs found some files, asked to remove by restart which I did, but problem persists.

Hope you can help!

Thanks!!!
Matt

Edited by mrmatt2, 03 February 2013 - 08:56 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 03 February 2013 - 09:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mrmatt2

mrmatt2
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 04 February 2013 - 08:11 PM

07:05:03.0156 2888 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:05:03.0390 2888 ============================================================
07:05:03.0390 2888 Current date / time: 2013/02/04 07:05:03.0390
07:05:03.0390 2888 SystemInfo:
07:05:03.0390 2888
07:05:03.0390 2888 OS Version: 5.1.2600 ServicePack: 3.0
07:05:03.0390 2888 Product type: Workstation
07:05:03.0390 2888 ComputerName: DELLDIMENSION
07:05:03.0390 2888 UserName: Mike
07:05:03.0390 2888 Windows directory: C:\WINDOWS
07:05:03.0390 2888 System windows directory: C:\WINDOWS
07:05:03.0390 2888 Processor architecture: Intel x86
07:05:03.0390 2888 Number of processors: 2
07:05:03.0390 2888 Page size: 0x1000
07:05:03.0390 2888 Boot type: Normal boot
07:05:03.0390 2888 ============================================================
07:05:06.0546 2888 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:05:06.0546 2888 ============================================================
07:05:06.0546 2888 \Device\Harddisk0\DR0:
07:05:06.0546 2888 MBR partitions:
07:05:06.0546 2888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x8E7BB54
07:05:06.0546 2888 ============================================================
07:05:06.0593 2888 C: <-> \Device\Harddisk0\DR0\Partition1
07:05:06.0625 2888 ============================================================
07:05:06.0625 2888 Initialize success
07:05:06.0625 2888 ============================================================
07:05:38.0687 2012 ============================================================
07:05:38.0687 2012 Scan started
07:05:38.0687 2012 Mode: Manual; TDLFS;
07:05:38.0687 2012 ============================================================
07:05:39.0078 2012 ================ Scan system memory ========================
07:05:39.0078 2012 System memory - ok
07:05:39.0078 2012 ================ Scan services =============================
07:05:39.0265 2012 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINDOWS\system32\DRIVERS\61883.sys
07:05:39.0312 2012 61883 - ok
07:05:39.0312 2012 Abiosdsk - ok
07:05:39.0312 2012 abp480n5 - ok
07:05:39.0359 2012 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:05:39.0359 2012 ACPI - ok
07:05:39.0406 2012 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
07:05:39.0437 2012 ACPIEC - ok
07:05:39.0656 2012 [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
07:05:39.0656 2012 AdobeActiveFileMonitor11.0 - ok
07:05:39.0671 2012 adpu160m - ok
07:05:39.0687 2012 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
07:05:39.0734 2012 aec - ok
07:05:39.0796 2012 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
07:05:39.0828 2012 AFD - ok
07:05:39.0875 2012 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
07:05:39.0890 2012 AFS2K - ok
07:05:39.0906 2012 Aha154x - ok
07:05:39.0906 2012 aic78u2 - ok
07:05:39.0906 2012 aic78xx - ok
07:05:39.0968 2012 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
07:05:39.0968 2012 Alerter - ok
07:05:40.0000 2012 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
07:05:40.0000 2012 ALG - ok
07:05:40.0000 2012 AliIde - ok
07:05:40.0015 2012 amsint - ok
07:05:40.0078 2012 [ D6C8942BEA3698A2E7559BD423BFA5D7 ] AntiVirScheduler C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
07:05:40.0078 2012 AntiVirScheduler - ok
07:05:40.0125 2012 [ 335A142923FE7F97E8C8388ACD067568 ] AntiVirService C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
07:05:40.0125 2012 AntiVirService - ok
07:05:40.0218 2012 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:05:40.0218 2012 Apple Mobile Device - ok
07:05:40.0218 2012 AppMgmt - ok
07:05:40.0250 2012 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
07:05:40.0296 2012 Arp1394 - ok
07:05:40.0296 2012 asc - ok
07:05:40.0296 2012 asc3350p - ok
07:05:40.0312 2012 asc3550 - ok
07:05:40.0375 2012 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:05:40.0468 2012 aspnet_state - ok
07:05:40.0484 2012 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:05:40.0515 2012 AsyncMac - ok
07:05:40.0515 2012 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
07:05:40.0578 2012 atapi - ok
07:05:40.0593 2012 Atdisk - ok
07:05:40.0656 2012 [ 5CEDA44447A28DB469DE28AFC0950650 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
07:05:40.0656 2012 Ati HotKey Poller - ok
07:05:40.0718 2012 [ 737371583E0173F963D74435BE3E96D2 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
07:05:40.0750 2012 ATI Smart - ok
07:05:40.0875 2012 [ B63516824DA0D8B9AD136E6E044A795F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
07:05:41.0406 2012 ati2mtag - ok
07:05:41.0437 2012 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:05:41.0468 2012 Atmarpc - ok
07:05:41.0515 2012 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
07:05:41.0515 2012 AudioSrv - ok
07:05:41.0562 2012 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
07:05:41.0578 2012 audstub - ok
07:05:41.0640 2012 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINDOWS\system32\DRIVERS\avc.sys
07:05:41.0671 2012 Avc - ok
07:05:41.0703 2012 [ AFA456A6210ABE5798561A5758517340 ] avgio C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
07:05:41.0703 2012 avgio - ok
07:05:41.0750 2012 [ 906F73C4F6B8BA5DAABC41A1F04CECFE ] avgntflt C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
07:05:41.0765 2012 avgntflt - ok
07:05:41.0812 2012 [ 740970262714E0575F23A917A2A53A31 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
07:05:41.0812 2012 avgtp - ok
07:05:41.0875 2012 [ BDB37B3B217F5181A5BC129C50844F98 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
07:05:41.0875 2012 avipbb - ok
07:05:41.0921 2012 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
07:05:41.0953 2012 Beep - ok
07:05:42.0000 2012 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
07:05:42.0078 2012 BITS - ok
07:05:42.0203 2012 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:05:42.0203 2012 Bonjour Service - ok
07:05:42.0234 2012 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
07:05:42.0234 2012 Browser - ok
07:05:42.0296 2012 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
07:05:42.0312 2012 cbidf2k - ok
07:05:42.0421 2012 [ 223D008EE3C9DC77CA2918DC1357DC19 ] CboxUpdater C:\Program Files\Cbox\CboxUpdater.exe
07:05:42.0421 2012 CboxUpdater - ok
07:05:42.0453 2012 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
07:05:42.0484 2012 CCDECODE - ok
07:05:42.0484 2012 cd20xrnt - ok
07:05:42.0546 2012 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
07:05:42.0578 2012 Cdaudio - ok
07:05:42.0625 2012 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
07:05:42.0687 2012 Cdfs - ok
07:05:42.0734 2012 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:05:42.0781 2012 Cdrom - ok
07:05:42.0843 2012 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
07:05:42.0859 2012 cercsr6 - ok
07:05:42.0875 2012 Changer - ok
07:05:42.0906 2012 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
07:05:42.0906 2012 CiSvc - ok
07:05:42.0953 2012 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
07:05:42.0953 2012 ClipSrv - ok
07:05:42.0984 2012 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:05:43.0109 2012 clr_optimization_v2.0.50727_32 - ok
07:05:43.0109 2012 CmdIde - ok
07:05:43.0125 2012 COMSysApp - ok
07:05:43.0125 2012 Cpqarray - ok
07:05:43.0312 2012 cpuz134 - ok
07:05:43.0343 2012 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
07:05:43.0343 2012 CryptSvc - ok
07:05:43.0343 2012 dac2w2k - ok
07:05:43.0343 2012 dac960nt - ok
07:05:43.0421 2012 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
07:05:43.0421 2012 DcomLaunch - ok
07:05:43.0453 2012 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
07:05:43.0453 2012 Dhcp - ok
07:05:43.0468 2012 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
07:05:43.0515 2012 Disk - ok
07:05:43.0515 2012 dmadmin - ok
07:05:43.0578 2012 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
07:05:43.0671 2012 dmboot - ok
07:05:43.0687 2012 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
07:05:43.0718 2012 dmio - ok
07:05:43.0765 2012 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
07:05:43.0796 2012 dmload - ok
07:05:43.0828 2012 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
07:05:43.0828 2012 dmserver - ok
07:05:43.0843 2012 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
07:05:43.0875 2012 DMusic - ok
07:05:43.0937 2012 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
07:05:43.0937 2012 Dnscache - ok
07:05:44.0000 2012 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
07:05:44.0000 2012 Dot3svc - ok
07:05:44.0000 2012 dpti2o - ok
07:05:44.0031 2012 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
07:05:44.0046 2012 drmkaud - ok
07:05:44.0109 2012 [ 651554E483712B708EDE864D0CA1AA73 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
07:05:44.0156 2012 DrvAgent32 - ok
07:05:44.0203 2012 [ D57A8FC800B501AC05B10D00F66D127A ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
07:05:44.0203 2012 E100B - ok
07:05:44.0250 2012 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
07:05:44.0250 2012 EapHost - ok
07:05:44.0296 2012 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
07:05:44.0296 2012 ERSvc - ok
07:05:44.0343 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
07:05:44.0359 2012 Eventlog - ok
07:05:44.0406 2012 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
07:05:44.0406 2012 EventSystem - ok
07:05:44.0437 2012 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
07:05:44.0468 2012 Fastfat - ok
07:05:44.0515 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:05:44.0515 2012 FastUserSwitchingCompatibility - ok
07:05:44.0546 2012 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
07:05:44.0578 2012 Fdc - ok
07:05:44.0781 2012 [ C21FC36D3CD28C2726FEE10D397216C7 ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
07:05:44.0781 2012 FileMonitor - ok
07:05:44.0796 2012 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
07:05:44.0828 2012 Fips - ok
07:05:44.0875 2012 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
07:05:44.0890 2012 Flpydisk - ok
07:05:44.0937 2012 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
07:05:45.0000 2012 FltMgr - ok
07:05:45.0078 2012 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:05:45.0078 2012 FontCache3.0.0.0 - ok
07:05:45.0140 2012 [ 597B0E9EED387B9921E393C54E6B0D6B ] FreeOnlineConverterUpdt C:\Program Files\Free Online Converter\FreeOnlineConverterUpdt.exe
07:05:45.0156 2012 FreeOnlineConverterUpdt - ok
07:05:45.0203 2012 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:05:45.0218 2012 Fs_Rec - ok
07:05:45.0296 2012 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:05:45.0343 2012 Ftdisk - ok
07:05:45.0390 2012 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
07:05:45.0406 2012 GEARAspiWDM - ok
07:05:45.0421 2012 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\WINDOWS\system32\giveio.sys
07:05:45.0453 2012 giveio - ok
07:05:45.0484 2012 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:05:45.0515 2012 Gpc - ok
07:05:45.0562 2012 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
07:05:45.0609 2012 grmnusb - ok
07:05:45.0765 2012 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9d0ed21b54848 C:\Program Files\Google\Update\GoogleUpdate.exe
07:05:45.0765 2012 gupdate1c9d0ed21b54848 - ok
07:05:45.0781 2012 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:05:45.0781 2012 gupdatem - ok
07:05:45.0843 2012 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:05:45.0843 2012 gusvc - ok
07:05:45.0906 2012 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:05:45.0906 2012 HDAudBus - ok
07:05:45.0968 2012 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:05:45.0968 2012 helpsvc - ok
07:05:46.0000 2012 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
07:05:46.0000 2012 HidServ - ok
07:05:46.0015 2012 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:05:46.0046 2012 hidusb - ok
07:05:46.0078 2012 [ 7C2FA08BE562F5B8BE5428FDD926404C ] HitachiBackupService C:\Program Files\Hitachi\Hitachi Backup\HitachiBackupService.exe
07:05:46.0078 2012 HitachiBackupService - ok
07:05:46.0140 2012 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
07:05:46.0140 2012 hkmsvc - ok
07:05:46.0156 2012 hpn - ok
07:05:46.0218 2012 [ 863CC3A82C63C9F60ACF2E85D5310620 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:05:46.0250 2012 HPZid412 - ok
07:05:46.0250 2012 [ 08CB72E95DD75B61F2966B311D0E4366 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:05:46.0312 2012 HPZipr12 - ok
07:05:46.0359 2012 [ CA990306ED4EF732AF9695BFF24FC96F ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:05:46.0390 2012 HPZius12 - ok
07:05:46.0437 2012 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
07:05:46.0453 2012 HTTP - ok
07:05:46.0484 2012 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
07:05:46.0500 2012 HTTPFilter - ok
07:05:46.0515 2012 i2omgmt - ok
07:05:46.0515 2012 i2omp - ok
07:05:46.0578 2012 [ D593517879E65167DF35F6015814AC59 ] iastor C:\WINDOWS\system32\DRIVERS\iaStor.sys
07:05:46.0578 2012 iastor - ok
07:05:46.0687 2012 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:05:46.0703 2012 idsvc - ok
07:05:46.0734 2012 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
07:05:46.0812 2012 Imapi - ok
07:05:46.0859 2012 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
07:05:46.0859 2012 ImapiService - ok
07:05:46.0937 2012 [ 1F0AEDCBD294A0A3B479896B278AD343 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
07:05:46.0968 2012 IMFservice - ok
07:05:46.0984 2012 ini910u - ok
07:05:46.0984 2012 IntelIde - ok
07:05:47.0046 2012 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:05:47.0078 2012 intelppm - ok
07:05:47.0109 2012 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
07:05:47.0171 2012 Ip6Fw - ok
07:05:47.0187 2012 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:05:47.0218 2012 IpFilterDriver - ok
07:05:47.0218 2012 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:05:47.0281 2012 IpInIp - ok
07:05:47.0312 2012 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:05:47.0312 2012 IpNat - ok
07:05:47.0390 2012 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:05:47.0406 2012 iPod Service - ok
07:05:47.0421 2012 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:05:47.0468 2012 IPSec - ok
07:05:47.0484 2012 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
07:05:47.0500 2012 IRENUM - ok
07:05:47.0500 2012 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:05:47.0546 2012 isapnp - ok
07:05:47.0656 2012 [ 777D7BA68DCA4EBE217B48206BDA9F5F ] iWinGamesInstaller C:\Program Files\iWin Games\iWinGamesInstaller.exe
07:05:47.0656 2012 iWinGamesInstaller - ok
07:05:47.0765 2012 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:05:47.0765 2012 JavaQuickStarterService - ok
07:05:47.0812 2012 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:05:47.0859 2012 Kbdclass - ok
07:05:47.0875 2012 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:05:47.0890 2012 kbdhid - ok
07:05:47.0937 2012 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
07:05:47.0937 2012 kmixer - ok
07:05:48.0000 2012 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
07:05:48.0062 2012 KSecDD - ok
07:05:48.0109 2012 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
07:05:48.0125 2012 lanmanserver - ok
07:05:48.0187 2012 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:05:48.0218 2012 lanmanworkstation - ok
07:05:48.0359 2012 [ ED60FFD305AC0424920D146DB9F9ED78 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
07:05:48.0421 2012 Lavasoft Ad-Aware Service - ok
07:05:48.0484 2012 [ 6C4A3804510AD8E0F0C07B5BE3D44DDB ] Lavasoft Kernexplorer C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
07:05:48.0484 2012 Lavasoft Kernexplorer - ok
07:05:48.0484 2012 lbrtfdc - ok
07:05:48.0531 2012 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
07:05:48.0531 2012 LmHosts - ok
07:05:48.0562 2012 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
07:05:48.0562 2012 Messenger - ok
07:05:48.0609 2012 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
07:05:48.0625 2012 mnmdd - ok
07:05:48.0656 2012 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
07:05:48.0656 2012 mnmsrvc - ok
07:05:48.0687 2012 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
07:05:48.0718 2012 Modem - ok
07:05:48.0750 2012 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:05:48.0765 2012 Mouclass - ok
07:05:48.0828 2012 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:05:48.0859 2012 mouhid - ok
07:05:48.0859 2012 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
07:05:48.0890 2012 MountMgr - ok
07:05:49.0000 2012 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:05:49.0000 2012 MozillaMaintenance - ok
07:05:49.0062 2012 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
07:05:49.0062 2012 MpFilter - ok
07:05:49.0296 2012 [ A69630D039C38018689190234F866D77 ] MpKsle5cde895 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F87D841-6081-4F0B-BD62-52B2DD40A02A}\MpKsle5cde895.sys
07:05:49.0296 2012 MpKsle5cde895 - ok
07:05:49.0296 2012 mraid35x - ok
07:05:49.0390 2012 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
07:05:49.0421 2012 MREMP50 - ok
07:05:49.0421 2012 MREMP50a64 - ok
07:05:49.0421 2012 MREMPR5 - ok
07:05:49.0437 2012 MRENDIS5 - ok
07:05:49.0437 2012 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
07:05:49.0484 2012 MRESP50 - ok
07:05:49.0484 2012 MRESP50a64 - ok
07:05:49.0500 2012 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:05:49.0500 2012 MRxDAV - ok
07:05:49.0562 2012 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:05:49.0625 2012 MRxSmb - ok
07:05:49.0671 2012 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
07:05:49.0671 2012 MSDTC - ok
07:05:49.0718 2012 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINDOWS\system32\DRIVERS\msdv.sys
07:05:49.0750 2012 MSDV - ok
07:05:49.0781 2012 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
07:05:49.0859 2012 Msfs - ok
07:05:49.0859 2012 MSIServer - ok
07:05:49.0875 2012 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:05:49.0890 2012 MSKSSRV - ok
07:05:50.0000 2012 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:05:50.0000 2012 MsMpSvc - ok
07:05:50.0000 2012 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:05:50.0046 2012 MSPCLOCK - ok
07:05:50.0046 2012 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
07:05:50.0078 2012 MSPQM - ok
07:05:50.0093 2012 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:05:50.0109 2012 mssmbios - ok
07:05:50.0125 2012 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
07:05:50.0140 2012 MSTEE - ok
07:05:50.0171 2012 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
07:05:50.0203 2012 Mup - ok
07:05:50.0234 2012 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
07:05:50.0281 2012 NABTSFEC - ok
07:05:50.0328 2012 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
07:05:50.0343 2012 napagent - ok
07:05:50.0359 2012 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
07:05:50.0421 2012 NDIS - ok
07:05:50.0437 2012 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
07:05:50.0453 2012 NdisIP - ok
07:05:50.0468 2012 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:05:50.0500 2012 NdisTapi - ok
07:05:50.0515 2012 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:05:50.0531 2012 Ndisuio - ok
07:05:50.0546 2012 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:05:50.0609 2012 NdisWan - ok
07:05:50.0656 2012 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
07:05:50.0687 2012 NDProxy - ok
07:05:50.0718 2012 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
07:05:50.0750 2012 NetBIOS - ok
07:05:50.0765 2012 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
07:05:50.0843 2012 NetBT - ok
07:05:50.0906 2012 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
07:05:50.0906 2012 NetDDE - ok
07:05:50.0906 2012 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
07:05:50.0906 2012 NetDDEdsdm - ok
07:05:50.0953 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
07:05:50.0953 2012 Netlogon - ok
07:05:50.0984 2012 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
07:05:50.0984 2012 Netman - ok
07:05:51.0015 2012 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:05:51.0015 2012 NetTcpPortSharing - ok
07:05:51.0031 2012 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
07:05:51.0031 2012 NIC1394 - ok
07:05:51.0046 2012 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
07:05:51.0046 2012 Nla - ok
07:05:51.0062 2012 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
07:05:51.0093 2012 Npfs - ok
07:05:51.0109 2012 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
07:05:51.0156 2012 Ntfs - ok
07:05:51.0156 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
07:05:51.0171 2012 NtLmSsp - ok
07:05:51.0187 2012 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
07:05:51.0203 2012 NtmsSvc - ok
07:05:51.0203 2012 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
07:05:51.0218 2012 Null - ok
07:05:51.0265 2012 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:05:51.0296 2012 NwlnkFlt - ok
07:05:51.0296 2012 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:05:51.0359 2012 NwlnkFwd - ok
07:05:51.0500 2012 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:05:51.0515 2012 odserv - ok
07:05:51.0546 2012 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
07:05:51.0546 2012 ohci1394 - ok
07:05:51.0609 2012 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:05:51.0609 2012 ose - ok
07:05:51.0640 2012 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
07:05:51.0640 2012 Parport - ok
07:05:51.0640 2012 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
07:05:51.0671 2012 PartMgr - ok
07:05:51.0718 2012 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
07:05:51.0734 2012 ParVdm - ok
07:05:51.0765 2012 [ 210A628A0D7B3F45257850EFBFF27538 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
07:05:51.0765 2012 pavboot - ok
07:05:51.0859 2012 [ 65FB0C4AA30D84849E0E4C97CB5501CE ] pbfilter C:\Program Files\PeerBlock\pbfilter.sys
07:05:51.0937 2012 pbfilter - ok
07:05:51.0984 2012 [ 58C5EA3DE400FE1D08CFECA6D5C14EBD ] PCANDIS5 C:\WINDOWS\system32\PCANDIS5.SYS
07:05:52.0000 2012 PCANDIS5 - ok
07:05:52.0046 2012 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
07:05:52.0109 2012 PCI - ok
07:05:52.0109 2012 PCIDump - ok
07:05:52.0140 2012 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
07:05:52.0156 2012 PCIIde - ok
07:05:52.0156 2012 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
07:05:52.0187 2012 Pcmcia - ok
07:05:52.0203 2012 PDCOMP - ok
07:05:52.0203 2012 PDFRAME - ok
07:05:52.0218 2012 PDRELI - ok
07:05:52.0218 2012 PDRFRAME - ok
07:05:52.0218 2012 perc2 - ok
07:05:52.0234 2012 perc2hib - ok
07:05:52.0281 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
07:05:52.0281 2012 PlugPlay - ok
07:05:52.0328 2012 [ FB03F341FF5380394BF2EE52F1979925 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
07:05:52.0328 2012 Pml Driver HPZ12 - ok
07:05:52.0343 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
07:05:52.0343 2012 PolicyAgent - ok
07:05:52.0375 2012 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:05:52.0406 2012 PptpMiniport - ok
07:05:52.0421 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:05:52.0421 2012 ProtectedStorage - ok
07:05:52.0421 2012 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
07:05:52.0484 2012 PSched - ok
07:05:52.0484 2012 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:05:52.0515 2012 Ptilink - ok
07:05:52.0546 2012 [ B6A1692FC131F1FE5162513D78A9B6FC ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
07:05:52.0546 2012 PxHelp20 - ok
07:05:52.0546 2012 ql1080 - ok
07:05:52.0562 2012 Ql10wnt - ok
07:05:52.0562 2012 ql12160 - ok
07:05:52.0578 2012 ql1240 - ok
07:05:52.0578 2012 ql1280 - ok
07:05:52.0609 2012 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:05:52.0609 2012 RasAcd - ok
07:05:52.0640 2012 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
07:05:52.0640 2012 RasAuto - ok
07:05:52.0656 2012 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:05:52.0687 2012 Rasl2tp - ok
07:05:52.0718 2012 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
07:05:52.0734 2012 RasMan - ok
07:05:52.0734 2012 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:05:52.0765 2012 RasPppoe - ok
07:05:52.0765 2012 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
07:05:52.0812 2012 Raspti - ok
07:05:52.0859 2012 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:05:52.0859 2012 Rdbss - ok
07:05:52.0875 2012 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:05:52.0890 2012 RDPCDD - ok
07:05:52.0921 2012 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
07:05:52.0921 2012 RDPWD - ok
07:05:52.0968 2012 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
07:05:52.0968 2012 RDSessMgr - ok
07:05:53.0000 2012 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
07:05:53.0062 2012 redbook - ok
07:05:53.0093 2012 [ 3BC05EC17F0A2BF4F141CB3D3390515E ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys
07:05:53.0093 2012 RegFilter - ok
07:05:53.0140 2012 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
07:05:53.0140 2012 RemoteAccess - ok
07:05:53.0171 2012 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
07:05:53.0171 2012 RpcLocator - ok
07:05:53.0203 2012 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
07:05:53.0218 2012 RpcSs - ok
07:05:53.0265 2012 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
07:05:53.0281 2012 RSVP - ok
07:05:53.0328 2012 SABProcEnum - ok
07:05:53.0343 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
07:05:53.0343 2012 SamSs - ok
07:05:53.0437 2012 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
07:05:53.0437 2012 SASDIFSV - ok
07:05:53.0453 2012 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
07:05:53.0453 2012 SASKUTIL - ok
07:05:53.0468 2012 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
07:05:53.0468 2012 SCardSvr - ok
07:05:53.0515 2012 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
07:05:53.0515 2012 Schedule - ok
07:05:53.0546 2012 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:05:53.0578 2012 Secdrv - ok
07:05:53.0609 2012 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
07:05:53.0609 2012 seclogon - ok
07:05:53.0609 2012 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
07:05:53.0609 2012 SENS - ok
07:05:53.0625 2012 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
07:05:53.0625 2012 Serial - ok
07:05:53.0671 2012 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
07:05:53.0687 2012 Sfloppy - ok
07:05:53.0750 2012 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
07:05:53.0765 2012 SharedAccess - ok
07:05:53.0781 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:05:53.0781 2012 ShellHWDetection - ok
07:05:53.0796 2012 Simbad - ok
07:05:53.0812 2012 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
07:05:53.0828 2012 SLIP - ok
07:05:53.0875 2012 [ 489703624DAC94ED943C2ABDA022A1CD ] sonydcam C:\WINDOWS\system32\DRIVERS\sonydcam.sys
07:05:53.0906 2012 sonydcam - ok
07:05:53.0906 2012 Sparrow - ok
07:05:53.0953 2012 [ 5D6401DB90EC81B71F8E2C5C8F0FEF23 ] speedfan C:\WINDOWS\system32\speedfan.sys
07:05:53.0984 2012 speedfan - ok
07:05:54.0031 2012 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
07:05:54.0046 2012 splitter - ok
07:05:54.0109 2012 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
07:05:54.0125 2012 Spooler - ok
07:05:54.0187 2012 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
07:05:54.0203 2012 sptd - ok
07:05:54.0218 2012 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
07:05:54.0265 2012 sr - ok
07:05:54.0312 2012 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
07:05:54.0312 2012 srservice - ok
07:05:54.0375 2012 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
07:05:54.0375 2012 Srv - ok
07:05:54.0390 2012 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
07:05:54.0390 2012 SSDPSRV - ok
07:05:54.0453 2012 [ 3D2829FDE1C52FC64DA5413889CE4DEE ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
07:05:54.0453 2012 ssmdrv - ok
07:05:54.0515 2012 [ F70AB08582E06A8BDA3E470592D1A394 ] STacSV C:\WINDOWS\system32\STacSV.exe
07:05:54.0515 2012 STacSV - ok
07:05:54.0593 2012 [ 2A2DC39623ADEF8AB3703AB9FAC4B440 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
07:05:54.0609 2012 STHDA - ok
07:05:54.0640 2012 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
07:05:54.0671 2012 stisvc - ok
07:05:54.0687 2012 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
07:05:54.0703 2012 streamip - ok
07:05:54.0765 2012 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
07:05:54.0796 2012 swenum - ok
07:05:54.0828 2012 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
07:05:54.0875 2012 swmidi - ok
07:05:54.0875 2012 SwPrv - ok
07:05:54.0890 2012 symc810 - ok
07:05:54.0890 2012 symc8xx - ok
07:05:54.0906 2012 sym_hi - ok
07:05:54.0906 2012 sym_u3 - ok
07:05:54.0953 2012 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
07:05:55.0000 2012 sysaudio - ok
07:05:55.0046 2012 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
07:05:55.0046 2012 SysmonLog - ok
07:05:55.0078 2012 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
07:05:55.0093 2012 TapiSrv - ok
07:05:55.0125 2012 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:05:55.0171 2012 Tcpip - ok
07:05:55.0218 2012 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
07:05:55.0218 2012 TDPIPE - ok
07:05:55.0234 2012 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
07:05:55.0234 2012 TDTCP - ok
07:05:55.0265 2012 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
07:05:55.0265 2012 TermDD - ok
07:05:55.0296 2012 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
07:05:55.0296 2012 TermService - ok
07:05:55.0328 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
07:05:55.0328 2012 Themes - ok
07:05:55.0328 2012 TosIde - ok
07:05:55.0343 2012 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
07:05:55.0359 2012 TrkWks - ok
07:05:55.0375 2012 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
07:05:55.0406 2012 Udfs - ok
07:05:55.0421 2012 ultra - ok
07:05:55.0468 2012 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
07:05:55.0593 2012 Update - ok
07:05:55.0625 2012 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
07:05:55.0625 2012 upnphost - ok
07:05:55.0656 2012 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
07:05:55.0656 2012 UPS - ok
07:05:55.0703 2012 [ 6A65CD6761337D339001959232233F0D ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys
07:05:55.0703 2012 UrlFilter - ok
07:05:55.0750 2012 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
07:05:55.0796 2012 USBAAPL - ok
07:05:55.0828 2012 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
07:05:55.0875 2012 usbaudio - ok
07:05:55.0921 2012 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:05:55.0953 2012 usbccgp - ok
07:05:56.0000 2012 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:05:56.0031 2012 usbehci - ok
07:05:56.0078 2012 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:05:56.0156 2012 usbhub - ok
07:05:56.0187 2012 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:05:56.0218 2012 usbprint - ok
07:05:56.0234 2012 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:05:56.0265 2012 usbscan - ok
07:05:56.0281 2012 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:05:56.0296 2012 USBSTOR - ok
07:05:56.0328 2012 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:05:56.0359 2012 usbuhci - ok
07:05:56.0359 2012 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
07:05:56.0390 2012 usbvideo - ok
07:05:56.0390 2012 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
07:05:56.0421 2012 VgaSave - ok
07:05:56.0421 2012 ViaIde - ok
07:05:56.0468 2012 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
07:05:56.0500 2012 VolSnap - ok
07:05:56.0546 2012 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
07:05:56.0546 2012 VSS - ok
07:05:56.0750 2012 [ 50D3941555FEFDF46424431702EC5FB6 ] vToolbarUpdater14.0.1 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
07:05:56.0781 2012 vToolbarUpdater14.0.1 - ok
07:05:56.0812 2012 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
07:05:56.0812 2012 W32Time - ok
07:05:56.0828 2012 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:05:56.0859 2012 Wanarp - ok
07:05:56.0875 2012 WDICA - ok
07:05:56.0906 2012 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
07:05:56.0953 2012 wdmaud - ok
07:05:56.0984 2012 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
07:05:56.0984 2012 WebClient - ok
07:05:57.0078 2012 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
07:05:57.0078 2012 winmgmt - ok
07:05:57.0187 2012 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:05:57.0234 2012 wlidsvc - ok
07:05:57.0250 2012 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
07:05:57.0250 2012 WmdmPmSN - ok
07:05:57.0265 2012 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:05:57.0265 2012 WmiApSrv - ok
07:05:57.0406 2012 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
07:05:57.0437 2012 WMPNetworkSvc - ok
07:05:57.0500 2012 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:05:57.0531 2012 WpdUsb - ok
07:05:57.0609 2012 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:05:57.0640 2012 WS2IFSL - ok
07:05:57.0703 2012 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
07:05:57.0703 2012 wscsvc - ok
07:05:57.0703 2012 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
07:05:57.0734 2012 WSTCODEC - ok
07:05:57.0781 2012 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
07:05:57.0781 2012 wuauserv - ok
07:05:57.0812 2012 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:05:57.0875 2012 WudfPf - ok
07:05:57.0875 2012 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:05:57.0937 2012 WudfRd - ok
07:05:57.0968 2012 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
07:05:57.0968 2012 WudfSvc - ok
07:05:58.0015 2012 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
07:05:58.0031 2012 WZCSVC - ok
07:05:58.0062 2012 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
07:05:58.0062 2012 xmlprov - ok
07:05:58.0078 2012 ================ Scan global ===============================
07:05:58.0109 2012 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
07:05:58.0187 2012 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
07:05:58.0250 2012 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
07:05:58.0281 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
07:05:58.0281 2012 [Global] - ok
07:05:58.0281 2012 ================ Scan MBR ==================================
07:05:58.0312 2012 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
07:05:58.0625 2012 \Device\Harddisk0\DR0 - ok
07:05:58.0625 2012 ================ Scan VBR ==================================
07:05:58.0625 2012 [ 5B2A265CF6D2AF91CCD11EC2105295A4 ] \Device\Harddisk0\DR0\Partition1
07:05:58.0625 2012 \Device\Harddisk0\DR0\Partition1 - ok
07:05:58.0625 2012 ============================================================
07:05:58.0625 2012 Scan finished
07:05:58.0625 2012 ============================================================
07:05:58.0640 4012 Detected object count: 0
07:05:58.0640 4012 Actual detected object count: 0




aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-04 07:08:24
-----------------------------
07:08:24.046 OS Version: Windows 5.1.2600 Service Pack 3
07:08:24.046 Number of processors: 2 586 0x403
07:08:24.046 ComputerName: DELLDIMENSION UserName: Mike
07:08:24.625 Initialize success
07:09:25.921 AVAST engine defs: 13020400
07:10:07.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
07:10:07.781 Disk 0 Vendor: WDC_WD80 09.0 Size: 76293MB BusType: 3
07:10:07.796 Disk 0 MBR read successfully
07:10:07.796 Disk 0 MBR scan
07:10:07.875 Disk 0 Windows XP default MBR code
07:10:07.875 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 54 MB offset 63
07:10:07.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 72951 MB offset 112455
07:10:07.984 Disk 0 Partition 3 00 DB CP/M / CTOS MSWIN4.1 3278 MB offset 149516955
07:10:08.015 Disk 0 scanning sectors +156232125
07:10:08.125 Disk 0 scanning C:\WINDOWS\system32\drivers
07:10:35.375 Service scanning
07:10:55.156 Service MpKsle5cde895 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F87D841-6081-4F0B-BD62-52B2DD40A02A}\MpKsle5cde895.sys **LOCKED** 32
07:11:11.718 Modules scanning
07:11:17.171 Disk 0 trace - called modules:
07:11:17.218 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
07:11:17.218 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89fcbab8]
07:11:17.218 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8a942030]
07:11:17.484 AVAST engine scan C:\WINDOWS
07:11:35.562 AVAST engine scan C:\WINDOWS\system32
07:17:26.781 AVAST engine scan C:\WINDOWS\system32\drivers
07:18:13.328 AVAST engine scan C:\Documents and Settings\Mike
07:26:16.718 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Mike\Desktop\MBR.dat"
07:26:16.718 The log file has been saved successfully to "C:\Documents and Settings\Mike\Desktop\aswMBR.txt"







ESET ONLY says there are no threats found... do not see list of found threats...


Thanks!!

m

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 04 February 2013 - 09:18 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 mrmatt2

mrmatt2
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 05 February 2013 - 08:00 PM

Thanks!


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.05.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Mike :: DELLDIMENSION [administrator]

2/5/2013 7:36:12 AM
mbam-log-2013-02-05 (07-36-12).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 331988
Time elapsed: 1 hour(s), 20 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)










MiniToolBox by Farbar Version:10-01-2013
Ran by Mike (administrator) on 05-02-2013 at 07:35:26
Running from "C:\Documents and Settings\Mike\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com

There are 3266 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : delldimension

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : home



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : home

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-12-3F-6F-E6-A7

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.4

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Tuesday, February 05, 2013 7:01:51 AM

Lease Expires . . . . . . . . . . : Wednesday, February 06, 2013 7:01:51 AM

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.228.8, 74.125.228.4, 74.125.228.2, 74.125.228.14
74.125.228.5, 74.125.228.3, 74.125.228.6, 74.125.228.1, 74.125.228.0
74.125.228.9, 74.125.228.7



Pinging google.com [74.125.228.69] with 32 bytes of data:



Reply from 74.125.228.69: bytes=32 time=17ms TTL=252

Reply from 74.125.228.69: bytes=32 time=18ms TTL=252



Ping statistics for 74.125.228.69:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 17ms, Maximum = 18ms, Average = 17ms

Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=107ms TTL=250

Reply from 206.190.36.45: bytes=32 time=224ms TTL=250



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 107ms, Maximum = 224ms, Average = 165ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 12 3f 6f e6 a7 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.4 192.168.1.4 20
192.168.1.0 255.255.255.0 192.168.1.4 192.168.1.4 20
192.168.1.4 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.4 192.168.1.4 20
224.0.0.0 240.0.0.0 192.168.1.4 192.168.1.4 20
255.255.255.255 255.255.255.255 192.168.1.4 192.168.1.4 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 02 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 04 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/05/2013 07:02:14 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/04/2013 06:56:46 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/03/2013 09:53:10 PM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/03/2013 04:46:20 PM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (02/01/2013 06:56:13 PM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (01/31/2013 07:46:20 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (01/30/2013 07:42:39 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (01/29/2013 06:33:45 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (01/28/2013 07:53:16 AM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed

Error: (01/27/2013 05:33:43 PM) (Source: STacSV) (User: NT AUTHORITY)
Description: Connection to the Storage interface failed


System errors:
=============
Error: (02/05/2013 07:02:24 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/05/2013 07:02:11 AM) (Source: 0) (User: )
Description:

Error: (02/05/2013 07:02:11 AM) (Source: 0) (User: )
Description:

Error: (02/04/2013 05:52:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate1c9d0ed21b54848 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/04/2013 00:52:00 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate1c9d0ed21b54848 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/04/2013 07:52:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate1c9d0ed21b54848 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/04/2013 07:00:26 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{E495E3E8-5343-4238-81AD-9D6C1D6E7D75}.
The backup browser is stopping.

Error: (02/04/2013 06:56:57 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/04/2013 06:56:42 AM) (Source: 0) (User: )
Description:

Error: (02/04/2013 06:56:42 AM) (Source: 0) (User: )
Description:


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.21beta
Acrobat.com (Version: 1.7.186)
Active@ ISO Burner (Version: 2.1.0)
Ad-Aware
Ad-Aware (Version: 8.3.0)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 10 ActiveX (Version: 10.0.22.87)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Photoshop Elements 11 (Version: 11.0)
Adobe Reader 9.4.1 (Version: 9.4.1)
Adobe Shockwave Player 11.5 (Version: 11.5)
AMP WinOFF
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Software for HP
ATI - Software Uninstall Utility (Version: 6.14.10.1022)
ATI Catalyst Control Center (Version: 2.008.0512.1132)
ATI Display Driver (Version: 8.493-080512a-063030C-ATI)
Audacity 1.2.6
AVG Security Toolbar (Version: 14.0.2.14)
Avira AntiVir Personal - Free Antivirus
Bonjour (Version: 3.0.0.10)
BurnAware Free 3.2
BurnAware Professional 2.4.2
Canon Utilities ZoomBrowser EX
Catalyst Control Center Core Implementation (Version: 2008.0512.1133.18639)
Catalyst Control Center Graphics Full Existing (Version: 2008.0512.1133.18639)
Catalyst Control Center Graphics Full New (Version: 2008.0512.1133.18639)
Catalyst Control Center Graphics Light (Version: 2008.0512.1133.18639)
Catalyst Control Center Graphics Previews Common (Version: 2008.0512.1133.18639)
Cbox
ccc-core-preinstall (Version: 2008.0512.1133.18639)
ccc-core-static (Version: 2008.0512.1133.18639)
ccc-utility (Version: 2008.0512.1133.18639)
CCC Help English (Version: 2008.0512.1132.18639)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DarkLoader 4.3 (Version: 4.3)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Resource CD (Version: 1.00.0000)
DIGOpt (Version: 9.0.0917.2)
DIGReqEx (Version: 9.0.0917.2)
Doom 3 (Version: 1.00.0000)
Elements 11 Organizer (Version: 11.0)
ESET Online Scanner v3
Facebook Plug-In
Files Access (Version: 1.0)
Fraps
Free CD to MP3 Converter
Free Online Converter (Version: 1.0)
Frogger2
Garmin Communicator Plugin (Version: 2.7.1)
Garmin USB Drivers (Version: 1.0.0.0)
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 3.13.1.11376)
Google Update Helper (Version: 1.3.21.123)
Google Updater (Version: 2.4.2432.1652)
Hitachi Backup 1.0.5.57 (Version: 1.0.5.57)
Hitachi Backup 1.0.5.59 (Version: 1.0.5.59)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.00.0000)
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.00.0000)
HP Photo and Imaging 2.0 - hp psc 1200 series
hp psc 1200 series (Version: 1.00.0000)
InstallIQ Updater (Version: 1.1.2.0)
InstallMgr (Version: 1.0.39.0)
Intel® PRO Network Connections Drivers
IObit Malware Fighter (Version: 1.0)
IrfanView (remove only)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
jZip
K-Lite Codec Pack 4.4.2 (Full) (Version: 4.4.2)
Magical Jelly Bean KeyFinder (Version: 2.0.8.4)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (Version: 2.0.1578.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.363)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Maintenance Service (Version: 18.0.1)
MSN (Version: 10.20.0611.0)
MSN Messenger 7.0 (Version: 7.0.0820)
MSN Toolbar (Version: 1.0.39.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Manager
neroxml (Version: 1.0.0)
ooVoo (Version: 3.5.3018)
Opera 12.11 (Version: 12.11.1661)
Panda ActiveScan 2.0 (Version: 01.03.02.0000)
PC Health Doc PDF Reader (Version: 0.1)
PeerBlock 1.0.0 (r181) (Version: 1.0.0.181)
Picasa 3 (Version: 3.8)
PSE11 STI Installer (Version: 11.0)
Quicken 2013 (Version: 22.1.10.2)
QuickTime (Version: 7.72.80.56)
Registry Repair Wizard
Revo Uninstaller 1.92 (Version: 1.92)
Sansa Updater
Security Task Manager 1.8d (Version: 1.8d)
SigmaTel Audio (Version: 5.10.4600.0)
SIW version 2010.07.14 (Version: 2010.07.14)
Skins (Version: 2008.0512.1133.18639)
SpeedFan (remove only)
Spybot - Search & Destroy (Version: 1.6.0)
SpyHunter (Version: 4.11.10.4138)
SUPERAntiSpyware (Version: 4.49.1000)
System Explorer 3.2.2
TEFView 2.65
Thief 2
Thief Gold
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Verizon Help and Support Tool
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.7523)
Wedding Dash™ (Version: 32.0.0.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol 2009 (Version: 16.0.2009.6)
WinZip 14.0 (Version: 14.0.8652)
Wise Registry Cleaner 4 Free 4.93
Yahoo! Detect

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 2046.09 MB
Available physical RAM: 1388.62 MB
Total Pagefile: 3937.58 MB
Available Pagefile: 3439.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.67 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.24 GB) (Free:26.31 GB) NTFS
2 Drive f: (50780) (CDROM) (Total:2.04 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\DELLDIMENSION

Administrator Guest HelpAssistant
Mike SUPPORT_388945a0

========================= Restore Points ==================================

02-12-2012 18:17:45 Software Distribution Service 3.0
02-12-2012 20:39:48 System Checkpoint
03-12-2012 18:00:17 Software Distribution Service 3.0
03-12-2012 18:28:51 Software Distribution Service 3.0
05-12-2012 00:46:00 Software Distribution Service 3.0
06-12-2012 01:15:35 System Checkpoint
07-12-2012 23:51:41 Software Distribution Service 3.0
09-12-2012 02:06:53 Software Distribution Service 3.0
11-12-2012 19:17:13 Software Distribution Service 3.0
12-12-2012 19:16:53 Software Distribution Service 3.0
13-12-2012 15:56:19 Software Distribution Service 3.0
14-12-2012 17:57:44 Software Distribution Service 3.0
15-12-2012 21:12:41 Software Distribution Service 3.0
16-12-2012 22:42:11 System Checkpoint
17-12-2012 02:34:22 Software Distribution Service 3.0
18-12-2012 00:27:18 Removed Print Creations
18-12-2012 04:02:54 Software Distribution Service 3.0
18-12-2012 14:27:32 Software Distribution Service 3.0
19-12-2012 16:23:54 Software Distribution Service 3.0
24-12-2012 00:37:02 Software Distribution Service 3.0
26-12-2012 17:57:14 Software Distribution Service 3.0
26-12-2012 18:07:07 Software Distribution Service 3.0
27-12-2012 18:18:37 System Checkpoint
27-12-2012 23:46:18 Installed Adobe Photoshop Elements 11.
28-12-2012 00:26:45 Software Distribution Service 3.0
29-12-2012 01:17:44 System Checkpoint
29-12-2012 19:17:50 Software Distribution Service 3.0
30-12-2012 15:47:49 Software Distribution Service 3.0
31-12-2012 16:12:31 System Checkpoint
31-12-2012 22:23:46 Installed hp psc 1200 series
01-01-2013 13:50:17 Software Distribution Service 3.0
02-01-2013 14:12:59 System Checkpoint
03-01-2013 12:14:41 Software Distribution Service 3.0
04-01-2013 17:39:15 Software Distribution Service 3.0
04-01-2013 18:00:18 Software Distribution Service 3.0
04-01-2013 22:55:43 Installed SpyHunter
05-01-2013 00:36:57 Installed iTunes
06-01-2013 00:52:49 System Checkpoint
06-01-2013 17:49:16 Software Distribution Service 3.0
08-01-2013 00:59:50 Software Distribution Service 3.0
09-01-2013 20:28:50 Software Distribution Service 3.0
10-01-2013 00:32:25 Software Distribution Service 3.0
10-01-2013 21:41:54 Software Distribution Service 3.0
13-01-2013 19:58:54 Software Distribution Service 3.0
15-01-2013 19:25:01 Software Distribution Service 3.0
16-01-2013 23:52:08 Software Distribution Service 3.0
20-01-2013 18:33:49 Unsigned driver install
22-01-2013 13:10:40 Software Distribution Service 3.0
24-01-2013 12:47:36 Software Distribution Service 3.0
26-01-2013 18:30:42 Software Distribution Service 3.0
27-01-2013 18:45:30 Software Distribution Service 3.0
28-01-2013 19:05:39 System Checkpoint
29-01-2013 11:44:10 Software Distribution Service 3.0
30-01-2013 12:53:14 Software Distribution Service 3.0
31-01-2013 12:57:00 Software Distribution Service 3.0
02-02-2013 00:08:06 Software Distribution Service 3.0
03-02-2013 21:52:15 Printer Driver Amyuni Document Converter 400 Installed
03-02-2013 21:57:00 Software Distribution Service 3.0
04-02-2013 21:59:14 System Checkpoint
05-02-2013 12:12:54 Software Distribution Service 3.0

**** End of log ****










Farbar Service Scanner Version: 30-01-2013
Ran by Mike (administrator) on 05-02-2013 at 07:35:27
Running from "C:\Documents and Settings\Mike\My Documents\Downloads"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2008-06-18 00:10] - [2008-04-14 05:42] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2004-08-04 07:00] - [2009-02-06 06:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****









# AdwCleaner v2.111 - Logfile created 02/05/2013 at 07:35:52
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mike - DELLDIMENSION
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mike\My Documents\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\DOCUME~1\Mike\LOCALS~1\Temp\avg@toolbar
Folder Found : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Mike\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Mike\Local Settings\Application Data\AVG Secure Search
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Deals Plugin
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Found : HKCU\Toolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\loaalbhdjmjgdckmmeflpmbacffgnmme
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Viewpoint
Key Found : HKU\S-1-5-21-1708537768-1202660629-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\nz3csddr.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found [l.1] : icon_url ={"autofill":{"negative_upload_rate":1.0,"positive_upload_rate":1.0},"backup":{"_version":1,"homepage":true,"homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxps://isearch.avg.com/?cid={E9C9EEB7-856F-4658-A36F-F17C6BE141A3}&mid=596c5c18d11847d0babed15b798b0f54-ae64abc74629cd0dadeb805a6163e8ddfb6c2b30&lang=en&ds=ga011&pr=sa&d=2012-08-05 10:30:40&v=12.1.0.21&sap=hp"]}},"browser":{"check_default_browser":false,"window_placement":{"bottom":980,"left":30,"maximized":true,"right":1080,"top":20,"work_area_bottom":990,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"default_search_provider":{"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}&ion=1{searchTerms}&nord=1","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}"},"distribution":{"create_all_shortcuts":true,"do_not_launch_chrome":true,"import_bookmarks":false,"import_history":false,"import_home_page":false,"import_search_engine":false,"make_chrome_default_for_user":false,"ping_delay":-60,"show_welcome_page":true,"skip_first_run_ui":false},"dns_prefetching":{"host_referral_list":[2,["hxxp://0.225.channel.facebook.com/",["hxxp://static.ak.fbcdn.net/",1.967674022654115]],["hxxp://0.96.channel.facebook.com/",["hxxp://0.96.channel.facebook.com/",5.269348505482213,"hxxp://static.ak.fbcdn.net/",0.7079475407873128]],["hxxp://1.225.channel.facebook.com/",["hxxp://1.225.channel.facebook.com/",1.967674022654115,"hxxp://static.ak.fbcdn.net/",1.967674022654115]],["hxxp://9thdwhs201112.shutterfly.com/",["hxxp://cmd.shutterfly.com/",1.391322285243528]],["hxxp://a.rfihub.com/",["hxxp://a.rfihub.com/",1.744516344505806,"hxxp://ads.pointroll.com/",1.351711339782644,"hxxp://b.scorecardresearch.com/",1.548113842144225,"hxxp://cm.g.doubleclick.net/",1.351711339782644,"hxxp://fw.adsafeprotected.com/",1.548113842144225,"hxxp://ib.adnxs.com/",1.744516344505806,"hxxp://secure-us.imrworldwide.com/",1.548113842144225,"hxxp://speed.pointroll.com/",1.351711339782644,"hxxp://www.facebook.com/",1.351711339782644]],["hxxp://a.tribalfusion.com/",["hxxp://a.tribalfusion.com/",1.042293187499811,"hxxp://cdn5.tribalfusion.com/",1.193737496794654,"hxxp://secure-us.imrworldwide.com/",1.042293187499811]],["hxxp://a1.interclick.com/",["hxxp://cdn.interclick.com/",1.351711339782644,"hxxp://load.s3.amazonaws.com/",1.351711339782644,"hxxp://loadm.exelator.com/",1.351711339782644]],["hxxp://ad-emea.doubleclick.net/",["hxxp://s0.2mdn.net/",2.613894300836889]],["hxxp://ad-g.doubleclick.net/",["hxxp://s0.2mdn.net/",0.7411346637844604,"hxxp://www.youtube.com/",1.007264090264373]],["hxxp://ad.doubleclick.net/",["hxxp://aperture.displaymarketplace.com/",2.084686339270529,"hxxp://api.dimestore.com/",2.084686339270529,"hxxp://c.betrad.com/",0.6709362724368764,"hxxp://cdn.doubleverify.com/",0.06048746162409612,"hxxp://core.insightexpressai.com/",0.8822360650398163,"hxxp://l.betrad.com/",0.3886116033421512,"hxxp://pixel.quantserve.com/",0.3886116033421512,"hxxp://s0.2mdn.net/",1.255717644609520,"hxxp://viacom.adbureau.net/",0.07687861128430565]],["hxxp://ad.turn.com/",["hxxp://cdn.turn.com/",1.351711339782644]],["hxxp://ad.yieldmanager.com/",["hxxp://ak1.abmr.net/",1.351711339782644,"hxxp://as1.suitesmart.com/",1.021755135815189,"hxxp://content.yieldmanager.com/",1.548113842144225,"hxxp://fw.adsafeprotected.com/",1.021755135815189,"hxxp://r1-ads.ace.advertising.com/",1.021755135815189,"hxxp://s0.2mdn.net/",1.021755135815189,"hxxp://sensor2.suitesmart.com/",0.8921294842565452,"hxxp://static.adsafeprotected.com/",1.021755135815189,"hxxp://static.suitesmart.com/",0.8921294842565452,"hxxp://uac.advertising.com/",1.021755135815189]],["hxxp://addictinggames.com/",["hxxp://www.addictinggames.com/",1.351711339782644]],["hxxp://ads-vrx.hxxpads.com/",["hxxp://ad.doubleclick.net/",1.275840513421308,"hxxp://ads.adbrite.com/",1.646597585697586,"hxxp://bstats.adbrite.com/",1.275840513421308,"hxxp://rd.rlcdn.com/",1.275840513421308,"hxxp://spe.atdmt.com/",1.275840513421308,"hxxp://view.atdmt.com/",1.275840513421308]],["hxxp://ads01.maxcdn.com/",["hxxp://a1.interclick.com/",1.548113842144225,"hxxp://ad.doubleclick.net/",1.744516344505806,"hxxp://ads01.maxcdn.com/",1.351711339782644,"hxxp://cdn.interclick.com/",1.351711339782644,"hxxp://s0.2mdn.net/",1.744516344505806]],["hxxp://amazingdata.com/",["hxxp://ad.afy11.net/",1.648070424679187,"hxxp://ad.yieldmanager.com/",1.345181806089499,"hxxp://adadvisor.net/",1.042293187499811,"hxxp://ads.adk2.com/",1.193737496794654,"hxxp://b.scorecardresearch.com/",1.345181806089499,"hxxp://media.2leep.com/",2.708180589743095,"hxxp://pixel.quantserve.com/",1.042293187499811,"hxxp://static.crowdscience.com/",1.042293187499811,"hxxp://tmx.technoratimedia.com/",1.042293187499811,"hxxp://www.google-analytics.com/",2.102403352563719]],["hxxp://americandreamcars.com/",["hxxp://americandreamcars.com/",1.228719130438231,"hxxp://kona.kontera.com/",1.072836852696067,"hxxp://pagead2.googlesyndication.com/",1.072836852696067,"hxxp://s7.addthis.com/",1.072836852696067,"hxxp://www.americandreamcars.com/",1.072836852696067,"hxxp://www.google-analytics.com/",1.228719130438231]],["hxxp://answers.yahoo.com/",["hxxp://a.l.yimg.com/",1.275840513421308,"hxxp://ad.yieldmanager.com/",1.275840513421308,"hxxp://answers.yahoo.com/",1.275840513421308,"hxxp://d.yimg.com/",1.646597585697586,"hxxp://l.yimg.com/",7.578710742118023,"hxxp://mi.adinterax.com/",2.202733194112002,"hxxp://tr.adinterax.com/",1.831976121835724,"hxxp://us.bc.yahoo.com/",1.275840513421308,"hxxp://yui.yahooapis.com/",1.461219049559447]],["hxxp://bh.contextweb.com/",["hxxp://ad.turn.com/",1.351711339782644,"hxxp://bh.contextweb.com/",1.351711339782644,"hxxp://contextweb.pixel.invitemedia.com/",1.351711339782644,"hxxp://hxxp.content.ru4.com/",1.351711339782644,"hxxp://i.w55c.net/",1.351711339782644,"hxxp://ib.adnxs.com/",1.351711339782644,"hxxp://matcher-apx.bidder7.mookie1.com/",1.351711339782644,"hxxp://matcher-cwb.bidder7.mookie1.com/",1.548113842144225,"hxxp://matcher.bidder8.mookie1.com/",1.351711339782644,"hxxp://um.simpli.fi/",1.351711339782644]],["hxxp://bpx.a9.com/",["hxxp://ad.doubleclick.net/",2.025335319191497,"hxxp://admeld-match.dotomi.com/",2.025335319191497,"hxxp://admeld.lucidmedia.com/",2.025335319191497,"hxxp://ads.undertone.com/",2.319614810014193,"hxxp://b.scorecardresearch.com/",2.702178148083698,"hxxp://bpx.a9.com/",2.025335319191497,"hxxp://pixel.quantserve.com/",2.313729220197739,"hxxp://tag.admeld.com/",2.319614810014193,"hxxp://tags.bluekai.com/",1.530945774609368,"hxxp://w55c.net/",1.631000801489084]],["hxxp://c.www.endless.com/",["hxxp://s.amazon-cornerstone.com/",1.419618143218490]],["hxxp://cdn-aax.a9.com/",["hxxp://sis.amazon.com/",2.025335319191497,"hxxp://tag.admeld.com/",2.025335319191497]],["hxxp://cdn.interclick.com/",["hxxp://a1.interclick.com/",0.7852079619709004,"hxxp://adadvisor.net/",0.5888054596093199,"hxxp://cdn.interclick.com/",1.146195761311486,"hxxp://ic.nexac.com/",0.5888054596093199,"hxxp://tags.bluekai.com/",0.5888054596093199,"hxxp://va.px.invitemedia.com/",0.5888054596093199]],["hxxp://cdn.turn.com/",["hxxp://adadvisor.net/",0.3886116033421512,"hxxp://bh.contextweb.com/",0.4741645333708558,"hxxp://ce.lijit.com/",0.3886116033421512,"hxxp://d.audienceiq.com/",0.4450765371610962,"hxxp://r.casalemedia.com/",0.3886116033421512,"hxxp://r.openx.net/",0.3886116033421512,"hxxp://r.turn.com/",0.5580064047989863,"hxxp://sync.adap.tv/",0.3886116033421512,"hxxp://tag.admeld.com/",0.8125167457234904,"hxxp://tags.bluekai.com/",0.3886116033421512]],["hxxp://cdn.w55c.net/",["hxxp://ad.doubleclick.net/",1.351711339782644,"hxxp://adadvisor.net/",1.351711339782644,"hxxp://edge.aperture.displaymarketplace.com/",1.351711339782644,"hxxp://i.w55c.net/",1.351711339782644]],["hxxp://cdn5.tribalfusion.com/",["hxxp://a.tribalfusion.com/",1.042293187499811,"hxxp://adadvisor.net/",1.042293187499811,"hxxp://rd.rlcdn.com/",1.042293187499811,"hxxp://tags.expo9.exponential.com/",1.042293187499811]],["hxxp://creativejournal.net/",["hxxp://1.gravatar.com/",1.042293187499811,"hxxp://creativejournal.net/",2.859624899037940]],["hxxp://cti.w55c.net/",["hxxp://d.p-td.com/",1.275840513421308,"hxxp://i.w55c.net/",1.275840513421308,"hxxp://pixel.rubiconproject.com/",1.275840513421308,"hxxp://tags.bluekai.com/",1.275840513421308]],["hxxp://d.tradex.openx.com/",["hxxp://ad.yieldmanager.com/",1.351711339782644,"hxxp://ak.p.openx.net/",1.548113842144225,"hxxp://ak1.abmr.net/",1.351711339782644,"hxxp://bid.openx.net/",2.137321349228967,"hxxp://d.tradex.openx.com/",1.351711339782644,"hxxp://openx.px.invitemedia.com/",1.351711339782644,"hxxp://r.openx.net/",1.351711339782644]],["hxxp://downingtownhighschools.pbworks.com/",["hxxp://downingtownhighschools.pbworks.com/",0.101752385992770,"hxxp://pixel.quantserve.com/",0.06257984904698648,"hxxp://vs1.pbworks.com/",0.1335430179061279,"hxxp://www.google-analytics.com/",0.06257984904698648,"hxxps://files.pbworks.com/",0.06257984904698648]],["hxxp://downingtownschools.pbworks.com/",["hxxp://pbworks.com/",1.547593220250215,"hxxp://secure.pbworks.com/",1.547593220250215]],["hxxp://facebook.com/",["hxxp://www.facebook.com/",0.7246972233917032]],["hxxp://files.video-loader.com/",["hxxp://files.video-loader.com/",1.193737496794654,"hxxp://www.au2m8.com/",1.042293187499811]],["hxxp://freetetris.org/",["hxxp://www.freetetris.org/",1.351711339782644]],["hxxp://games.mtvnservices.com/",["hxxp://140cc.v.fwmrm.net/",3.708541368121614,"hxxp://addirector.vindicosuite.com/",1.744516344505806,"hxxp://adm.fwmrm.net/",1.940918846867386,"hxxp://asmassets.mtvnservices.com/",1.351711339782644,"hxxp://event.adxpose.com/",1.548113842144225,"hxxp://flash.quantserve.com/",1.351711339782644,"hxxp://games.mtvnservices.com/",1.351711339782644,"hxxp://pixel.quantserve.com/",1.548113842144225,"hxxp://spe.atdmt.com/",1.548113842144225,"hxxp://view.atdmt.com/",1.351711339782644]],["hxxp://google.com/",["hxxp://www.google.com/",0.7370513002165271]],["hxxp://googleads.g.doubleclick.net/",["hxxp://a.rfihub.com/",0.2564836582058198,"hxxp://cms.quantserve.com/",0.2564836582058198,"hxxp://edge.quantserve.com/",0.2564836582058198,"hxxp://googleads.g.doubleclick.net/",0.5902686739641139,"hxxp://ib.adnxs.com/",0.2564836582058198,"hxxp://js.dmtry.com/",0.2564836582058198,"hxxp://log.dmtry.com/",0.5902686739641139,"hxxp://pagead2.googlesyndication.com/",1.744516344505806,"hxxp://pixel.quantserve.com/",0.3861093097644632,"hxxp://s0.2mdn.net/",0.8161811708081278]],["hxxp://gooogle.com/",["hxxp://www.google.com/",1.275840513421308]],["hxxp://grooveshark.com/",["hxxp://ad.doubleclick.net/",1.940918846867386,"hxxp://grooveshark.com/",1.548113842144225,"hxxp://partner.googleadservices.com/",5.083358884652678,"hxxp://pixel.quantserve.com/",1.351711339782644,"hxxp://s0.2mdn.net/",2.922931358675291,"hxxp://static.a.gs-cdn.net/",10.38622644841536,"hxxp://stream66c.grooveshark.com/",1.351711339782644,"hxxp://tag.admeld.com/",5.083358884652678,"hxxp://w55c.net/",1.351711339782644,"hxxp://www.google-analytics.com/",9.797018941330615]],["hxxp://i.media-imdb.com/",["hxxp://platform.twitter.com/",1.631000801489084]],["hxxp://ia.media-imdb.com/",["hxxp://ia.media-imdb.com/",2.025335319191497]],["hxxp://ic.nexac.com/",["hxxp://cdn.interclick.com/",1.351711339782644]],["hxxp://img-cdn.mediaplex.com/",["hxxp://altfarm.mediaplex.com/",1.634602553694947,"hxxp://edpn.ebay.com/",0.7398681576255648,"hxxp://img-cdn.mediaplex.com/",0.5266858071232835,"hxxp://mp.apmebf.com/",0.9620910178215336]],["hxxp://l.exoplanetwar.com/",["hxxp://l.exoplanetwar.com/",10.38622644841536,"hxxp://s12.exoplanetwar.com/",4.297748875206355,"hxxp://www.facebook.com/",1.351711339782644,"hxxp://www.google-analytics.com/",1.351711339782644]],["hxxp://m.adnxs.com/",["hxxp://a.collective-media.net/",0.3445093006163236,"hxxp://cdn4.eyewonder.com/",0.8921294842565452,"hxxp://cm.g.doubleclick.net/",0.8921294842565452,"hxxp://g-pixel.invitemedia.com/",0.8921294842565452,"hxxp://ib.adnxs.com/",0.2501749223689496,"hxxp://img-cdn.mediaplex.com/",1.021755135815189,"hxxp://img.mediaplex.com/",0.8921294842565452,"hxxp://va.px.invitemedia.com/",0.8921294842565452]],["hxxp://moodle.dasd.org/",["hxxp://moodle.cciu.org/",1.315424413982296,"hxxp://moodle.dasd.org/",10.66348355548478]],["hxxp://my.hrw.com/",["hxxp://my.hrw.com/",11.60033210072590]],["hxxp://photo.net/",["hxxp://a.tribalfusion.com/",1.419618143218490,"hxxp://i.pgcdn.com/",3.580827853789920,"hxxp://images.intellitxt.com/",3.040525426147063,"hxxp://photo.net/",5.201735136718493,"hxxp://platform.twitter.com/",1.239517334004204,"hxxp://static.photo.net/",5.742037564361351,"hxxp://tags.expo9.exponential.com/",1.239517334004204,"hxxp://www.facebook.com/",1.239517334004204,"hxxp://www.stumbleupon.com/",1.239517334004204,"hxxps://plusone.google.com/",1.239517334004204]],["hxxp://platform.twitter.com/",["hxxp://cdn.api.twitter.com/",0.2209587951927899,"hxxp://platform.twitter.com/",0.6933788620468537]],["hxxp://pncbank.com/",["hxxps://www.pnc.com/",1.760323976852901]],["hxxp://r.turn.com/",["hxxp://cdn.turn.com/",1.012710601990659]],["hxxp://rcm.amazon.com/",["hxxp://ecx.images-amazon.com/",4.301231090647063,"hxxp://s.amazon-cornerstone.com/",1.419618143218490]],["hxxp://rs.gwallet.com/",["hxxp://bh.contextweb.com/",2.025335319191497,"hxxp://tag.admeld.com/",0.8921294842565454]],["hxxp://s.amazon-cornerstone.com/",["hxxp://sis.amazon.com/",0.4081345377027428]],["hxxp://s.ytimg.com/",["hxxp://googleads.g.doubleclick.net/",4.612654163907805,"hxxp://o-o.preferred.lga15s22.v10.lscache7.c.youtube.com/",2.025335319191497,"hxxp://o-o.preferred.lga15s22.v18.lscache8.c.youtube.com/",1.275840513421308,"hxxp://r9.lga15s23.c.youtube.com/",2.025335319191497,"hxxp://r9.mia05g02.c.youtube.com/",1.275840513421308,"hxxp://s.youtube.com/",1.940877076520283,"hxxp://s0.2mdn.net/",3.315004410940833,"hxxp://s2.youtube.com/",1.831976121835724,"hxxp://tc.v14.cache7.c.youtube.com/",1.275840513421308,"hxxp://www.youtube.com/",2.573490266388280]],["hxxp://s0.2mdn.net/",["hxxp://adserver.teracent.net/",4.690553879929515,"hxxp://i4.ytimg.com/",1.831976121835724,"hxxp://media.bltinteractive.com/",1.940918846867386,"hxxp://o-o.preferred.lga15s22.v21.nonxt3.c.youtube.com/",1.461219049559447,"hxxp://rmcdn.2mdn.net/",1.831976121835724,"hxxp://s.youtube.com/",1.275840513421308,"hxxp://s.ytimg.com/",1.831976121835724,"hxxp://s0.2mdn.net/",3.141340023136649,"hxxp://static.doubleclick.net/",4.690553879929515,"hxxp://www.youtube.com/",2.944247338664556]],["hxxp://s1.2mdn.net/",["hxxp://media.bltinteractive.com/",1.419618143218490]],["hxxp://secure-us.imrworldwide.com/",["hxxp://secure-us.imrworldwide.com/",1.239517334004204,"hxxp://www.facebook.com/",1.239517334004204]],["hxxp://secure.pbworks.com/",["hxxp://beacon-1.newrelic.com/",1.016039381748491,"hxxp://edge.quantserve.com/",1.118617985629593,"hxxp://pixel.quantserve.com/",1.301940735467466,"hxxp://secure.pbworks.com/",7.222033514809138,"hxxp://www.google-analytics.com/",1.708835104079435,"hxxps://d1ros97qkrwjf5.cloudfront.net/",0.8327166319106191]],["hxxp://sis.amazon.com/",["hxxp://c.www.endless.com/",0.4081345377027428,"hxxp://cdn-aax.a9.com/",0.8822360650398162]],["hxxp://static.addtoany.com/",["hxxp://www.google-analytics.com/",1.345181806089499]],["hxxp://static.ak.fbcdn.net/",["hxxp://cfs-p1.l3.fbcdn.net/",0.2564836582058198,"hxxp://connect.facebook.net/",0.2564836582058198,"hxxp://video.l3.fbcdn.net/",0.2564836582058198,"hxxp://www.facebook.com/",0.5546185087698496]],["hxxp://tag.admeld.com/",["hxxp://am.nexac.com/",2.084686339270529,"hxxp://api.bizographics.com/",2.084686339270529,"hxxp://b.scorecardresearch.com/",1.575809058505005,"hxxp://bannerfarm.ace.advertising.com/",2.084686339270529,"hxxp://pixel.quantserve.com/",1.575809058505005,"hxxp://r1-ads.ace.advertising.com/",2.084686339270529,"hxxp://tag.admeld.com/",1.878712201817817,"hxxp://tags.bluekai.com/",1.375892983918549,"hxxp://uac.advertising.com/",2.084686339270529,"hxxp://w55c.net/",1.678796127231361]],["hxxp://tags.bluekai.com/",["hxxp://cm.g.doubleclick.net/",0.6879135037498746,"hxxp://d.p-td.com/",0.6879135037498746,"hxxp://d.turn.com/",0.6879135037498746,"hxxp://r.nexac.com/",0.6879135037498746,"hxxp://tags.bluekai.com/",0.9877732361536663,"hxxp://va.px.invitemedia.com/",0.6879135037498746]],["hxxp://tap2-cdn.rubiconproject.com/",["hxxp://cm.g.doubleclick.net/",1.275840513421308,"hxxp://cti.w55c.net/",1.275840513421308,"hxxp://map.media6degrees.com/",1.275840513421308,"hxxp://pixel.fimserve.com/",1.275840513421308,"hxxp://pixel.quantserve.com/",1.275840513421308,"hxxp://pixel.rubiconproject.com/",1.646597585697586,"hxxp://rubicon-match.dotomi.com/",1.275840513421308,"hxxp://sync.mathtag.com/",1.461219049559447]],["hxxp://the-waltons-home-page.com/",["hxxp://img1.webring.com/",2.025335319191497,"hxxp://l.yimg.com/",2.025335319191497,"hxxp://sd2ca1.webring.org/",2.319614810014193,"hxxp://ss.webring.com/",2.319614810014193,"hxxp://ss.webring.org/",2.319614810014193,"hxxp://the-waltons-home-page.com/",2.319614810014193,"hxxp://visit.webhosting.yahoo.com/",2.025335319191497,"hxxp://www4.clustrmaps.com/",2.025335319191497]],["hxxp://this.content.served.by.adshuffle.com/",["hxxp://media2.adshuffle.com/",1.878712201817817,"hxxp://this.content.served.by.adshuffle.com/",1.678796127231361]],["hxxp://uac.advertising.com/",["hxxp://ad.yieldmanager.com/",0.8420547388580635,"hxxp://apnxscm.ac3.msn.com:81/",0.8420547388580635,"hxxp://cmap.an.ace.advertising.com/",0.8420547388580635,"hxxp://cmap.rm.ace.advertising.com/",0.8420547388580635,"hxxp://googleads.g.doubleclick.net/",0.8420547388580635,"hxxp://ib.adnxs.com/",0.9644045727092350,"hxxp://m.adnxs.com/",0.8420547388580635,"hxxp://pixel.rubiconproject.com/",0.8420547388580635,"hxxp://tag.admeld.com/",0.8420547388580635,"hxxp://www.googleadservices.com/",0.8420547388580635]],["hxxp://viacom.adbureau.net/",["hxxp://cdn.w55c.net/",1.351711339782644,"hxxp://m.adnxs.com/",0.5986159017286392]],["hxxp://videos.video-loader.com/",["hxxp://videos.video-loader.com/",1.799514733974031]],["hxxp://view.atdmt.com/",["hxxp://ar.voicefive.com/",1.147077215742085,"hxxp://b.voicefive.com/",0.8754337003357922,"hxxp://citi.bridgetrack.com/",0.6037901849294990,"hxxp://ec.atdmt.com/",0.09953422369145275,"hxxp://ib.adnxs.com/",0.1552287935890137,"hxxp://m.xp1.ru4.com/",2.084686339270529,"hxxp://rmd.atdmt.com/",0.4162268454860306,"hxxp://spe.atdmt.com/",0.6539600381076797,"hxxp://viacom.adbureau.net/",0.2564836582058198]],["hxxp://vwtrends.automotive.com/",["hxxp://automotive.us.intellitxt.com/",1.072836852696067,"hxxp://pagead2.googlesyndication.com/",1.072836852696067,"hxxp://preferences.truste.com/",1.072836852696067,"hxxp://static.automotive.com/",1.696365963664722,"hxxp://vwtrends.automotive.com/",1.696365963664722,"hxxp://www.bkrtx.com/",1.072836852696067,"hxxps://ajax.googleapis.com/",1.072836852696067]],["hxxp://w55c.net/",["hxxp://tag.admeld.com/",0.1117242815144551]],["hxxp://weather.com/",["hxxp://www.weather.com/",2.084686339270529]],["hxxp://wendys.com/",["hxxp://ad.doubleclick.net/",2.769335610733743,"hxxp://anat.tacoda.net/",2.145776599045350,"hxxp://connect.facebook.net/",2.145776599045350,"hxxp://ips-invite.iperceptions.com/",2.145776599045350,"hxxp://wendys.com/",39.24753779450479,"hxxp://www.facebook.com/",4.016453634110526,"hxxp://www.google-analytics.com/",3.704674128266330,"hxxps://ajax.googleapis.com/",2.145776599045350]],["hxxp://www.actionext.com/",["hxxp://img.youtube.com/",1.461219049559447,"hxxp://overlay.ringtonematcher.com/",1.461219049559447,"hxxp://r1-ads.ace.advertising.com/",1.646597585697586,"hxxp://s.ytimg.com/",1.275840513421308,"hxxp://s4.histats.com/",1.275840513421308,"hxxp://srv.clickfuse.com/",2.758868802526418,"hxxp://tap2-cdn.rubiconproject.com/",1.461219049559447,"hxxp://uac.advertising.com/",1.275840513421308,"hxxp://www.actionext.com/",5.168789772322222,"hxxp://www.youtube.com/",24.07740045841244]],["hxxp://www.addictinggames.com/",["hxxp://ad.doubleclick.net/",1.548113842144225,"hxxp://cm.addictinggames.overture.com/",1.351711339782644,"hxxp://connect.facebook.net/",1.351711339782644,"hxxp://ga2432078aae44a2c.api.playtomic.com/",3.708541368121614,"hxxp://images.webads.nl/",1.351711339782644,"hxxp://platform.twitter.com/",1.548113842144225,"hxxp://www.addictinggames.com/",1.351711339782644,"hxxp://www.facebook.com/",1.351711339782644,"hxxps://plusone.google.com/",1.744516344505806,"hxxps://ssl.gstatic.com/",1.351711339782644]],["hxxp://www.adorama.com/",["hxxp://cts-log.channelintelligence.com/",0.7279761824076662,"hxxp://images.scanalert.com/",0.3613020528305346,"hxxp://medals.bizrate.com/",0.2284991361144462,"hxxp://www.adorama.com/",5.183556054230428,"hxxp://www.google-analytics.com/",0.7672401997187505]],["hxxp://www.athensplus.com/",["hxxp://www.athensplus.com/",2.319895074633376]],["hxxp://www.au2m8.com/",["hxxp://videos.video-loader.com/",1.950959043268876]],["hxxp://www.brainyquote.com/",["hxxp://c07.adsummos.net/",1.275840513421308,"hxxp://cdn.krxd.net/",1.461219049559447,"hxxp://edge.quantserve.com/",1.275840513421308,"hxxp://i.brainyquote.com/",2.202733194112002,"hxxp://pixel.quantserve.com/",1.275840513421308,"hxxp://pubads.g.doubleclick.net/",1.831976121835724,"hxxp://services.krxd.net/",1.275840513421308,"hxxp://www.facebook.com/",1.831976121835724,"hxxps://plusone.google.com/",1.275840513421308,"hxxps://ssl.gstatic.com/",1.275840513421308]],["hxxp://www.cardomain.com/",["hxxp://carphotos.cardomain.com/",1.345181806089499,"hxxp://cm.g.doubleclick.net/",1.042293187499811,"hxxp://cms.quantserve.com/",1.042293187499811,"hxxp://i.ebayimg.com/",3.162513517627629,"hxxp://px5.sfstatic.com/",4.676956610576070,"hxxp://tags.bluekai.com/",1.042293187499811,"hxxp://thumbs1.ebaystatic.com/",1.193737496794654,"hxxp://thumbs4.ebaystatic.com/",1.345181806089499,"hxxp://www.cardomain.com/",4.071179373396695,"hxxp://www.google-analytics.com/",1.345181806089499]],["hxxp://www.facebook.com/",["hxxp://profile.ak.fbcdn.net/",0.1116142568159242,"hxxp://static.ak.fbcdn.net/",0.8415564451884109]],["hxxp://www.freecarphotos.org.uk/",["hxxp://pagead2.googlesyndication.com/",1.193737496794654,"hxxp://www.freecarphotos.org.uk/",1.648070424679187,"hxxp://www.google-analytics.com/",1.193737496794654]],["hxxp://www.freetetris.org/",["hxxp://pagead2.googlesyndication.com/",1.351711339782644,"hxxp://www.freetetris.org/",3.315736363398452,"hxxp://www.google-analytics.com/",1.744516344505806]],["hxxp://www.frova.com/",["hxxp://img-cdn.mediaplex.com/",2.2086570657060,"hxxp://pt.frova.com/",2.2086570657060,"hxxp://www.frova.com/",11.8361365828860,"hxxp://www.google-analytics.com/",2.5295730496120,"hxxps://keywordmax.com/",2.2086570657060,"hxxps://www.keywordmax.com/",2.2086570657060]],["hxxp://www.google.com/",["hxxp://id.google.com/",0.2585617575497562,"hxxp://ssl.gstatic.com/",1.189810153458678,"hxxp://www.google.com/",6.480295542524625]],["hxxp://www.imdb.com/",["hxxp://b.scorecardresearch.com/",2.025335319191497,"hxxp://bpx.a9.com/",2.319614810014193,"hxxp://i.media-imdb.com/",12.70179524623891,"hxxp://ia.media-imdb.com/",6.780891890886265,"hxxp://s.amazon-cornerstone.com/",2.319614810014193,"hxxp://s.media-imdb.com/",2.908173791659586,"hxxp://s0.2mdn.net/",2.025335319191497,"hxxp://sis.amazon.com/",2.319614810014193,"hxxp://www.facebook.com/",2.025335319191497,"hxxp://www.imdb.com/",6.804434250152081]],["hxxp://www.keh.com/",["hxxp://images.scanalert.com/",0.6289200516675003,"hxxp://www.google-analytics.com/",1.198362861222849,"hxxp://www.keh.com/",3.990242360367889,"hxxps://seal.verisign.com/",0.2616998652934682]],["hxxp://www.last.fm/",["hxxp://ar.voicefive.com/",1.301787774059165,"hxxp://b.scorecardresearch.com/",1.301787774059165,"hxxp://b.voicefive.com/",1.797244314932429,"hxxp://bwp.lastfm.com.com/",1.136635593768077,"hxxp://cdn.doubleverify.com/",1.136635593768077,"hxxp://cdn.last.fm/",3.613918298134396,"hxxp://cdn.lst.fm/",2.457853036096781,"hxxp://speed.pointroll.com/",1.136635593768077,"hxxp://userserve-ak.last.fm/",3.613918298134396,"hxxp://www.google-analytics.com/",1.632092134641340]],["hxxp://www.lijit.com/",["hxxp://ad.turn.com/",1.351711339782644,"hxxp://ce.lijit.com/",1.744516344505806,"hxxp://d.p-td.com/",1.351711339782644,"hxxp://idpix.media6degrees.com/",1.351711339782644,"hxxp://r.turn.com/",1.351711339782644,"hxxp://sync.mathtag.com/",1.351711339782644,"hxxp://um.simpli.fi/",1.351711339782644]],["hxxp://www.physicsclassroom.com/",["hxxp://www.google-analytics.com/",2.539476730092063,"hxxp://www.physicsclassroom.com/",10.54471463422333]],["hxxp://www.stumbleupon.com/",["hxxp://cdn.stumble-upon.com/",1.055814508605631]],["hxxp://www.weather.com/",["hxxp://ad.doubleclick.net/",2.993395769208965,"hxxp://b.imwx.com/",2.993395769208965,"hxxp://content.pulse360.com/",2.084686339270529,"hxxp://d.imwx.com/",5.719524059024271,"hxxp://i.imwx.com/",6.325330345649895,"hxxp://pix04.revsci.net/",2.084686339270529,"hxxp://s.imwx.com/",26.61984094760829,"hxxp://s0.2mdn.net/",2.084686339270529,"hxxp://static.pulse360.com/",4.507911485773024,"hxxp://www.weather.com/",15.41242464503425]],["hxxp://www.wmsbrg.com/",["hxxp://www.wmsbrg.com/",5.434178157050290]],["hxxp://www.yelp.com/",["hxxp://maps.gstatic.com/",1.729148293032969,"hxxp://media1.px.yelpcdn.com/",4.353748380672298,"hxxp://mt0.google.com/",2.079094971384880,"hxxp://mt1.google.com/",1.554174953857015,"hxxp://s3-media3.px.yelpcdn.com/",1.729148293032969,"hxxp://www.facebook.com/",1.204228275505104,"hxxp://www.google-analytics.com/",1.554174953857015,"hxxp://www.google.com/",1.379201614681059,"hxxp://www.yelp.com/",1.554174953857015,"hxxps://api.facebook.com/",1.204228275505104]],["hxxp://www.youtube.com/",["hxxp://csi.gstatic.com/",2.025335319191497,"hxxp://i1.ytimg.com/",2.319614810014193,"hxxp://i2.ytimg.com/",2.908173791659586,"hxxp://i3.ytimg.com/",3.264586727691673,"hxxp://i4.ytimg.com/",4.157223618160345,"hxxp://o-o.preferred.lga15s22.v10.lscache7.c.youtube.com/",2.025335319191497,"hxxp://p2.dktfqtu5khpyk.fw42xxx5mkiekbwq.if.v4.ipv6-exp.l.google.com/",2.025335319191497,"hxxp://s.ytimg.com/",3.485044541364581,"hxxp://www.youtube.com/",1.275840513421308,"hxxps://i1.ytimg.com/",1.275840513421308]],["hxxp://youtube.com/",["hxxp://www.youtube.com/",1.027433274996202]],["hxxps://content.pncmc.com/",["hxxps://content.pncmc.com/",3.071741350643242]],["hxxps://h.online-metrix.net/",["hxxps://h.online-metrix.net/",1.204228275505104]],["hxxps://my.pbworks.com/",["hxxps://my.pbworks.com/",2.874521384963983,"hxxps://pixel.quantserve.com/",2.016817323807062,"hxxps://secure.quantserve.com/",1.967674022654115,"hxxps://ssl.google-analytics.com/",2.302718677526035,"hxxps://vs1.pbworks.com/",2.302718677526035]],["hxxps://plans.pbworks.com/",["hxxps://pixel.quantserve.com/",1.911654343229152,"hxxps://plans.pbworks.com/",1.911654343229152,"hxxps://secure.quantserve.com/",1.911654343229152,"hxxps://ssl.google-analytics.com/",2.189416085407748,"hxxps://vs1.pbworks.com/",3.855986538479316]],["hxxps://plusone.google.com/",["hxxps://plusone.google.com/",0.08666086854123771,"hxxps://ssl.gstatic.com/",0.2830633709028185]],["hxxps://www.facebook.com/",["hxxps://s-static.ak.facebook.com/",3.221337349132498]],["hxxps://www.keh.com/",["hxxps://h.online-metrix.net/",2.254068310560836,"hxxps://images.scanalert.com/",1.379201614681059,"hxxps://ssl.google-analytics.com/",1.554174953857015,"hxxps://www.keh.com/",8.203161842543311,"hxxps://www.paypal.com/",1.204228275505104]],["hxxps://www.onlinebanking.pnc.com/",["hxxps://ad.doubleclick.net/",3.670283057966923,"hxxps://content.pncmc.com/",7.305330516872719,"hxxps://sales.liveperson.net/",9.642916068688212,"hxxps://www.onlinebanking.pnc.com/",37.05203320169273]],["hxxps://www.pnc.com/",["hxxps://content.pncmc.com/",1.149065352396958,"hxxps://statse.webtrendslive.com/",0.7650097446060137,"hxxps://view.atdmt.com/",0.7166797421742511,"hxxps://www.pnc.com/",8.932006336405671]]],"startup_list":[1]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"autoupdate":{"last_check":"12967337086436635","next_check":"12967417149398750"},"blacklistupdate":{"lastpingday":"12967286400705635","version":"0.0.0.6"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","webstorePrivate"]},"app_launcher_index":-2,"page_index":0},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true}}},"google":{"services":{"username":""}},"homepage":"hxxps://isearch.avg.com/?cid={E9C9EEB7-856F-4658-A36F-F17C6BE141A3}&mid=596c5c18d11847d0babed15b798b0f54-ae64abc74629cd0dadeb805a6163e8ddfb6c2b30&lang=en&ds=ga011&pr=sa&d=2012-08-05 10:30:40&v=12.1.0.21&sap=hp","homepage_is_newtabpage":false,"hxxp_throttling":{"enabled":true},"ntp":{"intro_display_count":7,"pref_version":3,"promo_build":0,"promo_closed":false,"promo_end":1323071940.0,"promo_group":0,"promo_group_max":0,"promo_group_timeslice":0,"promo_line":"<a href=\"hxxp://www.google.com/chromebook/index.html#utm_campaign=en&utm_source=en-ntp-holidays-na-us-bkws&utm_medium=ntp-holidays\">Get a Chromebook for the holidays</a>: the computer powered by Chrome.","promo_resource_cache_update":"1322862503.400453","promo_start":1321862280.0,"shown_sections":64,"webstore_last_promo_id":"1335115"},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files\\Google\\Chrome\\Application\\15.0.874.121","plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files\\Google\\Chrome\\Application\\15.0.874.121\\gcswf32.dll","version":"10,3,183,7"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\WINDOWS\\system32\\Macromed\\Flash\\NPSWF32.dll","version":"10,3,183,7"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin2.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin3.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin4.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin5.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin6.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"QuickTime Plug-in 7.6.9","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin7.dll","version":"7.6.9 (1680.9)"},{"enabled":true,"name":"Java Deployment Toolkit 6.0.260.3","path":"C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll","version":"6.0.260.3"},{"enabled":true,"name":"Java™ Platform SE 6 U26","path":"C:\\Program Files\\Java\\jre6\\bin\\new_plugin\\npjp2.dll","version":"6.0.260.3"},{"enabled":false,"name":"Adobe Acrobat","path":"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll","version":"9.4.1.222"},{"enabled":true,"name":"Silverlight Plug-In","path":"c:\\Program Files\\Microsoft Silverlight\\4.0.60531.0\\npctrl.dll","version":"4.0.60531.0"},{"enabled":true,"name":"Shockwave for Director","path":"C:\\WINDOWS\\system32\\Adobe\\Director\\np32dsw.dll","version":"11.5r595"},{"enabled":true,"name":"Windows Media Player Plug-in Dynamic Link Library","path":"C:\\Program Files\\Windows Media Player\\npdsplay.dll","version":"3.0.2.629"},{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files\\Google\\Chrome\\Application\\15.0.874.121\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files\\Google\\Chrome\\Application\\15.0.874.121\\pdf.dll","version":""},{"enabled":true,"name":"Google Talk Plugin","path":"C:\\Documents and Settings\\Mike\\Application Data\\Mozilla\\plugins\\npgoogletalk.dll","version":"2.3.2.0"},{"enabled":true,"name":"Google Talk Plugin Video Accelerator","path":"C:\\Documents and Settings\\Mike\\Application Data\\Mozilla\\plugins\\npgtpo3dautoplugin.dll","version":"0,1,44,11"},{"enabled":true,"name":"RealArcade NPAPI Plugin","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npraclient.dll","version":"1, 0, 0, 5"},{"enabled":true,"name":"MetaStream 3 Plugin","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll","version":"3, 5, 0, 36"},{"enabled":true,"name":"Microsoft® DRM","path":"C:\\Program Files\\Windows Media Player\\npdrmv2.dll","version":"9.00.00.4503"},{"enabled":true,"name":"Microsoft® DRM","path":"C:\\Program Files\\Windows Media Player\\npwmsdrm.dll","version":"9.00.00.4503"},{"enabled":true,"name":"Facebook Plugin","path":"C:\\Documents and Settings\\Mike\\Application Data\\Facebook\\npfbplugin_1_0_3.dll","version":"1, 0, 3, 0"},{"enabled":true,"name":"Google Update","path":"C:\\Documents and Settings\\Mike\\Local Settings\\Application Data\\Google\\Update\\1.3.21.69\\npGoogleUpdate3.dll","version":"1.3.21.69"},{"enabled":true,"name":"Google Updater","path":"C:\\Program Files\\Google\\Google Updater\\2.4.1601.7122\\npCIDetect13.dll","version":"2.4.1601.7122.beta"},{"enabled":true,"name":"Garmin Communicator Plug-In","path":"C:\\Program Files\\Garmin GPS Plugin\\npGarmin.dll","version":"2.7.1.0"},{"enabled":true,"name":"Google Earth Plugin","path":"C:\\Program Files\\Google\\Google Earth\\plugin\\npgeplugin.dll","version":"1, 0, 0, 1"},{"enabled":true,"name":"Picasa","path":"C:\\Program Files\\Google\\Picasa3\\npPicasa3.dll","version":"3, 1, 0, 0"},{"enabled":true,"name":"Panda ActiveScan 2.0","path":"C:\\Program Files\\Panda Security\\ActiveScan 2.0\\npwrapper.dll","version":"1, 3, 2, 0"},{"enabled":true,"name":"iTunes Application Detector","path":"C:\\Program Files\\iTunes\\Mozilla Plugins\\npitunes.dll","version":"1.0.1.1"},{"enabled":true,"name":"Windows Presentation Foundation","path":"c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\Windows Presentation Foundation\\NPWPF.dll","version":"3.5.30729.1 built by: SP"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"QuickTime"},{"enabled":true,"name":"Java"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"Shockwave"},{"enabled":true,"name":"Windows Media Player"},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Google Talk Plugin"},{"enabled":true,"name":"RealArcade NPAPI Plugin"},{"enabled":true,"name":"MetaStream 3 Plugin"},{"enabled":true,"name":"Microsoft® DRM"},{"enabled":true,"name":"Facebook Plugin"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Garmin Communicator Plug-In"},{"enabled":true,"name":"Google Earth Plugin"},{"enabled":true,"name":"Picasa"},{"enabled":true,"name":"Panda ActiveScan 2.0"},{"enabled":true,"name":"iTunes Application Detector"},{"enabled":true,"name":"Windows Presentation Foundation"},{"enabled":true,"name":"Default Plug-in"}]},"profile":{"content_settings":{"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exited_cleanly":true},"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxps://isearch.avg.com/?cid={E9C9EEB7-856F-4658-A36F-F17C6BE141A3}&mid=596c5c18d11847d0babed15b798b0f54-ae64abc74629cd0dadeb805a6163e8ddfb6c2b30&lang=en&ds=ga011&pr=sa&d=2012-08-05 10:30:40&v=12.1.0.21&sap=hp"]},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false}}

-\\ Opera v12.11.1661.0

File : C:\Documents and Settings\Mike\Application Data\Opera\Opera\operaprefs.ini

Found : application/x-mtx=6,,C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll,MetaStream 3 Plugin,mt[...]

*************************

AdwCleaner[R1].txt - [42500 octets] - [05/02/2013 07:35:52]

########## EOF - C:\AdwCleaner[R1].txt - [42561 octets] ##########








~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.2 (02.02.2013:2)
OS: Microsoft Windows XP x86
Ran by Mike on Tue 02/05/2013 at 7:36:00.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\Mike\Application Data\mozilla\firefox\profiles\nz3csddr.default\minidumps [34 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/05/2013 at 7:45:50.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~










Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/05/2013 07:56:01 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\stsystra.exe (PID: 1064) [WD-HEUR]
* C:\Documents and Settings\Mike\My Documents\Downloads\JRT.exe (PID: 1372) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15002 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 02/05/2013 07:56:37 PM
Execution time: 0 hours(s), 0 minute(s), and 35 seconds(s)








"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "SigmatelSysTrayApp" "Sigmatel Audio system tray application" "SigmaTel, Inc." "c:\windows\stsystra.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\core-static\clistart.exe"
X "Verizon_McciTrayApp" "mcci+McciTrayApp" "Motive Communications, Inc." "c:\program files\verizon\mccitrayapp.exe"
+ "vProt" "VProtect Application" "" "c:\program files\avg secure search\vprot.exe"
+ "WinPatrol" "WinPatrol System Monitor" "BillP Studios" "c:\program files\billp studios\winpatrol\winpatrol.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "hp psc 1000 series.lnk" "HP OfficeJet COM Device Objects" "Hewlett-Packard Co." "c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe"
+ "hpoddt01.exe.lnk" "hpotdd01" "Hewlett-Packard" "c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AMP WinOFF" "AMP WinOFF" "Alberto Martínez Pérez" "c:\program files\amp winoff\winoff.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files\jzip\jzipshell.dll"
+ "LavasoftShellExt" "Shell Extension " "Lavasoft Limited" "c:\program files\lavasoft\ad-aware\shellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "Shell Extension for Malware scanning" "ShlExt.dll" "Avira GmbH" "c:\program files\avira\antivir personaledition classic\shlext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\documents and settings\mike\desktop\virus folder\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "ACE Context Menu" "" "c:\program files\ati technologies\ati.ace\core-static\atiacmxx.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "jZip" "jZip shell extension" "Discordia Limited" "c:\program files\jzip\jzipshell.dll"
+ "LavasoftShellExt" "Shell Extension " "Lavasoft Limited" "c:\program files\lavasoft\ad-aware\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\documents and settings\mike\desktop\virus folder\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "ShlExt.dll" "Avira GmbH" "c:\program files\avira\antivir personaledition classic\shlext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Spybot-S&D IE Protection" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search & Destroy Configuration" "SBSD IE Protection" "Safer Networking Limited" "c:\program files\spybot - search & destroy\sdhelper.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
X "Ad-Aware Update (Weekly).job" "Ad-Aware Admin Application " "Lavasoft Limited " "c:\program files\lavasoft\ad-aware\ad-awareadmin.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1708537768-1202660629-839522115-1004Core.job" "Google Installer" "Google Inc." "c:\documents and settings\mike\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-1708537768-1202660629-839522115-1004UA.job" "Google Installer" "Google Inc." "c:\documents and settings\mike\local settings\application data\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor11.0" "Tracks files that are managed by Elements Organizer" "Adobe Systems Incorporated" "c:\program files\adobe\elements 11 organizer\photoshopelementsfileagent.exe"
X "AntiVirScheduler" "Service to schedule Avira AntiVir Personal - Free Antivirus jobs and updates." "Avira GmbH" "c:\program files\avira\antivir personaledition classic\sched.exe"
X "AntiVirService" "Offers permanent protection against viruses and malware with the AntiVir search engine." "Avira GmbH" "c:\program files\avira\antivir personaledition classic\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Ati HotKey Poller" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe"
+ "ATI Smart" "ATI Smart" "" "c:\windows\system32\ati2sgag.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "FreeOnlineConverterUpdt" "" "" "c:\program files\free online converter\freeonlineconverterupdt.exe"
+ "gupdate1c9d0ed21b54848" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
X "IMFservice" "IObit Malware Fighter Service" "IObit" "c:\program files\iobit\iobit malware fighter\imfsrv.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
X "iWinGamesInstaller" "iWin Game Installer Service" "iWin Inc." "c:\program files\iwin games\iwingamesinstaller.exe"
X "Lavasoft Ad-Aware Service" "Ad-Aware Service" "Lavasoft Limited" "c:\program files\lavasoft\ad-aware\aawservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PML Driver" "HP" "c:\windows\system32\hpzipm12.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\stacsv.exe"
+ "vToolbarUpdater14.0.1" "ToolbarU Application" "" "c:\program files\common files\avg secure search\vtoolbarupdater\14.0.1\toolbarupdater.exe"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AFS2K" "Audio File System" "Oak Technology Inc." "c:\windows\system32\drivers\afs2k.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "avgio" "Avira AntiVir Support for Minifilter" "Avira GmbH" "c:\program files\avira\antivir personaledition classic\avgio.sys"
+ "avgntflt" "Avira AntiVir Personal - Free Antivirus mini-filter used for on-access scan to provide real-time antivirus security." "Avira GmbH" "c:\program files\avira\antivir personaledition classic\avgntflt.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx86.sys"
+ "avipbb" "Avira's Driver for RootKit Detection" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "cercsr6" "DELL CERC SATA1.5/6ch Miniport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\cercsr6.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "cpuz134" "" "" "File not found: C:\DOCUME~1\Mike\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys"
+ "DrvAgent32" "DriverAgent Direct I/O for 32-bit Windows" "Phoenix Technologies" "c:\windows\system32\drivers\drvagent32.sys"
+ "E100B" "Intel® PRO/100 Adapter NDIS 5.1 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "giveio" "" "" "c:\windows\system32\giveio.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "iastor" "Intel Matrix Storage Manager driver" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "Lavasoft Kernexplorer" "" "" "c:\program files\lavasoft\ad-aware\kernexplorer.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MREMP50" "PCAUSA NDIS 5.0 MPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mremp50.sys"
+ "MREMP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS"
+ "MREMPR5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS"
+ "MRENDIS5" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS"
+ "MRESP50" "PCAUSA NDIS 5.0 SPR Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\program files\common files\motive\mresp50.sys"
+ "MRESP50a64" "" "" "File not found: C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS"
+ "pavboot" "Panda Boot Driver" "Panda Security, S.L." "c:\windows\system32\drivers\pavboot.sys"
+ "pbfilter" "" "" "c:\program files\peerblock\pbfilter.sys"
+ "PCANDIS5" "PCAUSA NDIS 5.0 Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\windows\system32\pcandis5.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for 32-bit Windows" "Corel Corporation" "c:\windows\system32\drivers\pxhelp20.sys"
+ "RegFilter" "Registry Filter" "IObit.com" "c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\regfilter.sys"
+ "SABProcEnum" "" "" "File not found: C:\Program Files\Internet Explorer\SABProcEnum.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "speedfan" "SpeedFan Device Driver" "Windows ® 2000 DDK provider" "c:\windows\system32\speedfan.sys"
+ "sptd" "SCSI Pass Through Direct Host" "Duplex Secure Ltd." "c:\windows\system32\drivers\sptd.sys"
+ "ssmdrv" "Avira Snapshot Driver" "Avira GmbH" "c:\windows\system32\drivers\ssmdrv.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "UrlFilter" "URL Filter" "IObit.com" "c:\program files\iobit\iobit malware fighter\drivers\wxp_x86\urlfilter.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\system32\ac3acm.acm"
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\system32\lameacm.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "VIDC.FFDS" "" "" "c:\windows\system32\ff_vfw.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "VIDC.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
+ "VIDC.YV12" "Helix YV12 YUV Codec" "www.helixcommunity.org" "c:\windows\system32\yv12vfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "LG Video Renderer" "" "" "c:\program files\thief2\lgvid.ax"
+ "LG Video Renderer" "" "" "c:\program files\thief2\lgvid.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3File" "" "" "c:\program files\k-lite codec pack\filters\ac3file.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files\k-lite codec pack\filters\ac3filter.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ATI Ticker" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll"
+ "Avi Source" "Avi Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\avisplitter.ax"
+ "Avi Splitter" "Avi Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\avisplitter.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CoreVorbis Audio Decoder" "CoreVorbis" "-" "c:\program files\k-lite codec pack\filters\corevorbis.ax"
+ "CyberLink Video/SP Decoder (PDVD8)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\k-lite codec pack\filters\clvsd.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files\k-lite codec pack\filters\monkeysource.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\flvsplitter.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\k-lite codec pack\filters\haali\splitter.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files\k-lite codec pack\filters\madflac.ax"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_dec_avc_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files\adobe\elements 11 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MMACE Deinterlace" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MP4 Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MP4 Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "MPEG4 Video Source" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "MPEG4 Video Splitter" "MP4 Splitter" "Gabest" "c:\program files\k-lite codec pack\filters\mp4splitter.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmedque.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "T" "VP6 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp6dec.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files\k-lite codec pack\filters\vp7dec.ax"
+ "Track1Filter" "Adobe Photoshop Elements 11.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements 11 organizer\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 11.0 (component)" "Adobe Systems Incorporated" "c:\program files\adobe\elements 11 organizer\track2filter.dll"
+ "TrueMotion 2.0 Decompressor" "TrueMotion 2.0 Decompressor" "The Duck Corporation" "c:\windows\system32\tm20dec.ax"
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmesrcwp.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "lsdelete" "" "" "c:\windows\system32\lsdelete.exe"
+ "ᴘጔ" "" "" "File not found: ᴘጔ"
+ "㧱༘ගጲ" "" "" "File not found: 㧱༘ගጲ"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "!SASWinLogon" "SUPERAntiSpyware WinLogon Processor" "SUPERAntiSpyware.com" "c:\program files\superantispyware\saswinlo.dll"
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
X "Canon BJ Language Monitor i475D" "BJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm5k.dll"
+ "hpzsnt07" "" "HP" "c:\windows\system32\hpzsnt07.dll"




That should be it!!!!!!!


Thanks again!


Matt

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 05 February 2013 - 08:11 PM

Launch Adware cleaner again and select DELETE

Post the new log

Still receiving pop up?

#7 mrmatt2

mrmatt2
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 06 February 2013 - 02:43 PM

Hi,

Unfortunately, they still pop up, the usual ones begin with http://pcjiasu.com...........

especially common is

http://pcjiasu.com/free-online-converter/index.php?appid=256368cbef4a494b635da494775b6f54&channel=FreeOnlineConverter&defaultkeyword=payday+loans&keyword=test


maybe this is a tough one!

Thanks


Here is the latest log as your requested....






# AdwCleaner v2.111 - Logfile created 02/06/2013 at 13:40:07
# Updated 05/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Mike - DELLDIMENSION
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Mike\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\Components\AskSearch.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

File : C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\nz3csddr.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Mike\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.11.1661.0

File : C:\Documents and Settings\Mike\Application Data\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [42631 octets] - [05/02/2013 07:35:52]
AdwCleaner[R2].txt - [1432 octets] - [06/02/2013 07:25:51]
AdwCleaner[S1].txt - [6113 octets] - [05/02/2013 20:51:47]
AdwCleaner[S2].txt - [1367 octets] - [06/02/2013 13:40:07]

########## EOF - C:\AdwCleaner[S2].txt - [1427 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 07 February 2013 - 01:56 AM

Which browser?

#9 mrmatt2

mrmatt2
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 07 February 2013 - 07:12 PM

   Mozila Firefox......

 

 I do not see it happening in opera...........

 

something with firefox then...


Edited by mrmatt2, 07 February 2013 - 07:53 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:51 PM

Posted 07 February 2013 - 07:46 PM

Try this

Export your bookmarks from firefox

http://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

After exporting it

Uninstall firefox

Makesure to checkmark Remove my personal data option

Reinstall firefox and import your bookmarks

Let me know how it goes.



#11 mrmatt2

mrmatt2
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 09 February 2013 - 05:04 PM

 That seemed to have taken care of it !!  I also used Iobit unistaller to remove firefox using firefox uninstaller, then to do a deep scan of leftover firefox items to delete, .. it found a  quite a few, and I deleted them all.

 

  Thanks!!

 

 Wonder what that was that just targeted firefox and not my other browsers....

 

 

It was sure annoying, thanks very again!

 

 

Matt


Edited by mrmatt2, 09 February 2013 - 05:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users