Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Malware Virus....HELP!!


  • This topic is locked This topic is locked
27 replies to this topic

#1 Mommy2535

Mommy2535

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 31 July 2011 - 12:13 PM

I have had this problem for a couple of weeks. Anytime I put something in to my google search and the list of sites comes up I can not click on them. When I do it acts like the page is loading and then takes me to a totally different place, such as "search.yellowise.com", "comparedby.us", and many others. The only way I can go to a page from the google search is to click on the "cache" button. I ran my virus protection and nothing came up. A friend of my husband said to try malwarebytes. I did that this morning and it showed two trojans and one other virus. I got rid of those and restarted the computer. The problem is still not fixed! I messaged a "geek buddy" via Comodo Internet Security and he said it was malware. He could remove it manually for $49.99. I will pay that if it is my only option, but I was hoping I coupld find someone here to walk me through what to do. I am afraid to log into my online banking, or any other site with personal info. I really need to log into my online banking today or tomorrow, so I need the problem fixed as soon as possible. PLEASE HELP!! Thank you!!

BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 31 July 2011 - 12:52 PM

Hi Mommy2535,

:step1: Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer Log Errors
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go . Please put code boxes around just this log, like this, but without the x: [xcode] MiniToolBox log [/xcode]

:step2: Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware

:step3: Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from http://www.superantispyware.com/downloads/SASDEFINITIONS.EXE (copy and paste that website address) and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a USB drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

:step4: Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.


In your next reply, please include:
  • MiniToolBox log
  • Malwarebytes log
  • SUPERAntiSpyware log
  • GMER log
  • How's your computer runnning now?

Edited by jntkwx, 31 July 2011 - 12:52 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 31 July 2011 - 06:40 PM

MiniToolBox log
by Farbar
Ran by Ashley (administrator) on 31-07-2011 at 13:03:55
Windows Vista ™ Home Premium Service Pack 1 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ashley-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

PPP adapter Verizon Wireless - VZAccess:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Verizon Wireless - VZAccess
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 75.201.121.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 66.174.71.33
69.78.96.14
NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PANTECH USB Modem WWAN Driver
Physical Address. . . . . . . . . : 7A-80-20-00-02-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Dell Wireless 1395 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-1F-3A-B8-70-70
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-09-52-84-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{05932C25-5EFB-4ABC-B4C9-A6CD19D3EF42}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{174DEE81-F53C-4E93-B088-DFF9483DD714}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{015FD6E1-FF5F-4119-AC07-EA7C1B27F28A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0ACE4EC9-5A28-4880-873D-132A1EF367C2}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F24AA556-B473-40FE-86EB-732F6DD09B31}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{7C037DD3-3730-49D3-B2A5-E1988C80E878}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{0DB7D84F-526F-48CF-B8FB-16275DFC42AB}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 21:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{1093610F-972B-42DE-BE8F-3618C78BD7A7}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{F24AA556-B473-40FE-86EB-732F6DD09B31}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #12
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #13
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: 33.sub-66-174-71.myvzw.com
Address: 66.174.71.33

Name: google.com
Addresses: 2001:4860:800c::63
74.125.115.99
74.125.115.105
74.125.115.103
74.125.115.104
74.125.115.106
74.125.115.147



Pinging google.com [74.125.115.99] with 32 bytes of data:

Reply from 74.125.115.99: bytes=32 time=112ms TTL=48

Reply from 74.125.115.99: bytes=32 time=87ms TTL=48



Ping statistics for 74.125.115.99:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 87ms, Maximum = 112ms, Average = 99ms

Server: 33.sub-66-174-71.myvzw.com
Address: 66.174.71.33

Name: yahoo.com
Addresses: 98.137.149.56
209.191.122.70
67.195.160.76
69.147.125.65
72.30.2.43



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:

Reply from 72.30.2.43: bytes=32 time=145ms TTL=48

Reply from 72.30.2.43: bytes=32 time=154ms TTL=48



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 145ms, Maximum = 154ms, Average = 149ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=6ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 6ms, Average = 3ms

===========================================================================
Interface List
27 ........................... Verizon Wireless - VZAccess
26 ...7a 80 20 00 02 00 ...... PANTECH USB Modem WWAN Driver
12 ...00 1f 3a b8 70 70 ...... Dell Wireless 1395 WLAN Mini-Card
11 ...00 1d 09 52 84 07 ...... Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
23 ...00 00 00 00 00 00 00 e0 isatap.{05932C25-5EFB-4ABC-B4C9-A6CD19D3EF42}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
24 ...00 00 00 00 00 00 00 e0 isatap.{174DEE81-F53C-4E93-B088-DFF9483DD714}
14 ...00 00 00 00 00 00 00 e0 isatap.{015FD6E1-FF5F-4119-AC07-EA7C1B27F28A}
15 ...00 00 00 00 00 00 00 e0 isatap.{0ACE4EC9-5A28-4880-873D-132A1EF367C2}
25 ...00 00 00 00 00 00 00 e0 isatap.{F24AA556-B473-40FE-86EB-732F6DD09B31}
16 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
18 ...00 00 00 00 00 00 00 e0 isatap.{7C037DD3-3730-49D3-B2A5-E1988C80E878}
20 ...00 00 00 00 00 00 00 e0 isatap.{0DB7D84F-526F-48CF-B8FB-16275DFC42AB}
19 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
21 ...00 00 00 00 00 00 00 e0 isatap.{1093610F-972B-42DE-BE8F-3618C78BD7A7}
22 ...00 00 00 00 00 00 00 e0 isatap.{F24AA556-B473-40FE-86EB-732F6DD09B31}
41 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #12
42 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #13
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 On-link 75.201.121.4 51
75.201.121.4 255.255.255.255 On-link 75.201.121.4 306
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 75.201.121.4 51
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 75.201.121.4 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2011 10:45:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2011 10:44:08 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (07/31/2011 10:44:08 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)

Error: (07/31/2011 10:44:06 AM) (Source: Windows Search Service) (User: )
Description: The gatherer is unable to read the registry DocIdMapFile.

Context: Application, SystemIndex Catalog

Details:
The system cannot find the file specified. (0x80070002)

Error: (07/22/2011 02:27:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2011 01:23:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2011 01:21:35 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (07/22/2011 11:00:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2011 10:52:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/22/2011 10:04:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/28/2008 05:46:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 39 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================


32 Bit HP CIO Components Installer (Version: 1.0.0)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Reader 9.3.4 (Version: 9.3.4)
Advanced Audio FX Engine
Advanced Video FX Engine
AIO_Scan (Version: 90.0.222.000)
Amazon MP3 Downloader 1.0.9
Bonjour (Version: 1.0.106)
BufferChm (Version: 90.0.146.000)
C4200 (Version: 90.0.222.000)
C4200_doccd (Version: 90.0.222.000)
c4200_Help (Version: 90.0.222.000)
COMODO GeekBuddy (Version: 3.3.191520.52)
COMODO Internet Security (Version: 5.5.64714.1383)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant HDA D330 MDC V.92 Modem
ConvertXtoDVD 3.3.4.107 (Version: 3.3.4.107)
Copy (Version: 90.0.146.000)
CustomerResearchQFolder (Version: 1.00.0000)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell Touchpad (Version: 7.1.103.4)
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card (Version: 4.170.25.12)
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 110.0.180.000)
DeviceManagementQFolder (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
eSupportQFolder (Version: 1.00.0000)
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer (Version: 4.0.0.002)
HP Customer Participation Program 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP OCR Software 9.0 (Version: 9.0)
HP Photosmart All-In-One Software 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Product Assistant (Version: 100.000.001.000)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.012.001)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
Intel® Matrix Storage Manager
iTunes (Version: 8.0.2.20)
Java™ 6 Update 4 (Version: 1.6.0.40)
KODAK EASYSHARE Gallery Upload ActiveX Control
Laptop Integrated Webcam Driver (1.03.02.0719)
LeapFrog Connect (Version: 2.5.5.10079)
LeapFrog Leapster2 Plugin (Version: 2.5.5.10079)
Live! Cam Avatar Creator (Version: 4.6.0817.1)
Live! Cam Avatar v1.0 (Version: 1.0)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
MarketResearch (Version: 90.0.146.000)
MediaDirect (Version: 3.5)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Modem Diagnostic Tool (Version: 1.0.20.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music, Photos & Videos Launcher (Version: 1.00.0000)
MySims™ (Version: 1.00.0000)
NetWaiting (Version: 2.5.44)
OutlookAddinSetup (Version: 1.0.0)
PANTECH PC USB Modem Software (Version: 3.2.4074.1103)
PictureMover (Version: 3.2.1.12)
Product Documentation Launcher (Version: 1.00.0000)
PS_AIO_ProductContext (Version: 90.0.222.000)
PS_AIO_Software (Version: 90.0.222.000)
PS_AIO_Software_min (Version: 90.0.222.000)
PSSWCORE (Version: 2.01.0000)
QuickSet (Version: 8.2.17)
QuickTime (Version: 7.60.92.0)
Registry First Aid (Version: 7.1.1)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Scan (Version: 9.0.0.0)
SolutionCenter (Version: 90.0.146.000)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Status (Version: 110.0.180.000)
The Incredible Hulk Image Lab (Version: )
TomTom HOME 2.7.5.2014 (Version: 2.7.5.2014)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 110.0.180.000)
UM150 Firmware Updates (Version: 1.0.0)
Uninstall Dual Mode Camera
UnloadSupport (Version: 9.0.0)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
VideoToolkit01 (Version: 90.0.146.000)
VIVA MEDIA GAME CENTER
VZAccess Manager (Version: 7.2.1.2)
WebReg (Version: 90.0.146.000)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
WinRAR archiver
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3061.31 MB
Available physical RAM: 1413.19 MB
Total Pagefile: 6324.92 MB
Available Pagefile: 4433.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.98 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:220.58 GB) (Free:129.11 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:5.59 GB) NTFS

========================= Users: ========================================

User accounts for \\ASHLEY-PC

Administrator Ashley Family & Friends
Guest


== End of log ==







Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7339

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

7/31/2011 1:20:40 PM
mbam-log-2011-07-31 (13-20-40).txt

Scan type: Quick scan
Objects scanned: 174853
Time elapsed: 9 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/31/2011 at 04:28 PM

Application Version : 4.56.1000

Core Rules Database Version : 7493
Trace Rules Database Version: 5305

Scan type : Complete Scan
Total Scan Time : 02:46:38

Memory items scanned : 759
Memory threats detected : 0
Registry items scanned : 8013
Registry threats detected : 0
File items scanned : 144734
File threats detected : 286

Adware.Tracking Cookie
.commonsensemedia.org [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.commonsensemedia.org [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.commonsensemedia.org [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.commonsensemedia.org [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
www8.addfreestats.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.clickshift.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.associatedcontent.112.2o7.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.harpo.122.2o7.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ads.bridgetrack.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.chitika.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adecn.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediabrandsww.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.nextag.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.nextag.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.asurioninsuranceservices.122.2o7.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
sales.liveperson.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.server.cpmstar.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Users\Ashley\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
2mdn.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
adsatt.espn.go.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
bannerfarm.ace.advertising.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
cdn.eyewonder.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
cdn4.specificclick.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
core.insightexpressai.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
countdownpage.createyourcountdown.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
dcl.wdpromedia.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
ds.serving-sys.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
flvtools.spacash.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
googleads.g.doubleclick.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
ia.media-imdb.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
m1.2mdn.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media-dev.pictela.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.edwardbellacullen.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.ign.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.mtvnservices.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.oprah.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.podaddies.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.scanscout.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.socialvibe.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media.tattomedia.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
media1.break.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
mediaforgews.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
mediastore.verizonwireless.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
objects.tremormedia.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
oddcast.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
picayune.uclick.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
s0.2mdn.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
secure-us.imrworldwide.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
sftrack.searchforce.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
spe.atdmt.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
speed.pointroll.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
static.discoverymedia.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
udn.specificclick.net [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
www.porn.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
www.pornhub.com [ C:\Users\Ashley\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\9MQ8J8WK ]
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@accounts.youtube[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ad.yieldmanager[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@adbrite[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@adlegend[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@admarketplace[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ads.bleepingcomputer[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ads.meredithads[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ads.undertone[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@adserver.adtechus[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@adserver.adtechus[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@advertising[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@andomedia[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@anrtx.tacoda[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@apmebf[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ar.atwola[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@at.atwola[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@atdmt[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@atdmt[3].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@bridge2.admarketplace[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@browseinside.harperteen[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@collective-media[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@dardenrestaurants.112.2o7[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@dc.tremormedia[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@dc.tremormedia[3].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@doubleclick[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ehg-verizon.hitbox[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@enhance[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@eyewonder[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@fastclick[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@greatschools.122.2o7[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@harperteen[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@hitbox[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@interclick[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@invitemedia[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@liveperson[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@liveperson[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@lucidmedia[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@media6degrees[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@mediastore.verizonwireless[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@microsoftsto.112.2o7[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@pro-market[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@questionmarket[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@revsci[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@ru4[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@segment-pixel.invitemedia[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@serving-sys[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@solvemedia[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@specificclick[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@stopzilla[4].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@sumnercountyfair[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@tacoda.at.atwola[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@trafficmp[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@tribalfusion[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@whitefence.112.2o7[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.burstnet[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.cpcadnet[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.cpcadnet[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.find-fast-answers[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.find-fast-answers[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.googleadservices[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.googleadservices[2].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.googleadservices[3].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.googleadservices[4].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.googleadservices[5].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.stopzilla[1].txt
C:\Users\Ashley\AppData\Roaming\Microsoft\Windows\Cookies\Low\ashley@www.sumnercountyfair[2].txt

Edited by Mommy2535, 31 July 2011 - 07:32 PM.


#4 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 31 July 2011 - 06:52 PM

I am having a problem posting the gmer file. It says it is too long. I tried to copy half and save the other half for a second post and it said the half was too long also. What should I do?




I am also going to send a 2nd malware log that I had run earlier this morning before talking with you. Also, my windows defender will not open. It acts like it is going to and just flases and closes, like it is being blocked. I am still unable to search through google without being redirected. What should we do next? Thanks for all of the help!

The 1st malware scan I did this morning is below.


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7339

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

7/31/2011 10:40:18 AM
mbam-log-2011-07-31 (10-40-18).txt

Scan type: Quick scan
Objects scanned: 175152
Time elapsed: 11 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\SQ4DY0FH7F (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

#5 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 31 July 2011 - 08:07 PM

I went to filedropper.com and copied my gmer scan results. I was not sure which link you would need so I copied both.

http://www.filedropper.com/gmer_3




<a href=http://www.filedropper.com/gmer_3><img src=http://www.filedropper.com/download_button.png width=127 height=145 border=0/></a><br /><div style=font-size:9px;font-family:Arial, Helvetica, sans-serif;width:127px;font-color:#44a854;> <a href=http://www.filedropper.com >file storage online</a></div>



Thanks again!

#6 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 31 July 2011 - 10:26 PM

Mommy2535,

That was a good idea to upload the file to filedropper.

:step1: Please Rerun Malwarebytes (Full System scan. May take some time to complete, so please be patient.)
Open Malwarebytes, click on the Update tab, and click the check for Updates button. The latest update is 7342. (Both logs you posted are with update 7339.)
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware

:step2: Please download SystemLook and save it to your Desktop.
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :dir
    %windir%\Tasks\ /t30
    %windir%\system32 /t30
    %appdata% /t30
    %localappdata% /t30
    %temp% /n*.exe /t30
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled [b]SystemLook.txt

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#7 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 August 2011 - 10:19 AM

Here are the results from the scans I did last night. Should I be concerened about even using my computer right now? All of the adware that showed up on the Super Anti Spyware is concerning as I have never heard of ANY of those sites and I know that have not been visited on this computer. Should I just take my computer and get it my pictures backed up and have my hard drive wiped clean? The redirected seems worse now than it was. I am getting an error page when I click on the cache link and the main links to sites are still redirecting to crazy places. Here are the two scans. Thanks for the help.

1 more thing. My Comodo security says it is not running properly this morning so I am attaching that log to.





Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7342

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

8/1/2011 12:54:55 AM
mbam-log-2011-08-01 (00-54-55).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 321931
Time elapsed: 1 hour(s), 55 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)










01:42:56 Ashley IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 50417, Process: iexplore.exe)
09:01:47 Ashley MESSAGE Protection started successfully
09:01:59 Ashley MESSAGE IP Protection started successfully
09:02:42 Ashley ERROR Scheduled update failed: No address found failed with error code 11004
09:59:58 Ashley IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 49197, Process: iexplore.exe)
10:00:07 Ashley IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 49205, Process: iexplore.exe)
10:00:23 Ashley IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 49213, Process: iexplore.exe)









SystemLook 30.07.11 by jpshortstuff
Log created at 10:17 on 01/08/2011 by Ashley
Administrator - Elevation successful

========== dir ==========

C:\Windows\Tasks - Parameters: "/t30"

---Files---
Bxxjlqkz.job --ahs-- 306 bytes [04:02 06/07/2011] [13:57 01/08/2011]
GoogleUpdateTaskUserS-1-5-21-2958645595-241312595-3285539403-1000Core.job --a---- 860 bytes [17:28 04/05/2011] [16:38 31/07/2011]
GoogleUpdateTaskUserS-1-5-21-2958645595-241312595-3285539403-1000UA.job --a---- 912 bytes [17:28 04/05/2011] [14:38 01/08/2011]
SA.DAT --ah--- 6 bytes [13:01 02/11/2006] [13:57 01/08/2011]
SCHEDLGU.TXT --a---- 32552 bytes [13:01 02/11/2006] [07:46 01/08/2011]
User_Feed_Synchronization-{65C0E94B-916D-486F-9ADF-ADC48A5274CD}.job --ah--- 420 bytes [17:27 06/07/2008] [15:01 01/08/2011]

---Folders---
None found.

C:\Windows\system32 - Parameters: "/t30"

---Files---
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --ah--- 3616 bytes [12:47 02/11/2006] [13:57 01/08/2011]
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --ah--- 3616 bytes [12:47 02/11/2006] [13:57 01/08/2011]
csrsrv.dll --a---- 49152 bytes [03:42 13/07/2011] [14:44 20/04/2011]
FlashPlayerCPLApp.cpl --a---- 404640 bytes [15:50 31/07/2011] [15:50 31/07/2011]
FNTCACHE.DAT --a---- 295832 bytes [12:47 02/11/2006] [08:19 13/07/2011]
kernel32.dll --a---- 890368 bytes [03:42 13/07/2011] [14:53 12/04/2011]
mrt.exe --a---- 49089992 bytes [10:24 02/11/2006] [08:00 13/07/2011]
MSSTDFMT3.dll -rahs-- 195072 bytes [04:02 06/07/2011] [04:02 06/07/2011]
perfc009.dat --a---- 107922 bytes [10:33 02/11/2006] [03:35 20/07/2011]
perfh009.dat --a---- 615914 bytes [10:33 02/11/2006] [03:35 20/07/2011]
PerfStringBackup.INI --a---- 718768 bytes [10:33 02/11/2006] [03:35 20/07/2011]
roboot.exe --a---- 17160 bytes [18:07 22/07/2011] [13:08 13/07/2011]
TmInstall.log --a---- 4856 bytes [15:57 22/07/2011] [16:00 22/07/2011]
win32k.sys --a---- 2042368 bytes [03:42 13/07/2011] [12:59 02/06/2011]
winsrv.dll --a---- 375808 bytes [03:42 13/07/2011] [14:47 20/04/2011]

---Folders---
%APPDATA% d--hs-- [21:36 14/10/2009]
0409 d------ [12:42 02/11/2006]
AdvancedInstallers d------ [11:18 02/11/2006]
ar-SA d------ [11:18 02/11/2006]
bg-BG d------ [11:18 02/11/2006]
Boot d------ [11:18 02/11/2006]
Branding d------ [12:42 02/11/2006]
catroot d------ [11:18 02/11/2006]
catroot2 d------ [11:18 02/11/2006]
CodeIntegrity d------ [11:18 02/11/2006]
com d------ [11:18 02/11/2006]
config d------ [11:18 02/11/2006]
cs-CZ d------ [11:18 02/11/2006]
da-DK d------ [11:18 02/11/2006]
de-DE d------ [11:18 02/11/2006]
drivers d------ [11:18 02/11/2006]
DriverStore d------ [11:18 02/11/2006]
DRVSTORE d----c- [22:55 04/02/2009]
el-GR d------ [11:18 02/11/2006]
en d------ [12:42 02/11/2006]
en-US d------ [11:18 02/11/2006]
ENU d------ [17:16 11/04/2008]
es-ES d------ [11:18 02/11/2006]
et-EE d------ [11:18 02/11/2006]
EventProviders d------ [02:19 01/08/2011]
fi-FI d------ [11:18 02/11/2006]
fr-FR d------ [11:18 02/11/2006]
GroupPolicy d--h--- [11:18 02/11/2006]
GroupPolicyUsers d--h--- [11:18 02/11/2006]
he-IL d------ [11:18 02/11/2006]
hr-HR d------ [11:18 02/11/2006]
hu-HU d------ [11:18 02/11/2006]
ias d------ [11:18 02/11/2006]
icsxml d------ [11:18 02/11/2006]
IME d------ [11:18 02/11/2006]
inetsrv d------ [11:18 02/11/2006]
it-IT d------ [11:18 02/11/2006]
ja-JP d------ [11:18 02/11/2006]
ko-KR d------ [11:18 02/11/2006]
licensing d------ [11:18 02/11/2006]
log d------ [19:28 04/03/2009]
LogFiles d------ [11:18 02/11/2006]
lt-LT d------ [11:18 02/11/2006]
lv-LV d------ [11:18 02/11/2006]
Macromed d------ [17:08 11/04/2008]
manifeststore d------ [11:18 02/11/2006]
Microsoft d---s-- [12:47 02/11/2006]
migration d------ [11:18 02/11/2006]
migwiz d------ [11:18 02/11/2006]
Msdtc d------ [11:18 02/11/2006]
MUI d------ [11:18 02/11/2006]
nb-NO d------ [11:18 02/11/2006]
NDF d------ [11:18 02/11/2006]
networklist d------ [11:18 02/11/2006]
nl-NL d------ [11:18 02/11/2006]
oem d------ [19:50 11/04/2008]
oobe d------ [11:18 02/11/2006]
pl-PL d------ [11:18 02/11/2006]
Printing_Admin_Scripts d------ [12:42 02/11/2006]
pt-BR d------ [11:18 02/11/2006]
pt-PT d------ [11:18 02/11/2006]
ras d------ [11:18 02/11/2006]
RemInst d------ [11:18 02/11/2006]
restore d------ [12:37 02/11/2006]
ro-RO d------ [11:18 02/11/2006]
ru-RU d------ [11:18 02/11/2006]
setup d------ [11:18 02/11/2006]
sk-SK d------ [11:18 02/11/2006]
sl-SI d------ [11:18 02/11/2006]
slmgr d------ [12:42 02/11/2006]
SLUI d------ [11:18 02/11/2006]
SMI d------ [11:18 02/11/2006]
Speech d------ [11:18 02/11/2006]
spool d------ [11:18 02/11/2006]
sr-Latn-CS d------ [11:18 02/11/2006]
sv-SE d------ [11:18 02/11/2006]
sysprep d------ [11:18 02/11/2006]
Tasks d------ [11:18 02/11/2006]
th-TH d------ [11:18 02/11/2006]
tr-TR d------ [11:18 02/11/2006]
uk-UA d------ [11:18 02/11/2006]
wbem d------ [11:18 02/11/2006]
WCN d------ [12:42 02/11/2006]
WDI d------ [11:18 02/11/2006]
wfp d------ [11:18 02/11/2006]
WindowsPowerShell d------ [09:03 25/02/2011]
winevt d------ [11:18 02/11/2006]
winrm d------ [12:42 02/11/2006]
x64 d------ [15:41 18/07/2008]
XPSViewer d------ [12:37 02/11/2006]
zh-CN d------ [11:18 02/11/2006]
zh-HK d------ [11:18 02/11/2006]
zh-TW d------ [11:18 02/11/2006]

C:\Users\Ashley\AppData\Roaming - Parameters: "/t30"

---Files---
wklnhst.dat --a---- 8610 bytes [20:09 15/07/2008] [15:19 18/07/2011]

---Folders---
Adobe d------ [11:30 05/07/2008]
Amazon d------ [21:22 29/12/2010]
Apple Computer d------ [22:56 04/02/2009]
com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 d------ [04:06 15/10/2008]
CyberLink d------ [02:36 31/10/2008]
Google d------ [05:42 05/07/2008]
HP d------ [14:10 02/08/2008]
Identities d------ [05:34 05/07/2008]
InstallShield d------ [23:49 17/06/2011]
Kodak d------ [19:48 28/01/2009]
Macromedia d------ [23:46 05/07/2008]
Malwarebytes d------ [20:49 08/04/2011]
Media Center Programs d------ [05:33 05/07/2008]
Microsoft d---s-- [05:33 05/07/2008]
monkey money d------ [17:43 18/12/2009]
Motive d------ [02:33 03/08/2008]
Mozilla d------ [00:48 30/12/2009]
PictureMover d------ [14:46 08/07/2009]
PlayFirst d------ [17:31 18/12/2009]
Raxco d------ [18:07 22/07/2011]
Roxio d------ [17:49 19/07/2008]
ScreenSeven d------ [15:38 19/12/2009]
Smith Micro d------ [11:35 05/07/2008]
SUPERAntiSpyware.com d------ [18:28 31/07/2011]
Template d------ [20:10 15/07/2008]
TomTom d------ [00:48 30/12/2009]
Verizon Wireless d------ [01:45 18/06/2011]
Vso d------ [04:10 03/09/2008]
Webroot d------ [02:06 22/01/2009]
WinRAR d------ [00:37 20/11/2009]
Yahoo! d------ [23:17 27/03/2009]

C:\Users\Ashley\AppData\Local - Parameters: "/t30"

---Files---
IconCache.db --ah--- 4587316 bytes [00:05 09/04/2011] [07:45 01/08/2011]

---Folders---
Adobe d------ [11:30 05/07/2008]
Apple d------ [22:53 04/02/2009]
Apple Computer d------ [22:56 04/02/2009]
Application Data d--hs-- [05:33 05/07/2008]
Apps d------ [21:57 29/08/2008]
Blockbuster d------ [22:19 22/12/2010]
CyberDefender Internet Security d------ [05:16 17/01/2009]
Deployment d------ [17:09 13/03/2009]
Downloaded Installations d------ [19:44 28/01/2009]
GameHouse d------ [00:21 11/12/2010]
Google d------ [05:34 05/07/2008]
History d--hs-- [05:33 05/07/2008]
MediaDirect d------ [05:34 05/07/2008]
Microsoft d------ [05:33 05/07/2008]
Microsoft Games d------ [00:47 31/07/2009]
Microsoft Help d------ [06:08 05/07/2008]
MicroVision Applications d------ [17:49 19/07/2008]
PackageAware d------ [23:47 04/07/2011]
SupportSoft d------ [11:24 05/07/2008]
Temp d------ [05:33 05/07/2008]
Temporary Internet Files d--hs-- [05:33 05/07/2008]
TomTom d------ [00:48 30/12/2009]
Unity d------ [20:58 03/05/2011]
VirtualStore d------ [05:33 05/07/2008]

C:\Users\Ashley\AppData\Local\Temp - Parameters: "/n*.exe /t30"

---Files---
cis4D0.exe --a---- 1690440 bytes [14:58 22/07/2011] [14:37 30/06/2011]
ComodoCleanup.exe --a---- 198984 bytes [14:59 22/07/2011] [14:37 30/06/2011]
SSUPDATE.EXE --a---- 386944 bytes [21:37 31/07/2011] [17:19 29/07/2011]

---Folders---
58AB.dir d------ [15:50 31/07/2011]
7ZipSfx.000 d------ [22:00 17/07/2011]
Comodo d------ [18:30 22/07/2011]
CR_3D9AB.tmp d------ [15:39 14/07/2011]
HCBackup d------ [03:01 09/04/2011]
HouseCall d------ [03:01 09/04/2011]
Log d------ [03:12 18/07/2011]
Low d------ [02:58 09/04/2011]
scoped_dir11112 d------ [14:51 22/07/2011]
scoped_dir18678 d------ [04:34 20/07/2011]
scoped_dir19190 d------ [14:51 22/07/2011]
scoped_dir19220 d------ [14:51 22/07/2011]
scoped_dir19226 d------ [14:51 22/07/2011]
scoped_dir19262 d------ [14:52 22/07/2011]
scoped_dir22125 d------ [04:34 20/07/2011]
scoped_dir22383 d------ [14:51 22/07/2011]
scoped_dir23951 d------ [14:51 22/07/2011]
scoped_dir31040 d------ [14:52 22/07/2011]
scoped_dir31949 d------ [15:56 22/07/2011]
scoped_dir9399 d------ [15:56 22/07/2011]
SUPERSetup d------ [18:27 31/07/2011]
WPDNSE d------ [13:59 01/08/2011]
{07B4BF5A-5969-4A36-A208-C79AB88779FD} d------ [22:00 17/07/2011]
{A85DA163-0884-488E-B216-F589D54A53B3} d------ [18:18 22/07/2011]

-= EOF =-

Edited by Mommy2535, 01 August 2011 - 10:52 AM.


#8 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 01 August 2011 - 10:37 AM

Hi Mommy2535,

Here are the results from the scans I did last night. Should I be concerened about even using my computer right now? All of the adware that showed up on the Super Anti Spyware is concerning as I have never heard of ANY of those sites and I know that have not been visited on this computer. Should I just take my computer and get it my pictures backed up and have my hard drive wiped clean? The redirected seems worse now than it was. I am getting an error page when I click on the cache link and the main links to sites are still redirecting to crazy places. Here are the two scans. Thanks for the help.


The adware that showed up on the SUPERAntiSpyware scan was showing tracking cookies. Nowadays, these tend to be more benign than malicious.

It is always a good idea to backup important information to a CD, DVD or external hard drive. I think we can fix the redirecting problem without having to wipe the hard drive.

Are you redirected if you disconnect from Verizon Wireless - VZAccess and connect to the internet using a wired or wireless connection?


:step1: Let's upload a couple files for a second opinion on what they actually are.

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows

Virustotal: http://www.virustotal.com/

When the Virustotal page has finished loading, click the Choose File button and navigate to each of the following filez and click Send File.

C:\Windows\Tasks\Bxxjlqkz.job
C:\Windows\system32\csrsrv.dll
C:\Windows\system32\kernel32.dll
C:\Windows\system32\roboot.exe
C:\Windows\system32\win32k.sys
C:\Users\Ashley\AppData\Local\Temp\cis4D0.exe


If prompted to reanalyze a file, please do so.

Please post back the website addresses (URLs) of the Virustotal results in your next post.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#9 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 August 2011 - 10:41 AM

I am not sure? I don't even know how to do that :) I have a verizon wireless card that plugs into the usb on the side of the computer. I do not have any other means of getting online. I will do the next steps now and post a.s.a.p. Thanks.

#10 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 01 August 2011 - 10:44 AM

Nevermind then. Sometimes the redirecting problems are associated with how you are connecting to the internet (wireless, wired, etc.), though I don't think this is the case with your computer.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#11 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 August 2011 - 10:48 AM

Jason,
Before I look up the hidden files...do I need to log off and close everything completely, or can I just minimize it?

#12 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 01 August 2011 - 11:08 AM

You can just minimize any open windows.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#13 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 August 2011 - 11:36 AM

Here are the results-
The first address C:\Windows\Tasks\Bxxjlqkz.job said I did not have permission to open?

http://www.virustotal.com/file-scan/report.html?id=cde8ce7bba8466669586188af4914badbcf046eaa9d8074424295120956a1d46-1312215212



http://www.virustotal.com/file-scan/report.html?id=12256b27fd7a7a5be580108c443d96fb6ec9baf8c1a76bd8155cf045356a92a2-1312215662



http://www.virustotal.com/file-scan/report.html?id=82fdd2a82d8b162f5aa27f7a8e0c96b70902329ed8ab48a881d0a70bcc6cdc18-1312215196




http://www.virustotal.com/file-scan/report.html?id=c4357aef2c259a53bb519ea39bc9e3866ffc127c18459666702a5095d4ce08d1-1312215976



C:\Users\Ashley\AppData\Local\Temp\cis4Do.exe said that the file is not found.

#14 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:10:08 AM

Posted 01 August 2011 - 12:07 PM

Mommy2535,

:step1: Upload file
  • Click on Start, Click on Computer and go to C:\Windows\Tasks\
  • Right click on:

    Bxxjlqkz.job
  • Select Send To > Compressed (Zip) Folder.
  • You will see a new zipped file, named Bxxjlqkz.zip
  • Please go to http://www.sendspace.com/
  • Click on Browse, and browse for the zipped file that you just created (C:\Windows\Tasks\Bxxjlqkz.zip)
  • Click the Upload button.
  • Wait for the file to upload.
  • Under Forum Code, click Copy Code
  • Please paste the copied code into your next reply. (also under Delete File Link click on Copy Code and paste the code into a new notepad document (but please do NOT paste the Delete File Link here.)

Edited by jntkwx, 01 August 2011 - 12:08 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#15 Mommy2535

Mommy2535
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:08:08 AM

Posted 01 August 2011 - 12:23 PM

I tried to do that and it said: "Windows cannot create a zip folder here. Do you want it placed on the desktop instead?" Do I say yes or no?

Edited by Mommy2535, 01 August 2011 - 12:40 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users