Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Redirection when on Interet and Computer slow


  • This topic is locked This topic is locked
18 replies to this topic

#1 mmsboiballa

mmsboiballa

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 27 November 2011 - 10:57 PM

A couple days ago I randomly got a lot of pop ups on my computer screen as I was infected with a virus. I ran a few scans with Malwarebytes and it found some rogue things and I removed them. I thought I completely removed the virus and I was wrong. Now, I am constantly being redirected on google when I try and search things such as virus removal and the auto complete on google doesn't work. Also, when I start my computer up it says internet explorer is running even though I have not started it. I need help trying to solve my problems!

BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 28 November 2011 - 04:26 PM

Hi mmsboiballa,

:welcome: to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

Click on the Watch Topic button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.

 

:step1: Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer Log Errors
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go . Please put code boxes around just this entire log, like this, but without the letter x: [xcode] MiniToolBox log [/xcode]

:step2: Rerun Malwarebytes
Open Malwarebytes, click on the Update tab, and click the check for Updates button (the latest update as of this post is 8260).
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware

:step3: Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from http://www.superantispyware.com/downloads/SASDEFINITIONS.EXE (copy and paste that website address) and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others checked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Home" button to leave the control center screen.
  • Back on the main screen, under "Select Scan Type" click Complete Scan.
  • On the left, make sure you check C:\.
  • Click Start Complete Scan > Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a USB drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

:step4: Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.


In your next reply, please include:
  • MiniToolBox log
  • Malwarebytes log
  • SuperAntiSpyware log
  • GMER log
  • How's your computer running now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 28 November 2011 - 09:42 PM

MiniToolBox by Farbar 
Ran by Owner (administrator) on 28-11-2011 at 15:37:34
Windows (TM) Vista Home Premium Service Pack 2 (X64)

***************************************************************************

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ============================== 

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Owner-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : knology.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : knology.net
   Description . . . . . . . . . . . : Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-24-E8-18-4E-A1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e0fb:fa60:ccb0:2611%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, November 27, 2011 9:41:35 PM
   Lease Expires . . . . . . . . . . : Tuesday, November 29, 2011 9:41:33 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 251667688
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-DC-FE-CF-00-24-E8-18-4E-A1
   DNS Servers . . . . . . . . . . . : 69.1.30.43
                                       69.1.30.42
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.knology.net
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  hunt-server2.knology.net
Address:  69.1.30.43

Name:    google.com
Addresses:  74.125.65.103
	  74.125.65.104
	  74.125.65.105
	  74.125.65.106
	  74.125.65.147
	  74.125.65.99



Pinging google.com [74.125.65.104] with 32 bytes of data:

Reply from 74.125.65.104: bytes=32 time=32ms TTL=54

Reply from 74.125.65.104: bytes=32 time=33ms TTL=54



Ping statistics for 74.125.65.104:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 32ms, Maximum = 33ms, Average = 32ms

Server:  hunt-server2.knology.net
Address:  69.1.30.43

Name:    yahoo.com
Addresses:  209.191.122.70
	  72.30.2.43
	  98.137.149.56
	  98.139.180.149



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=35ms TTL=53

Reply from 209.191.122.70: bytes=32 time=36ms TTL=53



Ping statistics for 209.191.122.70:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 35ms, Maximum = 36ms, Average = 35ms

Server:  hunt-server2.knology.net
Address:  69.1.30.43

Name:    bleepingcomputer.com
Address:  208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 24 e8 18 4e a1 ...... Realtek RTL8102E/8103E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 12 ...00 00 00 00 00 00 00 e0  isatap.knology.net
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    276
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::e0fb:fa60:ccb0:2611/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/28/2011 06:34:30 AM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 1.9.2.4324, time stamp 0x4eb2a5bf, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000409, fault offset 0x00208a27,
process id 0x2cc, application start time 0xfirefox.exe0.

Error: (11/27/2011 09:42:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2011 09:42:00 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (11/27/2011 09:37:43 PM) (Source: Application Error) (User: )
Description: Faulting application firefox.exe, version 1.9.2.4324, time stamp 0x4eb2a5bf, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000409, fault offset 0x00898a27,
process id 0x88c, application start time 0xfirefox.exe0.

Error: (11/27/2011 09:37:22 PM) (Source: Application Hang) (User: )
Description: The program iTunes.exe version 10.5.1.42 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 160c
Start Time: 01ccad7eb3133fa9
Termination Time: 65

Error: (11/27/2011 09:34:49 PM) (Source: Application Hang) (User: )
Description: The program iTunes.exe version 10.5.1.42 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1658
Start Time: 01ccad7bd52e0d29
Termination Time: 32

Error: (11/26/2011 09:55:16 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 101.1.168.192.in-addr.arpa. PTR Owner-PC.local.

Error: (11/26/2011 09:55:16 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.101:5353   18 101.1.168.192.in-addr.arpa. PTR Owner-PC-2.local.

Error: (11/26/2011 09:55:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2011 06:08:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/28/2011 06:41:09 AM) (Source: DCOM) (User: )
Description: 1084McComponentHostService{CC6F4D12-8575-4CFF-9455-CF5774AEB13B}

Error: (11/27/2011 09:55:31 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (11/27/2011 09:43:00 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/27/2011 09:42:33 PM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (11/27/2011 09:42:33 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Center Extender ServiceFunction Discovery Provider Host%%1068

Error: (11/27/2011 09:42:33 PM) (Source: Service Control Manager) (User: )
Description: PnP-X IP Bus EnumeratorFunction Discovery Provider Host%%1068

Error: (11/27/2011 09:42:33 PM) (Source: Service Control Manager) (User: )
Description: Computer BrowserServer%%1068

Error: (11/27/2011 09:42:14 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (11/27/2011 09:42:07 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (11/27/2011 09:42:00 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (04/25/2010 03:18:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 508 seconds with 240 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Acoustica Effects Pack (Version: 1.0)
Acoustica Mixcraft 4.1
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe CSI CS4 (Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Drive CS4 (Version: 1)
Adobe Drive CS4 x64 (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Fonts All (Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (Version: 10.0.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
aioprnt (Version: 5.3.1.0)
Akamai NetSession Interface Service
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.13 (Unicode)
BlackBerry Device Software Updater (Version: 5.0.1.69)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (Version: 1.00.0000)
Canon MP Navigator EX 2.0
Canon MP240 series MP Drivers
Canon MP240 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant D850 PCI V.92 Modem (Version: 7.74.00)
Connect (Version: 1.0.0.1)
Consumer In-Home Service Agreement (Version: 2.0.0)
ConvertHelper 2.2
Coupon Printer for Windows (Version: 5.0.0.0)
Dell-eBay (Version: 1.00.0000)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dev-C++ 5 beta 9 release (4.9.9.2)
Digital Line Detect (Version: 1.21)
DivX Setup (Version: 1.0.2.22)
essentials (Version: 6.0.14.0)
ExamView Player
ExamView Pro
Feedback Tool (Version: 1.1.0)
GIMP 2.6.10 (Version: 2.6.10)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
HijackThis 2.0.2 (Version: 2.0.2)
HST Physical Science (Version: 1.00.0000)
ijji REACTOR (Version: 1.00.0000)
iPhone Configuration Utility (Version: 2.1.0.163)
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.5.1)
Junk Mail filter update (Version: 14.0.8050.1202)
Kodak AIO Printer (Version: 7.0.3.0)
ksDIP (Version: 3.20.0000.0001)
kuler (Version: 2.0)
LAME v3.98.3 for Audacity
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft PowerPoint Viewer 97
Microsoft Search Enhancement Pack (Version: 1.3.59.0)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
mIRC (Version: 7.15)
Modem Diagnostic Tool (Version: 1.0.24.0)
Mozilla Firefox (3.6.24) (Version: 3.6.24 (en-US))
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.54)
ocr (Version: 6.2.3.50)
Opera 11.51 (Version: 11.51.1087)
PANTECH Handset USB Driver V2 (Version: 1.1.4583.1215)
Pantech PCSuite (Version: 1.0)
PDF Settings CS4 (Version: 9.0)
PDF Settings CS5 (Version: 10.0)
Photoshop Camera Raw (Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
PowerDVD (Version: 8.1)
PreReq (Version: 6.2.2.60)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver
Rosetta Stone Version 3 (Version: 3.3.7.0)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Skype™ 5.5 (Version: 5.5.113)
Spybot - Search & Destroy (Version: 1.6.2)
Suite Shared Configuration CS4 (Version: 1.0)
TurboTax 2009
TurboTax 2009 waliper (Version: 009.000.0693)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Videora iPod Converter 5.04 (Version: 5.04)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Toolbar (Version: 14.0.8052.1208)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
WOT for Internet Explorer (Version: 10.3.3.0)
XPort 360
Xvid 1.2.1 final uninstall (Version: 1.2)

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 6132.27 MB
Available physical RAM: 4637.76 MB
Total Pagefile: 12465.58 MB
Available Pagefile: 11233.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3998.06 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:452.87 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.1 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-PC

Administrator            Guest                    Owner                    


**** End of log **** 



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6188

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

3/27/2011 9:15:35 PM
mbam-log-2011-03-27 (21-15-35).txt

Scan type: Quick scan
Objects scanned: 178677
Time elapsed: 2 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/28/2011 at 05:55 PM

Application Version : 5.0.1136

Core Rules Database Version : 7992
Trace Rules Database Version: 5804

Scan type       : Complete Scan
Total Scan Time : 02:03:31

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned      : 336
Memory threats detected   : 0
Registry items scanned    : 71187
Registry threats detected : 0
File items scanned        : 130087
File threats detected     : 335

Adware.Tracking Cookie
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\PWIO4KTL.txt [ /pro-market.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\3W0TY52N.txt [ /cdn.jemamedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\25YAJN6X.txt [ /imrworldwide.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\GEGPM7XA.txt [ /in.getclicky.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\9I32OSG6.txt [ /server.cpmstar.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\F4SK5JHX.txt [ /newmusiccountdown.mevio.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\IEAJ2WTA.txt [ /amazon-adsystem.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\FHAMQGCX.txt [ /bs.serving-sys.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\ZPLC2LXC.txt [ /ads.pubmatic.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\EOKUQVX8.txt [ /kontera.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\I1WSC2IM.txt [ /microsoftxbox.112.2o7.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\JYR9QFOQ.txt [ /ads.undertone.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\HE98SLAZ.txt [ /questionmarket.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\N61225LL.txt [ /pfatracking.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\48M301L7.txt [ /adxpose.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\49PTCKH3.txt [ /media6degrees.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\J3EBFFGX.txt [ /www.networkadvertising.org ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\WH0YAW9S.txt [ /realmedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\JG2FOYEJ.txt [ /sales.liveperson.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\ZTZ1ZZBY.txt [ /tribalfusion.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\Y8CAZOMY.txt [ /adup.rotator.hadj7.adjuggler.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\IX4YYISL.txt [ /ads.izeads.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\JS9HU3J5.txt [ /liveperson.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\NPT8UYYL.txt [ /specificclick.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\VI5B9I72.txt [ /lucidmedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\YJQVZYSN.txt [ /akamai.interclickproxy.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\DFJWGN6M.txt [ /ads.blogtalkradio.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\7J3VG757.txt [ /dc.tremormedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\52VKKHD8.txt [ /legolas-media.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\UA3Q8NHD.txt [ /ads.addynamix.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\B8X6U2WC.txt [ /eyewonder.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\4H0SYG0T.txt [ /adserver.adtechus.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\G3QEJXIN.txt [ /revsci.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\C0XPDKKU.txt [ /xml.prostreammedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\7AMMSL3Q.txt [ /yieldmanager.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\JSEG29T1.txt [ /collective-media.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\W0573YBJ.txt [ /pointroll.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\GCHIRWXH.txt [ /insightexpressai.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\YSXXRRW3.txt [ /cdn.fondnessmedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\LQ11G1IH.txt [ /media.adfrontiers.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\B39YSJKV.txt [ /adbrite.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\2GCQ7YAV.txt [ /adinterax.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\1MP14MD4.txt [ /ox-d.fondnessmedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\M31HLBHY.txt [ /weborama.fr ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\XW1GRJ33.txt [ /trafficmp.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\2ERM0N6L.txt [ /fondnessmedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\K4RUMRRI.txt [ /ads.pointroll.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\YRR8G340.txt [ /ru4.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\DBYJJLY2.txt [ /trafficengine.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\NM7L0MD1.txt [ /liveperson.net ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\17DA3PMB.txt [ /advertising.sheknows.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\I1QM4OBF.txt [ /stat.onestat.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\FYUJ7YG4.txt [ /ad.yieldmanager.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\HY3G9PSL.txt [ /serving-sys.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\2IK6ITO1.txt [ /invitemedia.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\1AJE6E7N.txt [ /iac.mediaroom.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\DWARE32H.txt [ /interclick.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\GAQZ3QHP.txt [ /a1.interclick.com ]
	C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\84IDQBQR.txt [ /warnerbros.112.2o7.net ]
	C:\USERS\OWNER\AppData\Roaming\Microsoft\Windows\Cookies\DAZ3LQPO.txt [ Cookie:owner@adsonar.com/adserving ]
	C:\USERS\OWNER\Cookies\3W0TY52N.txt [ Cookie:owner@cdn.jemamedia.com/ ]
	C:\USERS\OWNER\Cookies\9I32OSG6.txt [ Cookie:owner@server.cpmstar.com/ ]
	C:\USERS\OWNER\Cookies\F4SK5JHX.txt [ Cookie:owner@newmusiccountdown.mevio.com/ ]
	C:\USERS\OWNER\Cookies\FHAMQGCX.txt [ Cookie:owner@bs.serving-sys.com/ ]
	C:\USERS\OWNER\Cookies\EOKUQVX8.txt [ Cookie:owner@kontera.com/ ]
	C:\USERS\OWNER\Cookies\I1WSC2IM.txt [ Cookie:owner@microsoftxbox.112.2o7.net/ ]
	C:\USERS\OWNER\Cookies\HE98SLAZ.txt [ Cookie:owner@questionmarket.com/ ]
	C:\USERS\OWNER\Cookies\49PTCKH3.txt [ Cookie:owner@media6degrees.com/ ]
	C:\USERS\OWNER\Cookies\WH0YAW9S.txt [ Cookie:owner@realmedia.com/ ]
	C:\USERS\OWNER\Cookies\JG2FOYEJ.txt [ Cookie:owner@sales.liveperson.net/ ]
	C:\USERS\OWNER\Cookies\ZTZ1ZZBY.txt [ Cookie:owner@tribalfusion.com/ ]
	C:\USERS\OWNER\Cookies\Y8CAZOMY.txt [ Cookie:owner@adup.rotator.hadj7.adjuggler.net/ ]
	C:\USERS\OWNER\Cookies\NPT8UYYL.txt [ Cookie:owner@specificclick.net/ ]
	C:\USERS\OWNER\Cookies\YJQVZYSN.txt [ Cookie:owner@akamai.interclickproxy.com/ ]
	C:\USERS\OWNER\Cookies\4H0SYG0T.txt [ Cookie:owner@adserver.adtechus.com/ ]
	C:\USERS\OWNER\Cookies\G3QEJXIN.txt [ Cookie:owner@revsci.net/ ]
	C:\USERS\OWNER\Cookies\C0XPDKKU.txt [ Cookie:owner@xml.prostreammedia.com/ ]
	C:\USERS\OWNER\Cookies\7AMMSL3Q.txt [ Cookie:owner@yieldmanager.net/ ]
	C:\USERS\OWNER\Cookies\JSEG29T1.txt [ Cookie:owner@collective-media.net/ ]
	C:\USERS\OWNER\Cookies\W0573YBJ.txt [ Cookie:owner@pointroll.com/ ]
	C:\USERS\OWNER\Cookies\GCHIRWXH.txt [ Cookie:owner@insightexpressai.com/ ]
	C:\USERS\OWNER\Cookies\YSXXRRW3.txt [ Cookie:owner@cdn.fondnessmedia.com/css/fondnessmedia/images/ ]
	C:\USERS\OWNER\Cookies\LQ11G1IH.txt [ Cookie:owner@media.adfrontiers.com/ ]
	C:\USERS\OWNER\Cookies\B39YSJKV.txt [ Cookie:owner@adbrite.com/ ]
	C:\USERS\OWNER\Cookies\1MP14MD4.txt [ Cookie:owner@ox-d.fondnessmedia.com/ ]
	C:\USERS\OWNER\Cookies\M31HLBHY.txt [ Cookie:owner@weborama.fr/ ]
	C:\USERS\OWNER\Cookies\K4RUMRRI.txt [ Cookie:owner@ads.pointroll.com/ ]
	C:\USERS\OWNER\Cookies\YRR8G340.txt [ Cookie:owner@ru4.com/ ]
	C:\USERS\OWNER\Cookies\DBYJJLY2.txt [ Cookie:owner@trafficengine.net/ ]
	C:\USERS\OWNER\Cookies\NM7L0MD1.txt [ Cookie:owner@liveperson.net/ ]
	C:\USERS\OWNER\Cookies\17DA3PMB.txt [ Cookie:owner@advertising.sheknows.com/ ]
	C:\USERS\OWNER\Cookies\HY3G9PSL.txt [ Cookie:owner@serving-sys.com/ ]
	C:\USERS\OWNER\Cookies\2IK6ITO1.txt [ Cookie:owner@invitemedia.com/ ]
	C:\USERS\OWNER\Cookies\GAQZ3QHP.txt [ Cookie:owner@a1.interclick.com/ ]
	C:\USERS\OWNER\Cookies\DAZ3LQPO.txt [ Cookie:owner@adsonar.com/adserving ]
	C:\USERS\OWNER\Cookies\84IDQBQR.txt [ Cookie:owner@warnerbros.112.2o7.net/ ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.yieldmanager.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ru4.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.buycom.122.2o7.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	traffic.buyservices.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atrack.art.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.questionmarket.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.questionmarket.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.pro-market.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.c.atdmt.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.c.atdmt.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.amazon-adsystem.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.maximumspeedfind.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	clicks.maximumspeedfind.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.maximumspeedfind.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	s04.flagcounter.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.dmtracker.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tribalfusion.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.lucidmedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.r1-ads.ace.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.at.atwola.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.server.cpmstar.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mtvn.112.2o7.net [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tokyoboyxxx.tumblr.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tokyoboyxxx.tumblr.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tokyoboyxxx.tumblr.com [ C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	cdn.selectablemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	cdn.tremormedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	content.yieldmanager.edgesuite.net [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	ds.serving-sys.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	media.mtvnservices.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	media.scanscout.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	media1.break.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	media3.break.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	mediacast.realgravity.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	objects.tremormedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	secure-us.imrworldwide.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	www.pornpros.com [ C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YBDV8RTN ]
	.kontera.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.atdmt.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.kaspersky.122.2o7.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.r1-ads.ace.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.liveperson.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.xiti.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.legolas-media.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.interclick.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.serving-sys.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ar.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.imrworldwide.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertise.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	ad.yieldmanager.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.harrenmedianetwork.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	bridge1.admarketplace.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.admarketplace.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.c1.atdmt.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.advertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.revsci.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ru4.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.adbrite.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.yieldmanager.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	www.findsearchengineresults.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.clickfuse.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media2.legacy.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.traveladvertising.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	clicks.thespecialsearch.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	sdesapio-conversiontracker.appspot.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	sdesapio-conversiontracker.appspot.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	sdesapio-conversiontracker.appspot.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	sdesapio-conversiontracker.appspot.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.solvemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.tribalfusion.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.ads.pointroll.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	adserver.twitpic.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media6degrees.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.invitemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.adserver.adtechus.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.247realmedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.www.burstnet.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media.adfrontiers.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.casalemedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.media.adfrontiers.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.linksynergy.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.linksynergy.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.linksynergy.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.lfstmedia.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.trafficmp.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.zedo.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.viewablemedia.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.googleads4.in [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.tacoda.at.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.atwola.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.collective-media.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.mediaplex.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.questionmarket.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.apmebf.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.insightexpressai.com [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]
	.doubleclick.net [ C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QRSOV5F6.DEFAULT\COOKIES.SQLITE ]

The last program didn't find anything either.

everything is good except for getting redirected on google.

#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 28 November 2011 - 09:50 PM

Hi mmsboiballa,

:step1: Rerun Malwarebytes
Your log shows an outdated database version was used to scan.
Please open Malwarebytes, click on the Update tab, and click the check for Updates button (the latest update as of this post is 8264).
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware


When you say "the last program didn't find anything", did GMER create a log file?


In your next reply, please include:
  • Malwarebytes log
  • How's your computer running now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 29 November 2011 - 06:24 PM

Yes, GMER didn't find anything. I ran Malwarebytes again and I got the same thing again

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6188

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

3/27/2011 9:15:35 PM
mbam-log-2011-03-27 (21-15-35).txt

Scan type: Quick scan
Objects scanned: 178677
Time elapsed: 2 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

EVERYTHING and I mean EVERYTHING would be great if I wouldn't get redirected when I click on a page from google. Right now, that is the only thing wrong.

#6 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 29 November 2011 - 06:49 PM

Hi mmsboiballa,

Are you redirected in both Firefox and Internet Explorer, or just one?

You copied the same Malwarebytes log in your latest reply as you did in your previous reply (they both say the scan was run on 3/27/2011 at 9:15:35 PM.)

Please carefully follow these instructions:


Rerun Malwarebytes

Important: Open Malwarebytes, click on the Update tab, and click the check for Updates button (the latest database version as of this post is: 8273).
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

If you have trouble updating, troubleshoot Malwarebytes' Anti-Malware
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#7 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 29 November 2011 - 07:07 PM

I apologize, I've been forgetting to scroll down to get my log, but I'm being redirected in both Internet Explorer and Firefox. Also, for some reason Internet explorer is already running in the task manager processes window when I start.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8273

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 9.0.8112.16421

11/29/2011 4:40:12 PM
mbam-log-2011-11-29 (16-40-12).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 481069
Time elapsed: 59 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


#8 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 29 November 2011 - 07:09 PM

Hi mmsboiballa,

Please carefully follow the steps in the following guide:

How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller If you have previously downloaded TDSSkiller, please download a new version, as it is updated often.

Please copy and paste the TDSSkiller log (located at C:\) in your next reply.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#9 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 30 November 2011 - 04:40 PM

15:35:53.0506 4668	TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

15:35:53.0659 4668	============================================================

15:35:53.0659 4668	Current date / time: 2011/11/30 15:35:53.0659

15:35:53.0659 4668	SystemInfo:

15:35:53.0659 4668	

15:35:53.0659 4668	OS Version: 6.0.6002 ServicePack: 2.0

15:35:53.0659 4668	Product type: Workstation

15:35:53.0659 4668	ComputerName: OWNER-PC

15:35:53.0659 4668	UserName: Owner

15:35:53.0659 4668	Windows directory: C:\Windows

15:35:53.0659 4668	System windows directory: C:\Windows

15:35:53.0659 4668	Running under WOW64

15:35:53.0659 4668	Processor architecture: Intel x64

15:35:53.0659 4668	Number of processors: 2

15:35:53.0659 4668	Page size: 0x1000

15:35:53.0659 4668	Boot type: Normal boot

15:35:53.0659 4668	============================================================

15:36:11.0370 4668	Initialize success

15:36:59.0231 1020	============================================================

15:36:59.0232 1020	Scan started

15:36:59.0232 1020	Mode: Manual; 

15:36:59.0232 1020	============================================================

15:37:01.0021 1020	40280630 - ok

15:37:01.0054 1020	ACPI            (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

15:37:01.0057 1020	ACPI - ok

15:37:01.0110 1020	adfs            (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

15:37:01.0110 1020	adfs - ok

15:37:01.0187 1020	adp94xx         (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys

15:37:01.0192 1020	adp94xx - ok

15:37:01.0232 1020	adpahci         (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys

15:37:01.0238 1020	adpahci - ok

15:37:01.0266 1020	adpu160m        (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys

15:37:01.0268 1020	adpu160m - ok

15:37:01.0295 1020	adpu320         (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys

15:37:01.0297 1020	adpu320 - ok

15:37:01.0416 1020	AFD             (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys

15:37:01.0454 1020	AFD - ok

15:37:01.0482 1020	agp440          (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys

15:37:01.0483 1020	agp440 - ok

15:37:01.0574 1020	aic78xx         (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

15:37:01.0576 1020	aic78xx - ok

15:37:01.0615 1020	aliide          (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys

15:37:01.0616 1020	aliide - ok

15:37:01.0643 1020	amdide          (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

15:37:01.0645 1020	amdide - ok

15:37:01.0668 1020	AmdK8           (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys

15:37:01.0670 1020	AmdK8 - ok

15:37:01.0714 1020	arc             (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys

15:37:01.0716 1020	arc - ok

15:37:01.0743 1020	arcsas          (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys

15:37:01.0744 1020	arcsas - ok

15:37:01.0781 1020	AsyncMac        (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

15:37:01.0789 1020	AsyncMac - ok

15:37:01.0823 1020	atapi           (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

15:37:01.0823 1020	atapi - ok

15:37:01.0869 1020	blbdrive        (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys

15:37:01.0871 1020	blbdrive - ok

15:37:02.0009 1020	bowser          (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

15:37:02.0034 1020	bowser - ok

15:37:02.0112 1020	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

15:37:02.0121 1020	BrFiltLo - ok

15:37:02.0143 1020	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

15:37:02.0144 1020	BrFiltUp - ok

15:37:02.0171 1020	Brserid         (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

15:37:02.0172 1020	Brserid - ok

15:37:02.0187 1020	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

15:37:02.0189 1020	BrSerWdm - ok

15:37:02.0208 1020	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

15:37:02.0209 1020	BrUsbMdm - ok

15:37:02.0221 1020	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

15:37:02.0223 1020	BrUsbSer - ok

15:37:02.0244 1020	BTHMODEM        (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

15:37:02.0246 1020	BTHMODEM - ok

15:37:02.0308 1020	CAXHWBS2        (6c2dd66a3db32450d661ba89b18b1941) C:\Windows\system32\DRIVERS\CAXHWBS2.sys

15:37:02.0332 1020	CAXHWBS2 - ok

15:37:02.0351 1020	cdfs            (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

15:37:02.0353 1020	cdfs - ok

15:37:02.0370 1020	cdrom           (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

15:37:02.0372 1020	cdrom - ok

15:37:02.0414 1020	circlass        (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys

15:37:02.0415 1020	circlass - ok

15:37:02.0478 1020	CLFS            (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

15:37:02.0482 1020	CLFS - ok

15:37:02.0515 1020	cmdide          (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

15:37:02.0516 1020	cmdide - ok

15:37:02.0566 1020	Compbatt        (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys

15:37:02.0567 1020	Compbatt - ok

15:37:02.0623 1020	crcdisk         (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys

15:37:02.0623 1020	crcdisk - ok

15:37:02.0698 1020	DfsC            (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

15:37:02.0700 1020	DfsC - ok

15:37:02.0784 1020	disk            (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

15:37:02.0786 1020	disk - ok

15:37:02.0828 1020	drmkaud         (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

15:37:02.0830 1020	drmkaud - ok

15:37:02.0877 1020	dump_wmimmc - ok

15:37:03.0198 1020	DXGKrnl         (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

15:37:03.0206 1020	DXGKrnl - ok

15:37:03.0277 1020	e1express       (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys

15:37:03.0282 1020	e1express - ok

15:37:03.0314 1020	E1G60           (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys

15:37:03.0317 1020	E1G60 - ok

15:37:03.0341 1020	Ecache          (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

15:37:03.0343 1020	Ecache - ok

15:37:03.0432 1020	elxstor         (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys

15:37:03.0448 1020	elxstor - ok

15:37:03.0486 1020	ErrDev          (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys

15:37:03.0487 1020	ErrDev - ok

15:37:03.0534 1020	exfat           (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

15:37:03.0550 1020	exfat - ok

15:37:03.0574 1020	fastfat         (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

15:37:03.0610 1020	fastfat - ok

15:37:03.0629 1020	fdc             (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

15:37:03.0631 1020	fdc - ok

15:37:03.0736 1020	FileInfo        (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

15:37:03.0738 1020	FileInfo - ok

15:37:03.0787 1020	Filetrace       (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

15:37:03.0789 1020	Filetrace - ok

15:37:03.0817 1020	flpydisk        (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

15:37:03.0834 1020	flpydisk - ok

15:37:03.0934 1020	FltMgr          (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

15:37:03.0990 1020	FltMgr - ok

15:37:04.0045 1020	Fs_Rec          (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys

15:37:04.0046 1020	Fs_Rec - ok

15:37:04.0096 1020	gagp30kx        (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys

15:37:04.0108 1020	gagp30kx - ok

15:37:04.0151 1020	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:37:04.0152 1020	GEARAspiWDM - ok

15:37:04.0389 1020	HDAudBus        (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:37:04.0400 1020	HDAudBus - ok

15:37:04.0418 1020	HidBth          (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

15:37:04.0420 1020	HidBth - ok

15:37:04.0698 1020	HidIr           (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

15:37:04.0699 1020	HidIr - ok

15:37:04.0721 1020	HidUsb          (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

15:37:04.0722 1020	HidUsb - ok

15:37:04.0750 1020	HpCISSs         (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys

15:37:04.0752 1020	HpCISSs - ok

15:37:04.0804 1020	HSF_DPV         (60f1d0ede7ae2b92b3a8886e825b7147) C:\Windows\system32\DRIVERS\CAX_DPV.sys

15:37:04.0832 1020	HSF_DPV - ok

15:37:04.0988 1020	HTTP            (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

15:37:05.0005 1020	HTTP - ok

15:37:05.0029 1020	i2omp           (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys

15:37:05.0031 1020	i2omp - ok

15:37:05.0060 1020	i8042prt        (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

15:37:05.0071 1020	i8042prt - ok

15:37:05.0106 1020	iaStor          (756879fa65978df948437ce3fd1eaccd) C:\Windows\system32\drivers\iastor.sys

15:37:05.0112 1020	iaStor - ok

15:37:05.0172 1020	iaStorV         (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys

15:37:05.0180 1020	iaStorV - ok

15:37:05.0486 1020	igfx            (2161876969e428a494f8d7c38fa6f513) C:\Windows\system32\DRIVERS\igdkmd64.sys

15:37:05.0615 1020	igfx - ok

15:37:05.0683 1020	iirsp           (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

15:37:05.0684 1020	iirsp - ok

15:37:05.0777 1020	IntcAzAudAddService (49a1c3833af724b2555c0689347dcd05) C:\Windows\system32\drivers\RTKVHD64.sys

15:37:05.0784 1020	IntcAzAudAddService - ok

15:37:05.0819 1020	intelide        (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\DRIVERS\intelide.sys

15:37:05.0819 1020	intelide - ok

15:37:06.0000 1020	intelppm        (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

15:37:06.0000 1020	intelppm - ok

15:37:06.0484 1020	IpFilterDriver  (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:37:06.0518 1020	IpFilterDriver - ok

15:37:06.0531 1020	IpInIp - ok

15:37:06.0552 1020	IPMIDRV         (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys

15:37:06.0554 1020	IPMIDRV - ok

15:37:06.0583 1020	IPNAT           (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

15:37:06.0585 1020	IPNAT - ok

15:37:06.0637 1020	IRENUM          (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

15:37:06.0653 1020	IRENUM - ok

15:37:06.0675 1020	isapnp          (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys

15:37:06.0677 1020	isapnp - ok

15:37:06.0711 1020	iScsiPrt        (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

15:37:06.0712 1020	iScsiPrt - ok

15:37:06.0741 1020	iteatapi        (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

15:37:06.0754 1020	iteatapi - ok

15:37:06.0771 1020	iteraid         (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

15:37:06.0813 1020	iteraid - ok

15:37:06.0838 1020	kbdclass        (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

15:37:06.0838 1020	kbdclass - ok

15:37:06.0854 1020	kbdhid          (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys

15:37:06.0875 1020	kbdhid - ok

15:37:06.0956 1020	KSecDD          (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys

15:37:06.0976 1020	KSecDD - ok

15:37:07.0008 1020	ksthunk         (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

15:37:07.0009 1020	ksthunk - ok

15:37:07.0042 1020	lltdio          (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

15:37:07.0044 1020	lltdio - ok

15:37:07.0081 1020	LSI_FC          (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys

15:37:07.0084 1020	LSI_FC - ok

15:37:07.0100 1020	LSI_SAS         (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys

15:37:07.0102 1020	LSI_SAS - ok

15:37:07.0126 1020	LSI_SCSI        (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys

15:37:07.0128 1020	LSI_SCSI - ok

15:37:07.0147 1020	luafv           (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

15:37:07.0149 1020	luafv - ok

15:37:07.0186 1020	mdmxsdk         (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys

15:37:07.0205 1020	mdmxsdk - ok

15:37:07.0227 1020	megasas         (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys

15:37:07.0229 1020	megasas - ok

15:37:07.0250 1020	MegaSR          (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys

15:37:07.0256 1020	MegaSR - ok

15:37:07.0287 1020	Modem           (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

15:37:07.0288 1020	Modem - ok

15:37:07.0397 1020	monitor         (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

15:37:07.0398 1020	monitor - ok

15:37:07.0407 1020	mouclass        (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

15:37:07.0407 1020	mouclass - ok

15:37:07.0434 1020	mouhid          (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

15:37:07.0435 1020	mouhid - ok

15:37:07.0453 1020	MountMgr        (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

15:37:07.0454 1020	MountMgr - ok

15:37:07.0482 1020	mpio            (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys

15:37:07.0484 1020	mpio - ok

15:37:07.0518 1020	mpsdrv          (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

15:37:07.0535 1020	mpsdrv - ok

15:37:07.0556 1020	Mraid35x        (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

15:37:07.0557 1020	Mraid35x - ok

15:37:07.0599 1020	MRxDAV          (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

15:37:07.0620 1020	MRxDAV - ok

15:37:07.0853 1020	mrxsmb          (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:37:07.0923 1020	mrxsmb - ok

15:37:08.0129 1020	mrxsmb10        (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:37:08.0155 1020	mrxsmb10 - ok

15:37:08.0236 1020	mrxsmb20        (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:37:08.0254 1020	mrxsmb20 - ok

15:37:08.0433 1020	msahci          (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys

15:37:08.0452 1020	msahci - ok

15:37:08.0495 1020	msdsm           (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys

15:37:08.0498 1020	msdsm - ok

15:37:08.0544 1020	Msfs            (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

15:37:08.0545 1020	Msfs - ok

15:37:08.0727 1020	msisadrv        (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

15:37:08.0727 1020	msisadrv - ok

15:37:08.0800 1020	MSKSSRV         (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

15:37:08.0802 1020	MSKSSRV - ok

15:37:08.0915 1020	MSPCLOCK        (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

15:37:08.0936 1020	MSPCLOCK - ok

15:37:08.0983 1020	MSPQM           (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

15:37:09.0008 1020	MSPQM - ok

15:37:09.0106 1020	MsRPC           (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

15:37:09.0129 1020	MsRPC - ok

15:37:09.0150 1020	mssmbios        (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

15:37:09.0151 1020	mssmbios - ok

15:37:09.0164 1020	MSTEE           (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

15:37:09.0165 1020	MSTEE - ok

15:37:09.0319 1020	Mup             (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

15:37:09.0320 1020	Mup - ok

15:37:09.0432 1020	NativeWifiP     (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

15:37:09.0434 1020	NativeWifiP - ok

15:37:09.0599 1020	NDIS            (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

15:37:09.0611 1020	NDIS - ok

15:37:09.0633 1020	NdisTapi        (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

15:37:09.0634 1020	NdisTapi - ok

15:37:09.0674 1020	Ndisuio         (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

15:37:09.0693 1020	Ndisuio - ok

15:37:09.0781 1020	NdisWan         (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

15:37:09.0794 1020	NdisWan - ok

15:37:09.0846 1020	NDProxy         (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

15:37:09.0848 1020	NDProxy - ok

15:37:09.0905 1020	NetBIOS         (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

15:37:09.0907 1020	NetBIOS - ok

15:37:10.0049 1020	netbt           (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

15:37:10.0072 1020	netbt - ok

15:37:10.0164 1020	nfrd960         (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

15:37:10.0166 1020	nfrd960 - ok

15:37:10.0241 1020	Npfs            (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

15:37:10.0267 1020	Npfs - ok

15:37:10.0314 1020	NPPTNT2 - ok

15:37:10.0375 1020	nsiproxy        (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

15:37:10.0376 1020	nsiproxy - ok

15:37:10.0648 1020	Ntfs            (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

15:37:10.0736 1020	Ntfs - ok

15:37:10.0762 1020	Null            (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

15:37:10.0762 1020	Null - ok

15:37:10.0798 1020	nvraid          (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys

15:37:10.0830 1020	nvraid - ok

15:37:10.0877 1020	nvstor          (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys

15:37:11.0354 1020	nvstor - ok

15:37:11.0426 1020	nv_agp          (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys

15:37:11.0428 1020	nv_agp - ok

15:37:11.0473 1020	NwlnkFlt - ok

15:37:11.0683 1020	NwlnkFwd - ok

15:37:11.0740 1020	ohci1394        (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys

15:37:11.0788 1020	ohci1394 - ok

15:37:11.0862 1020	Parport         (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

15:37:11.0866 1020	Parport - ok

15:37:11.0911 1020	partmgr         (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

15:37:11.0926 1020	partmgr - ok

15:37:12.0068 1020	pci             (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

15:37:12.0070 1020	pci - ok

15:37:12.0117 1020	pciide          (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys

15:37:12.0117 1020	pciide - ok

15:37:12.0136 1020	pcmcia          (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

15:37:12.0138 1020	pcmcia - ok

15:37:12.0167 1020	PEAUTH          (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

15:37:12.0175 1020	PEAUTH - ok

15:37:12.0250 1020	PptpMiniport    (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

15:37:12.0263 1020	PptpMiniport - ok

15:37:12.0279 1020	Processor       (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys

15:37:12.0283 1020	Processor - ok

15:37:12.0351 1020	PSched          (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

15:37:12.0667 1020	PSched - ok

15:37:12.0788 1020	PTQHBUS         (3587aa9e55e439274def53726563a3dc) C:\Windows\system32\DRIVERS\PTQHBUS.sys

15:37:12.0790 1020	PTQHBUS - ok

15:37:13.0213 1020	PTQHMDM         (06d4b597397d56f4becc2f17267a37c6) C:\Windows\system32\DRIVERS\PTQHMDM.sys

15:37:13.0307 1020	PTQHMDM - ok

15:37:15.0395 1020	PTQHVSP         (a8aced23323c5d67424bc4e644d78ba8) C:\Windows\system32\DRIVERS\PTQHVSP.sys

15:37:16.0023 1020	PTQHVSP - ok

15:37:17.0108 1020	PxHlpa64        (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys

15:37:17.0124 1020	PxHlpa64 - ok

15:37:18.0017 1020	ql2300          (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys

15:37:18.0254 1020	ql2300 - ok

15:37:18.0308 1020	ql40xx          (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

15:37:18.0319 1020	ql40xx - ok

15:37:18.0338 1020	QWAVEdrv        (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

15:37:18.0348 1020	QWAVEdrv - ok

15:37:18.0478 1020	R300            (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys

15:37:18.0531 1020	R300 - ok

15:37:18.0542 1020	RasAcd          (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

15:37:18.0543 1020	RasAcd - ok

15:37:18.0641 1020	Rasl2tp         (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:37:18.0643 1020	Rasl2tp - ok

15:37:18.0707 1020	RasPppoe        (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

15:37:18.0709 1020	RasPppoe - ok

15:37:18.0775 1020	RasSstp         (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

15:37:18.0777 1020	RasSstp - ok

15:37:18.0876 1020	rdbss           (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

15:37:18.0880 1020	rdbss - ok

15:37:18.0887 1020	RDPCDD          (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:37:18.0888 1020	RDPCDD - ok

15:37:18.0944 1020	rdpdr           (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys

15:37:18.0948 1020	rdpdr - ok

15:37:18.0959 1020	RDPENCDD        (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

15:37:18.0961 1020	RDPENCDD - ok

15:37:19.0040 1020	RDPWD           (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys

15:37:19.0043 1020	RDPWD - ok

15:37:19.0116 1020	RimUsb          (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

15:37:19.0118 1020	RimUsb - ok

15:37:19.0152 1020	rspndr          (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

15:37:19.0153 1020	rspndr - ok

15:37:19.0206 1020	RTL8169         (335352091acc9884b9c527edcdd643bb) C:\Windows\system32\DRIVERS\Rtlh64.sys

15:37:19.0208 1020	RTL8169 - ok

15:37:19.0361 1020	SASDIFSV        (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

15:37:19.0361 1020	SASDIFSV - ok

15:37:19.0449 1020	SASKUTIL        (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

15:37:19.0449 1020	SASKUTIL - ok

15:37:19.0479 1020	sbp2port        (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

15:37:19.0482 1020	sbp2port - ok

15:37:19.0502 1020	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:37:19.0502 1020	secdrv - ok

15:37:19.0544 1020	Serenum         (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys

15:37:19.0545 1020	Serenum - ok

15:37:19.0567 1020	Serial          (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys

15:37:19.0569 1020	Serial - ok

15:37:19.0583 1020	sermouse        (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

15:37:19.0584 1020	sermouse - ok

15:37:19.0618 1020	sffdisk         (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys

15:37:19.0631 1020	sffdisk - ok

15:37:19.0645 1020	sffp_mmc        (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys

15:37:19.0647 1020	sffp_mmc - ok

15:37:19.0664 1020	sffp_sd         (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys

15:37:19.0666 1020	sffp_sd - ok

15:37:19.0684 1020	sfloppy         (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

15:37:19.0686 1020	sfloppy - ok

15:37:19.0706 1020	SiSRaid2        (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys

15:37:19.0708 1020	SiSRaid2 - ok

15:37:19.0726 1020	SiSRaid4        (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys

15:37:19.0727 1020	SiSRaid4 - ok

15:37:19.0798 1020	Smb             (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

15:37:19.0800 1020	Smb - ok

15:37:19.0875 1020	spldr           (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

15:37:19.0876 1020	spldr - ok

15:37:19.0971 1020	srv             (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

15:37:19.0977 1020	srv - ok

15:37:20.0076 1020	srv2            (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

15:37:20.0078 1020	srv2 - ok

15:37:20.0090 1020	srvnet          (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

15:37:20.0092 1020	srvnet - ok

15:37:20.0187 1020	swenum          (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

15:37:20.0188 1020	swenum - ok

15:37:20.0239 1020	Symc8xx         (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

15:37:20.0240 1020	Symc8xx - ok

15:37:20.0273 1020	Sym_hi          (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

15:37:20.0274 1020	Sym_hi - ok

15:37:20.0287 1020	Sym_u3          (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

15:37:20.0289 1020	Sym_u3 - ok

15:37:20.0394 1020	Tcpip           (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys

15:37:20.0442 1020	Tcpip - ok

15:37:20.0672 1020	Tcpip6          (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys

15:37:20.0682 1020	Tcpip6 - ok

15:37:20.0743 1020	tcpipreg        (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys

15:37:20.0745 1020	tcpipreg - ok

15:37:20.0773 1020	TDPIPE          (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

15:37:20.0792 1020	TDPIPE - ok

15:37:20.0809 1020	TDTCP           (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

15:37:20.0810 1020	TDTCP - ok

15:37:20.0861 1020	tdx             (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

15:37:20.0863 1020	tdx - ok

15:37:20.0894 1020	TermDD          (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

15:37:20.0895 1020	TermDD - ok

15:37:20.0954 1020	tssecsrv        (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:37:20.0955 1020	tssecsrv - ok

15:37:20.0976 1020	tunmp           (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

15:37:20.0976 1020	tunmp - ok

15:37:21.0032 1020	tunnel          (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

15:37:21.0048 1020	tunnel - ok

15:37:21.0081 1020	uagp35          (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys

15:37:21.0082 1020	uagp35 - ok

15:37:21.0140 1020	udfs            (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

15:37:21.0144 1020	udfs - ok

15:37:21.0177 1020	uliagpkx        (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys

15:37:21.0179 1020	uliagpkx - ok

15:37:21.0209 1020	uliahci         (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys

15:37:21.0214 1020	uliahci - ok

15:37:21.0240 1020	UlSata          (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

15:37:21.0242 1020	UlSata - ok

15:37:21.0267 1020	ulsata2         (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

15:37:21.0270 1020	ulsata2 - ok

15:37:21.0292 1020	umbus           (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

15:37:21.0294 1020	umbus - ok

15:37:21.0309 1020	UMPass          (01abe05c401e70795b43a8933b44831e) C:\Windows\system32\DRIVERS\umpass.sys

15:37:21.0310 1020	UMPass - ok

15:37:21.0383 1020	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

15:37:21.0385 1020	USBAAPL64 - ok

15:37:21.0459 1020	usbaudio        (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys

15:37:21.0462 1020	usbaudio - ok

15:37:21.0470 1020	usbccgp         (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys

15:37:21.0472 1020	usbccgp - ok

15:37:21.0493 1020	usbcir          (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

15:37:21.0495 1020	usbcir - ok

15:37:21.0541 1020	usbehci         (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

15:37:21.0543 1020	usbehci - ok

15:37:21.0583 1020	usbhub          (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

15:37:21.0586 1020	usbhub - ok

15:37:21.0614 1020	usbohci         (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys

15:37:21.0615 1020	usbohci - ok

15:37:21.0623 1020	usbprint        (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

15:37:21.0624 1020	usbprint - ok

15:37:21.0647 1020	usbscan         (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys

15:37:21.0648 1020	usbscan - ok

15:37:21.0668 1020	USBSTOR         (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:37:21.0669 1020	USBSTOR - ok

15:37:21.0704 1020	usbuhci         (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

15:37:21.0725 1020	usbuhci - ok

15:37:21.0763 1020	vga             (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys

15:37:21.0765 1020	vga - ok

15:37:21.0773 1020	VgaSave         (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

15:37:21.0774 1020	VgaSave - ok

15:37:21.0807 1020	viaide          (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

15:37:21.0808 1020	viaide - ok

15:37:21.0824 1020	volmgr          (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

15:37:21.0825 1020	volmgr - ok

15:37:21.0880 1020	volmgrx         (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

15:37:21.0884 1020	volmgrx - ok

15:37:21.0901 1020	volsnap         (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

15:37:21.0903 1020	volsnap - ok

15:37:21.0934 1020	vsmraid         (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys

15:37:21.0937 1020	vsmraid - ok

15:37:21.0971 1020	WacomPen        (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

15:37:21.0972 1020	WacomPen - ok

15:37:22.0028 1020	Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

15:37:22.0031 1020	Wanarp - ok

15:37:22.0034 1020	Wanarpv6        (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

15:37:22.0035 1020	Wanarpv6 - ok

15:37:22.0066 1020	Wd              (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys

15:37:22.0085 1020	Wd - ok

15:37:22.0138 1020	Wdf01000        (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys

15:37:22.0148 1020	Wdf01000 - ok

15:37:22.0213 1020	winachsf        (a53cde6beea165fe9b430476eede3c54) C:\Windows\system32\DRIVERS\CAX_CNXT.sys

15:37:22.0230 1020	winachsf - ok

15:37:22.0326 1020	WmiAcpi         (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\drivers\wmiacpi.sys

15:37:22.0345 1020	WmiAcpi - ok

15:37:22.0424 1020	WpdUsb          (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

15:37:22.0425 1020	WpdUsb - ok

15:37:22.0457 1020	ws2ifsl         (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

15:37:22.0458 1020	ws2ifsl - ok

15:37:22.0518 1020	WUDFRd          (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:37:22.0520 1020	WUDFRd - ok

15:37:22.0565 1020	XAudio          (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys

15:37:22.0566 1020	XAudio - ok

15:37:22.0636 1020	xport360        (5c4219c10b5887dff85e1d2779aed55b) C:\Windows\system32\Drivers\xport360_usb_v2_x64.sys

15:37:22.0638 1020	xport360 - ok

15:37:22.0656 1020	MBR (0x1B8)     (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

15:37:22.0671 1020	\Device\Harddisk0\DR0 - ok

15:37:22.0708 1020	Boot (0x1200)   (f7b3d4355901439c142a635e5e09771e) \Device\Harddisk0\DR0\Partition0

15:37:22.0709 1020	\Device\Harddisk0\DR0\Partition0 - ok

15:37:22.0737 1020	Boot (0x1200)   (03ff3b6fadddba8b46cc06b9759eab41) \Device\Harddisk0\DR0\Partition1

15:37:22.0797 1020	\Device\Harddisk0\DR0\Partition1 - ok

15:37:22.0797 1020	============================================================

15:37:22.0797 1020	Scan finished

15:37:22.0797 1020	============================================================

15:37:22.0820 4084	Detected object count: 0

15:37:22.0820 4084	Actual detected object count: 0



#10 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 30 November 2011 - 06:20 PM

Hi mmsboiballa,

In the future, just copy and paste logs, please don't put them in code boxes (that was just for the MiniToolBox log).


Let's reset your router....

Go Start>in the search fild, type in: cmd
Hold down the Ctrl, Shift keys and press the Enter key (this starts the Command Prompt as an Administrator)

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Turn the computer off.

On your router, you'll find a pinhole marked "Reset".
Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
NOTE. Simple router disconnecting from a power source will NOT do.

Restart computer and check for redirections. Please let me know whether you are still being redirected.

NOTE. You may need to re-check your router security settings, as described HERE
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#11 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 30 November 2011 - 09:12 PM

IDK what I did but somehow it works now and I'm not getting redirected but all I need is that google auto complete thing to pop up but it's so miniscule it doesn't matter if you help me with that I suppose but I would appreciate it if you did

Edited by mmsboiballa, 30 November 2011 - 11:07 PM.


#12 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 01 December 2011 - 07:08 PM

Hi mmsboiballa,

Glad the Google redirecting seems to be gone. :thumbup2:

I'm unsure of the question you're asking. Could you rephrase your question, please? Are you asking how to increase the size of the Google auto complete pop-up? Are you using Firefox or Internet Explorer?
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#13 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 02 December 2011 - 04:10 PM

the redirecting started back up again :(

#14 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:09:26 PM

Posted 02 December 2011 - 05:48 PM

Hi mmsboiballa,

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#15 mmsboiballa

mmsboiballa
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:26 PM

Posted 03 December 2011 - 12:54 AM

I tried running it and I got a blue screen and my computer rebooted




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users