Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

bloodhound.malpe


  • This topic is locked This topic is locked
9 replies to this topic

#1 tagman66

tagman66

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 PM

Posted 10 March 2012 - 03:16 PM

Hello
how do i stop this from coming back my antivirus quarantines bloodhound.malpe heuristics at least once a day i ran eset online scanner malwarebytes tdskiller and superanti spyware they all found somthing different and eliminated or quarantined is there anything else i can run ?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 PM

Posted 10 March 2012 - 09:08 PM

Hello tagman. Lets look a bit further. Please post the tdskiller log. Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

>>>>

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 tagman66

tagman66
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 PM

Posted 11 March 2012 - 06:33 AM

Hello again just to let you know the computor you worked on first was my desktop i was also running the same scans on my lap top because it was acting the same and running really slow the desk top is still working great



MiniToolBox by Farbar Version: 18-01-2012
Ran by Anthony (administrator) on 11-03-2012 at 07:18:06
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 2200BG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : acer-ac84c68ad2

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : gateway.2wire.net



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . : gateway.2wire.net

Description . . . . . . . . . . . : Intel® PRO/Wireless 2200BG Network Connection

Physical Address. . . . . . . . . : 00-12-F0-A7-E4-4B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.2.11

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.2.1

DHCP Server . . . . . . . . . . . : 192.168.2.1

DNS Servers . . . . . . . . . . . : 192.168.2.1

Lease Obtained. . . . . . . . . . : March 11, 2012 7:14:55 AM

Lease Expires . . . . . . . . . . : March 14, 2012 7:14:55 AM



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet

Physical Address. . . . . . . . . : 00-C0-9F-AF-5A-08

Server: mymodem
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.226.68, 74.125.226.72, 74.125.226.69, 74.125.226.78
74.125.226.66, 74.125.226.67, 74.125.226.70, 74.125.226.64, 74.125.226.71
74.125.226.65, 74.125.226.73



Pinging google.com [74.125.226.68] with 32 bytes of data:



Reply from 74.125.226.68: bytes=32 time=30ms TTL=54

Reply from 74.125.226.68: bytes=32 time=14ms TTL=54



Ping statistics for 74.125.226.68:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 14ms, Maximum = 30ms, Average = 22ms

Server: mymodem
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.127.62, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [98.139.127.62] with 32 bytes of data:



Reply from 98.139.127.62: bytes=32 time=125ms TTL=51

Reply from 98.139.127.62: bytes=32 time=113ms TTL=51



Ping statistics for 98.139.127.62:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 113ms, Maximum = 125ms, Average = 119ms

Server: mymodem
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 12 f0 a7 e4 4b ...... Intel® PRO/Wireless 2200BG Network Connection - Teefer2 Miniport
0x10004 ...00 c0 9f af 5a 08 ...... Broadcom NetXtreme Gigabit Ethernet - Teefer2 Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.11 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.2.11 192.168.2.11 20
192.168.2.0 255.255.255.0 192.168.2.11 192.168.2.11 25
192.168.2.11 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.11 192.168.2.11 25
224.0.0.0 240.0.0.0 192.168.2.11 192.168.2.11 25
255.255.255.255 255.255.255.255 192.168.2.11 10004 1
255.255.255.255 255.255.255.255 192.168.2.11 192.168.2.11 1
Default Gateway: 192.168.2.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/11/2012 07:15:12 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2.local.

Error: (03/11/2012 07:15:12 AM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.11:5353 25 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2-2.local.

Error: (03/11/2012 07:08:42 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (03/11/2012 07:08:39 AM) (Source: Userenv) (User: Anthony)Anthony
Description: Windows has backed up this user's profile. Windows will automatically try to use the backed up profile the next time this user logs on.

Error: (03/11/2012 07:08:39 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. If this problem persists, contact your network administrator.


DETAIL - The process cannot access the file because it is being used by another process.

Error: (03/11/2012 07:08:26 AM) (Source: Userenv) (User: SYSTEM)SYSTEM
Description: Windows was unable to load the registry. This is often caused by insufficient memory or insufficient security rights.


DETAIL - The process cannot access the file because it is being used by another process. for C:\Documents and Settings\Anthony\ntuser.dat

Error: (03/10/2012 06:29:10 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:anthony@quantserve.com/ by: Manual scan. Action: Quarantine failed : Leave Alone failed. Action Description: The file was deleted successfully.

Error: (03/10/2012 05:43:04 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2.local.

Error: (03/10/2012 05:43:04 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.11:5353 25 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2-2.local.

Error: (03/09/2012 10:00:19 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:57 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:56 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:56 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (03/10/2012 05:48:56 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (03/11/2012 07:15:12 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2.local.

Error: (03/11/2012 07:15:12 AM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.11:5353 25 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2-2.local.

Error: (03/11/2012 07:08:42 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description:

Error: (03/11/2012 07:08:39 AM) (Source: Userenv)(User: Anthony)Anthony
Description:

Error: (03/11/2012 07:08:39 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The process cannot access the file because it is being used by another process.

Error: (03/11/2012 07:08:26 AM) (Source: Userenv)(User: SYSTEM)SYSTEM
Description: The process cannot access the file because it is being used by another process. C:\Documents and Settings\Anthony\ntuser.dat

Error: (03/10/2012 06:29:10 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:anthony@quantserve.com/ by: Manual scan. Action: Quarantine failed : Leave Alone failed. Action Description: The file was deleted successfully.

Error: (03/10/2012 05:43:04 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2.local.

Error: (03/10/2012 05:43:04 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.11:5353 25 11.2.168.192.in-addr.arpa. PTR acer-ac84c68ad2-2.local.

Error: (03/09/2012 10:00:19 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

Acer eManager for Notebook (Version: 1.0.29.44)
Acer eNetManagement (Version: 1.0.0.7)
Acer ePowerManagement (Version: 1.5.6.257)
Acer GridVista (Version: 2.27.0429)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Adobe Reader X (10.1.2) (Version: 10.1.2)
aioprnt (Version: 5.3.1.0)
aioscnnr (Version: 6.2.3.10)
aioscnnr (Version: 7.3.4.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
BitTorrent (Version: 7.5.0)
Bonjour (Version: 3.0.0.10)
C4USelfUpdater (Version: 1.00.0000)
center (Version: 6.2.5.0)
Conexant AC-Link Audio
ESET Online Scanner v3
essentials (Version: 6.0.14.0)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.99)
High-Definition Video Playback (Version: 11.1.10400.2.65)
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 29 (Version: 6.0.290)
K-Lite Codec Pack 6.8.0 (Basic) (Version: 6.8.0)
Kodak AIO Printer (Version: 7.3.4.0)
KODAK AiO Software (Version: 7.3.8.20)
ksDIP (Version: 3.20.0000.0000)
Launch Manager
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.96)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
mCore (Version: 1.23.0000)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mMHouse (Version: 1.23.0000)
mPfMgr (Version: 1.23.0000)
mProSafe (Version: 9.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
mWlsSafe (Version: 9.00.0000)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero Core Components 11 (Version: 11.0.15000.1.12)
Nero Kwik Media (Version: 1.10.23000.128.100)
Nero Kwik Media (Version: 11.0.15300)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Update (Version: 11.0.10623.22.0)
nero.prerequisites.msi (Version: 11.0.20008)
ocr (Version: 6.2.3.50)
OpenOffice.org 3.2 (Version: 3.2.9502)
PreReq (Version: 6.2.3.0)
QuickTime (Version: 7.69.80.9)
SoftV92 Data Fax Modem with SmartCP
SpywareBlaster 4.4 (Version: 4.4.0)
SUPERAntiSpyware (Version: 5.0.1146)
Symantec Endpoint Protection (Version: 11.0.6005.562)
Synaptics Pointing Device Driver (Version: 7.12.3.0)
Texas Instruments PCIxx21/x515 drivers. (Version: 1.08.0000)
TIxx21 (Version: 1.08.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 19.3.2010.5)

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 502.05 MB
Available physical RAM: 194.29 MB
Total Pagefile: 1227.66 MB
Available Pagefile: 861.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.8 MB

========================= Partitions: =====================================

1 Drive c: (ACER) (Fixed) (Total:149.01 GB) (Free:122.13 GB) FAT32

========================= Users: ========================================

User accounts for \\ACER-AC84C68AD2

Administrator Anthony Guest
HelpAssistant Nichole Shayne GooredFix by jpshortstuff (03.07.10.1)
Log created at 07:21 on 11/03/2012 (Anthony)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-11 07:22:41
-----------------------------
07:22:41.859 OS Version: Windows 5.1.2600 Service Pack 3
07:22:41.859 Number of processors: 1 586 0xD08
07:22:41.859 ComputerName: ACER-AC84C68AD2 UserName: Anthony
07:22:43.328 Initialize success
07:23:17.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
07:23:17.453 Disk 0 Vendor: SAMSUNG_HM160HC LQ100-10 Size: 152627MB BusType: 3
07:23:17.468 Disk 0 MBR read successfully
07:23:17.468 Disk 0 MBR scan
07:23:17.468 Disk 0 unknown MBR code
07:23:17.468 Disk 0 Partition 1 80 (A) 0C FAT32 LBA MSWIN4.1 152625 MB offset 63
07:23:17.468 Disk 0 scanning sectors +312576705
07:23:17.531 Disk 0 scanning C:\WINDOWS\system32\drivers
07:23:31.062 Service scanning
07:23:38.265 Service SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys **LOCKED** 32
07:23:38.421 Service Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys **LOCKED** 32
07:23:39.671 Service WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys **LOCKED** 32
07:23:39.687 Service WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys **LOCKED** 32
07:23:40.750 Modules scanning
07:23:44.140 Disk 0 trace - called modules:18:38:43.0953 5692 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
18:38:44.0265 5692 ============================================================
18:38:44.0265 5692 Current date / time: 2012/03/09 18:38:44.0265
18:38:44.0265 5692 SystemInfo:
18:38:44.0265 5692
18:38:44.0265 5692 OS Version: 5.1.2600 ServicePack: 3.0
18:38:44.0265 5692 Product type: Workstation
18:38:44.0265 5692 ComputerName: ACER-AC84C68AD2
18:38:44.0281 5692 UserName: Anthony
18:38:44.0281 5692 Windows directory: C:\WINDOWS
18:38:44.0281 5692 System windows directory: C:\WINDOWS
18:38:44.0281 5692 Processor architecture: Intel x86
18:38:44.0281 5692 Number of processors: 1
18:38:44.0281 5692 Page size: 0x1000
18:38:44.0281 5692 Boot type: Normal boot
18:38:44.0281 5692 ============================================================
18:38:47.0109 5692 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:38:47.0140 5692 \Device\Harddisk0\DR0:
18:38:47.0140 5692 MBR used
18:38:47.0140 5692 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x12A18A82
18:38:47.0140 5692 Initialize success
18:38:47.0140 5692 ============================================================
18:38:55.0125 2868 ============================================================
18:38:55.0125 2868 Scan started
18:38:55.0125 2868 Mode: Manual;
18:38:55.0125 2868 ============================================================
18:38:55.0734 2868 Abiosdsk - ok
18:38:55.0968 2868 abp480n5 - ok
18:38:56.0203 2868 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:38:56.0375 2868 ACPI - ok
18:38:56.0484 2868 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:38:56.0531 2868 ACPIEC - ok
18:38:56.0765 2868 adpu160m - ok
18:38:57.0000 2868 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:38:57.0015 2868 aec - ok
18:38:57.0250 2868 AegisP (f498fd605c08404b20a48954c722ff74) C:\WINDOWS\system32\DRIVERS\AegisP.sys
18:38:57.0296 2868 AegisP - ok
18:38:57.0406 2868 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
18:38:57.0453 2868 AFD - ok
18:38:57.0687 2868 Aha154x - ok
18:38:57.0921 2868 aic78u2 - ok
18:38:58.0140 2868 aic78xx - ok
18:38:58.0375 2868 AliIde - ok
18:38:58.0609 2868 amsint - ok
18:38:58.0843 2868 AR5211 (67f7d2c3a9265ee0534e36fe952f2ac4) C:\WINDOWS\system32\DRIVERS\ar5211.sys
18:38:58.0875 2868 AR5211 - ok
18:38:59.0140 2868 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:38:59.0187 2868 Arp1394 - ok
18:38:59.0437 2868 asc - ok
18:38:59.0671 2868 asc3350p - ok
18:38:59.0921 2868 asc3550 - ok
18:39:00.0140 2868 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:39:00.0171 2868 AsyncMac - ok
18:39:00.0437 2868 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:39:00.0437 2868 atapi - ok
18:39:00.0718 2868 Atdisk - ok
18:39:00.0953 2868 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:39:00.0968 2868 Atmarpc - ok
18:39:01.0171 2868 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:39:01.0203 2868 audstub - ok
18:39:01.0359 2868 b57w2k (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:39:01.0406 2868 b57w2k - ok
18:39:01.0531 2868 bcm4sbxp (e727776a56a51b7e6b7c87c02ea8b405) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
18:39:01.0546 2868 bcm4sbxp - ok
18:39:01.0609 2868 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:39:01.0656 2868 Beep - ok
18:39:01.0734 2868 CAMCAUD (baa90d983f77759fc70c65a1ce3d3566) C:\WINDOWS\system32\drivers\camcaud.sys
18:39:01.0750 2868 CAMCAUD - ok
18:39:01.0828 2868 CAMCHALA (90d9c324df48bb8e3024e79f5c181784) C:\WINDOWS\system32\drivers\camchal.sys
18:39:01.0859 2868 CAMCHALA - ok
18:39:02.0109 2868 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:39:02.0125 2868 cbidf2k - ok
18:39:02.0359 2868 cd20xrnt - ok
18:39:02.0390 2868 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:39:02.0437 2868 Cdaudio - ok
18:39:02.0734 2868 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:39:02.0765 2868 Cdfs - ok
18:39:03.0031 2868 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:39:03.0171 2868 Cdrom - ok
18:39:03.0421 2868 Changer - ok
18:39:03.0656 2868 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:39:03.0703 2868 CmBatt - ok
18:39:03.0968 2868 CmdIde - ok
18:39:04.0109 2868 COH_Mon (de88a385898f6d13026f94f749fbaed2) C:\WINDOWS\system32\Drivers\COH_Mon.sys
18:39:04.0281 2868 COH_Mon - ok
18:39:04.0484 2868 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:39:04.0500 2868 Compbatt - ok
18:39:04.0781 2868 Cpqarray - ok
18:39:05.0015 2868 dac2w2k - ok
18:39:05.0234 2868 dac960nt - ok
18:39:05.0437 2868 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:39:05.0500 2868 Disk - ok
18:39:05.0703 2868 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\Drivers\DKbFltr.sys
18:39:05.0750 2868 DKbFltr - ok
18:39:05.0984 2868 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
18:39:06.0046 2868 dmboot - ok
18:39:06.0265 2868 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
18:39:06.0281 2868 dmio - ok
18:39:06.0343 2868 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:39:06.0375 2868 dmload - ok
18:39:06.0593 2868 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:39:06.0640 2868 DMusic - ok
18:39:06.0906 2868 dpti2o - ok
18:39:07.0109 2868 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:39:07.0156 2868 drmkaud - ok
18:39:07.0343 2868 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:39:07.0453 2868 eeCtrl - ok
18:39:07.0656 2868 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
18:39:07.0687 2868 EpmPsd - ok
18:39:07.0843 2868 EpmShd (b2d71ba438701b5f0368b958bea2dc62) C:\WINDOWS\system32\drivers\epm-shd.sys
18:39:07.0921 2868 EpmShd - ok
18:39:08.0015 2868 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:39:08.0109 2868 EraserUtilRebootDrv - ok
18:39:08.0359 2868 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:39:08.0453 2868 Fastfat - ok
18:39:08.0718 2868 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:39:08.0750 2868 Fdc - ok
18:39:08.0984 2868 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
18:39:08.0984 2868 Fips - ok
18:39:09.0265 2868 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:39:09.0343 2868 Flpydisk - ok
18:39:09.0421 2868 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:39:09.0484 2868 FltMgr - ok
18:39:09.0515 2868 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:39:09.0531 2868 Fs_Rec - ok
18:39:09.0562 2868 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:39:09.0562 2868 Ftdisk - ok
18:39:09.0687 2868 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:39:09.0812 2868 GEARAspiWDM - ok
18:39:10.0046 2868 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:39:10.0156 2868 Gpc - ok
18:39:10.0343 2868 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:39:10.0375 2868 HidUsb - ok
18:39:10.0625 2868 hpn - ok
18:39:10.0750 2868 HSFHWICH (e7bcc7ec37dd2dd36a39bb9ac87a897b) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
18:39:10.0765 2868 HSFHWICH - ok
18:39:10.0937 2868 HSF_DPV (822c60f2abee73a0e089230d94064f39) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
18:39:10.0968 2868 HSF_DPV - ok
18:39:11.0078 2868 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:39:11.0125 2868 HTTP - ok
18:39:11.0359 2868 i2omgmt - ok
18:39:11.0609 2868 i2omp - ok
18:39:11.0843 2868 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:39:12.0000 2868 i8042prt - ok
18:39:12.0375 2868 ialm (afbf1b43cc830bdc03b582003da439c2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:39:12.0390 2868 ialm - ok
18:39:12.0593 2868 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:39:12.0687 2868 Imapi - ok
18:39:12.0953 2868 ini910u - ok
18:39:13.0156 2868 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
18:39:13.0203 2868 IntelIde - ok
18:39:13.0484 2868 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:39:13.0531 2868 intelppm - ok
18:39:13.0796 2868 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:39:13.0812 2868 Ip6Fw - ok
18:39:13.0906 2868 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:39:13.0921 2868 IpFilterDriver - ok
18:39:14.0140 2868 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:39:14.0171 2868 IpInIp - ok
18:39:14.0437 2868 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:39:14.0515 2868 IpNat - ok
18:39:14.0796 2868 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:39:14.0906 2868 IPSec - ok
18:39:15.0140 2868 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
18:39:15.0156 2868 irda - ok
18:39:15.0437 2868 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:39:15.0484 2868 IRENUM - ok
18:39:15.0718 2868 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:39:15.0843 2868 isapnp - ok
18:39:16.0093 2868 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:39:16.0125 2868 Kbdclass - ok
18:39:16.0359 2868 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:39:16.0375 2868 kmixer - ok
18:39:16.0546 2868 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:39:16.0546 2868 KSecDD - ok
18:39:16.0812 2868 lbrtfdc - ok
18:39:16.0984 2868 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
18:39:17.0078 2868 MBAMSwissArmy - ok
18:39:17.0359 2868 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:39:17.0406 2868 mdmxsdk - ok
18:39:17.0500 2868 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:39:17.0531 2868 mnmdd - ok
18:39:17.0750 2868 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
18:39:17.0843 2868 Modem - ok
18:39:18.0109 2868 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:39:18.0109 2868 Mouclass - ok
18:39:18.0265 2868 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:39:18.0281 2868 mouhid - ok
18:39:18.0468 2868 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:39:18.0500 2868 MountMgr - ok
18:39:18.0765 2868 mraid35x - ok
18:39:18.0968 2868 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:39:19.0015 2868 MRxDAV - ok
18:39:19.0265 2868 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:39:19.0375 2868 MRxSmb - ok
18:39:19.0546 2868 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:39:19.0609 2868 Msfs - ok
18:39:19.0828 2868 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:39:19.0859 2868 MSKSSRV - ok
18:39:20.0093 2868 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:39:20.0125 2868 MSPCLOCK - ok
18:39:20.0328 2868 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:39:20.0343 2868 MSPQM - ok
18:39:20.0625 2868 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:39:20.0671 2868 mssmbios - ok
18:39:20.0828 2868 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:39:20.0843 2868 Mup - ok
18:39:21.0078 2868 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120309.002\NAVENG.SYS
18:39:21.0078 2868 NAVENG - ok
18:39:21.0218 2868 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120309.002\NAVEX15.SYS
18:39:21.0265 2868 NAVEX15 - ok
18:39:21.0515 2868 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:39:21.0703 2868 NDIS - ok
18:39:21.0875 2868 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:39:21.0875 2868 NdisTapi - ok
18:39:22.0109 2868 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:39:22.0140 2868 Ndisuio - ok
18:39:22.0484 2868 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:39:22.0640 2868 NdisWan - ok
18:39:22.0781 2868 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:39:22.0796 2868 NDProxy - ok
18:39:22.0984 2868 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:39:23.0000 2868 NetBIOS - ok
18:39:23.0171 2868 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:39:23.0265 2868 NetBT - ok
18:39:23.0500 2868 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:39:23.0609 2868 NIC1394 - ok
18:39:23.0796 2868 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:39:23.0796 2868 Npfs - ok
18:39:24.0015 2868 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
18:39:24.0062 2868 NSCIRDA - ok
18:39:24.0296 2868 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:39:24.0328 2868 Ntfs - ok
18:39:24.0500 2868 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
18:39:24.0546 2868 NTIDrvr - ok
18:39:24.0609 2868 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:39:24.0656 2868 Null - ok
18:39:24.0718 2868 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:39:24.0734 2868 NwlnkFlt - ok
18:39:24.0812 2868 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:39:24.0843 2868 NwlnkFwd - ok
18:39:25.0031 2868 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:39:25.0140 2868 ohci1394 - ok
18:39:25.0312 2868 osaio (b270a30ae97524e7edb5eca7b2afb846) C:\WINDOWS\system32\drivers\osaio.sys
18:39:25.0312 2868 osaio - ok
18:39:25.0453 2868 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
18:39:25.0500 2868 osanbm - ok
18:39:25.0703 2868 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
18:39:25.0718 2868 Parport - ok
18:39:25.0906 2868 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:39:25.0921 2868 PartMgr - ok
18:39:25.0953 2868 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
18:39:26.0000 2868 ParVdm - ok
18:39:26.0171 2868 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
18:39:26.0187 2868 PCI - ok
18:39:26.0406 2868 PCIDump - ok
18:39:26.0531 2868 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:39:26.0562 2868 PCIIde - ok
18:39:26.0734 2868 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
18:39:26.0781 2868 Pcmcia - ok
18:39:27.0015 2868 PDCOMP - ok
18:39:27.0234 2868 PDFRAME - ok
18:39:27.0468 2868 PDRELI - ok
18:39:27.0734 2868 PDRFRAME - ok
18:39:27.0953 2868 perc2 - ok
18:39:28.0187 2868 perc2hib - ok
18:39:28.0359 2868 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
18:39:28.0390 2868 pfc - ok
18:39:28.0578 2868 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:39:28.0656 2868 PptpMiniport - ok
18:39:28.0828 2868 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:39:28.0890 2868 PSched - ok
18:39:28.0937 2868 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:39:29.0000 2868 Ptilink - ok
18:39:29.0250 2868 ql1080 - ok
18:39:29.0484 2868 Ql10wnt - ok
18:39:29.0718 2868 ql12160 - ok
18:39:29.0937 2868 ql1240 - ok
18:39:30.0203 2868 ql1280 - ok
18:39:30.0265 2868 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:39:30.0343 2868 RasAcd - ok
18:39:30.0484 2868 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:39:30.0500 2868 Rasirda - ok
18:39:30.0656 2868 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:39:30.0703 2868 Rasl2tp - ok
18:39:30.0875 2868 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:39:31.0000 2868 RasPppoe - ok
18:39:31.0031 2868 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:39:31.0078 2868 Raspti - ok
18:39:31.0265 2868 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:39:31.0281 2868 Rdbss - ok
18:39:31.0312 2868 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:39:31.0328 2868 RDPCDD - ok
18:39:31.0500 2868 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:39:31.0562 2868 RDPWD - ok
18:39:31.0750 2868 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:39:31.0843 2868 redbook - ok
18:39:31.0859 2868 rpcapd - ok
18:39:32.0031 2868 s24trans (85a26a3bb748dfd3170cdbf45b0dd7fd) C:\WINDOWS\system32\DRIVERS\s24trans.sys
18:39:32.0078 2868 s24trans - ok
18:39:32.0234 2868 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:39:32.0312 2868 SASDIFSV - ok
18:39:32.0390 2868 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:39:32.0484 2868 SASKUTIL - ok
18:39:32.0812 2868 SCDEmu (9feb2026a460916d1a1198b460632630) C:\WINDOWS\system32\drivers\SCDEmu.sys
18:39:32.0890 2868 SCDEmu - ok
18:39:33.0062 2868 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:39:33.0093 2868 Secdrv - ok
18:39:33.0281 2868 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
18:39:33.0312 2868 Serial - ok
18:39:33.0531 2868 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:39:33.0562 2868 Sfloppy - ok
18:39:33.0812 2868 Simbad - ok
18:39:34.0046 2868 Sparrow - ok
18:39:34.0187 2868 SPBBCDrv (e87cf104f12c92401c4d33c50a3d5dc8) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
18:39:34.0281 2868 SPBBCDrv - ok
18:39:34.0484 2868 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:39:34.0484 2868 splitter - ok
18:39:34.0656 2868 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
18:39:34.0687 2868 sr - ok
18:39:34.0828 2868 SRTSP (5a293729e1f9fce3a2106d1f5dc5e98a) C:\WINDOWS\system32\Drivers\SRTSP.SYS
18:39:34.0890 2868 SRTSP - ok
18:39:35.0031 2868 SRTSPL (0ddb7fba32be09d8057063c0cee24137) C:\WINDOWS\system32\Drivers\SRTSPL.SYS
18:39:35.0109 2868 SRTSPL - ok
18:39:35.0250 2868 SRTSPX (a99719dfb61b61aa5026341bbb733c0a) C:\WINDOWS\system32\Drivers\SRTSPX.SYS
18:39:35.0312 2868 SRTSPX - ok
18:39:35.0406 2868 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:39:35.0437 2868 Srv - ok
18:39:35.0609 2868 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:39:35.0640 2868 swenum - ok
18:39:35.0812 2868 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:39:35.0843 2868 swmidi - ok
18:39:36.0093 2868 symc810 - ok
18:39:36.0312 2868 symc8xx - ok
18:39:36.0437 2868 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
18:39:36.0578 2868 SymEvent - ok
18:39:36.0687 2868 SYMREDRV (394b2368212114d538316812af60fddd) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
18:39:36.0781 2868 SYMREDRV - ok
18:39:36.0906 2868 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
18:39:36.0968 2868 SYMTDI - ok
18:39:37.0218 2868 sym_hi - ok
18:39:37.0453 2868 sym_u3 - ok
18:39:37.0593 2868 SynTP (eb363ddfbe8b6d51003ccab29d93d744) C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:39:37.0656 2868 SynTP - ok
18:39:38.0015 2868 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:39:38.0046 2868 sysaudio - ok
18:39:38.0187 2868 SysPlant (5dcc2c7acc29dfba5ba82ed47d99c7e5) C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
18:39:38.0250 2868 SysPlant - ok
18:39:38.0390 2868 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:39:38.0406 2868 Tcpip - ok
18:39:38.0593 2868 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:39:38.0671 2868 TDPIPE - ok
18:39:38.0859 2868 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:39:38.0937 2868 TDTCP - ok
18:39:39.0093 2868 Teefer2 (1d3c046a9106de97ddc8276958700bf4) C:\WINDOWS\system32\DRIVERS\teefer2.sys
18:39:39.0171 2868 Teefer2 - ok
18:39:39.0343 2868 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:39:39.0437 2868 TermDD - ok
18:39:39.0609 2868 tifm21 (8778a553003a3d37a550a1f9cff6be28) C:\WINDOWS\system32\drivers\tifm21.sys
18:39:39.0656 2868 tifm21 - ok
18:39:39.0890 2868 TosIde - ok
18:39:40.0078 2868 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:39:40.0125 2868 Udfs - ok
18:39:40.0375 2868 ultra - ok
18:39:40.0640 2868 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:39:40.0687 2868 Update - ok
18:39:40.0875 2868 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
18:39:40.0937 2868 USBAAPL - ok
18:39:41.0062 2868 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:39:41.0078 2868 usbccgp - ok
18:39:41.0312 2868 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:39:41.0359 2868 usbehci - ok
18:39:41.0531 2868 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:39:41.0640 2868 usbhub - ok
18:39:41.0781 2868 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:39:41.0828 2868 usbprint - ok
18:39:41.0968 2868 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:39:42.0000 2868 usbscan - ok
18:39:42.0156 2868 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:39:42.0187 2868 USBSTOR - ok
18:39:42.0359 2868 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:39:42.0390 2868 usbuhci - ok
18:39:42.0562 2868 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:39:42.0593 2868 VgaSave - ok
18:39:42.0843 2868 ViaIde - ok
18:39:43.0000 2868 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
18:39:43.0031 2868 VolSnap - ok
18:39:43.0296 2868 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
18:39:43.0421 2868 w29n51 - ok
18:39:43.0625 2868 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:39:43.0656 2868 Wanarp - ok
18:39:43.0890 2868 WDICA - ok
18:39:44.0046 2868 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:39:44.0093 2868 wdmaud - ok
18:39:44.0328 2868 winachsf (5ea185425bfcbc2d4b96d673d8c4deaf) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:39:44.0343 2868 winachsf - ok
18:39:44.0500 2868 WPS (e8e745b8eee63c7cf7d34833d3b8ca7f) C:\WINDOWS\system32\drivers\wpsdrvnt.sys
18:39:44.0546 2868 WPS - ok
18:39:44.0671 2868 WpsHelper (ff983a25ae6f7d3f87f26bf51f02a201) C:\WINDOWS\system32\drivers\WpsHelper.sys
18:39:44.0765 2868 WpsHelper - ok
18:39:44.0937 2868 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:39:44.0953 2868 WudfPf - ok
18:39:45.0093 2868 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:39:45.0125 2868 WudfRd - ok
18:39:45.0156 2868 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk0\DR0
18:39:45.0312 2868 \Device\Harddisk0\DR0 - ok
18:39:45.0343 2868 Boot (0x1200) (a52c9e0c62a63ca456fd6341d1b678c4) \Device\Harddisk0\DR0\Partition0
18:39:45.0343 2868 \Device\Harddisk0\DR0\Partition0 - ok
18:39:45.0343 2868 ============================================================
18:39:45.0343 2868 Scan finished
18:39:45.0343 2868 ============================================================
18:39:45.0359 4072 Detected object count: 0
18:39:45.0359 4072 Actual detected object count: 0
18:40:19.0218 5596 Deinitialize success

07:23:44.171 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:23:44.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x82b95ab8]
07:23:44.187 3 CLASSPNP.SYS[f84d5fd7] -> nt!IofCallDriver -> \Device\0000007c[0x82b9d1f8]
07:23:44.187 5 ACPI.sys[f834c620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x82afe700]
07:23:44.187 Scan finished successfully
07:23:59.953 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Anthony\Desktop\MBR.dat"
07:23:59.968 The log file has been saved successfully to "C:\Documents and Settings\Anthony\Desktop\aswMBR log.txt"



(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [20:32 23/01/2011]
"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [06:22 23/01/2011]

-=E.O.F=-
SUPPORT_388945a0


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 PM

Posted 11 March 2012 - 09:58 PM

Run SAS scan and ESET
Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.






I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 tagman66

tagman66
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 PM

Posted 12 March 2012 - 04:49 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/08/2012 at 08:05 PM

Application Version : 5.0.1146

Core Rules Database Version : 8319
Trace Rules Database Version: 6131

Scan type : Complete Scan
Total Scan Time : 01:05:44

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 609
Memory threats detected : 0
Registry items scanned : 33072
Registry threats detected : 0
File items scanned : 53194
File threats detected : 414

Adware.Tracking Cookie
C:\Documents and Settings\Anthony\Cookies\anthony@in.getclicky[1].txt [ /in.getclicky ]
C:\Documents and Settings\Anthony\Cookies\anthony@adinterax[2].txt [ /adinterax ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.nascar[1].txt [ /ads.nascar ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.cnn[2].txt [ /ads.cnn ]
C:\Documents and Settings\Anthony\Cookies\anthony@imrworldwide[2].txt [ /imrworldwide ]
C:\Documents and Settings\Anthony\Cookies\anthony@media.treehousetv[1].txt [ /media.treehousetv ]
C:\Documents and Settings\Anthony\Cookies\anthony@uk.discount-cabin[1].txt [ /uk.discount-cabin ]
C:\Documents and Settings\Anthony\Cookies\anthony@adxpose[1].txt [ /adxpose ]
C:\Documents and Settings\Anthony\Cookies\anthony@dealtime[1].txt [ /dealtime ]
C:\Documents and Settings\Anthony\Cookies\anthony@clicksor[2].txt [ /clicksor ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.ad4game[2].txt [ /ads.ad4game ]
C:\Documents and Settings\Anthony\Cookies\anthony@commonsensemedia[1].txt [ /commonsensemedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@rogersmedia[1].txt [ /rogersmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@counters.gigya[1].txt [ /counters.gigya ]
C:\Documents and Settings\Anthony\Cookies\anthony@analytics.rogersmedia[1].txt [ /analytics.rogersmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@shared.rogersmedia[1].txt [ /shared.rogersmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@atrack.art[2].txt [ /atrack.art ]
C:\Documents and Settings\Anthony\Cookies\anthony@adform[1].txt [ /adform ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.trutv[2].txt [ /ads.trutv ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.thefrisky[1].txt [ /ads.thefrisky ]
C:\Documents and Settings\Anthony\Cookies\anthony@richmedia.yahoo[2].txt [ /richmedia.yahoo ]
C:\Documents and Settings\Anthony\Cookies\anthony@virginmedia[2].txt [ /virginmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@adserver.twitpic[1].txt [ /adserver.twitpic ]
C:\Documents and Settings\Anthony\Cookies\anthony@en.ca.msn.stats[1].txt [ /en.ca.msn.stats ]
C:\Documents and Settings\Anthony\Cookies\anthony@www.virginmedia[2].txt [ /www.virginmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@c.gigcount[2].txt [ /c.gigcount ]
C:\Documents and Settings\Anthony\Cookies\anthony@stats.clear-media[1].txt [ /stats.clear-media ]
C:\Documents and Settings\Anthony\Cookies\anthony@viewablemedia[1].txt [ /viewablemedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.vimg[2].txt [ /ads.vimg ]
C:\Documents and Settings\Anthony\Cookies\anthony@media.funpic[1].txt [ /media.funpic ]
C:\Documents and Settings\Anthony\Cookies\anthony@theclicker.today[1].txt [ /theclicker.today ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.glispa[2].txt [ /ads.glispa ]
C:\Documents and Settings\Anthony\Cookies\anthony@ad.us-ec.adtechus[1].txt [ /ad.us-ec.adtechus ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.golf[1].txt [ /ads.golf ]
C:\Documents and Settings\Anthony\Cookies\anthony@tourtracker[2].txt [ /tourtracker ]
C:\Documents and Settings\Anthony\Cookies\anthony@e-2dj6wjnyolcjigp.stats.esomniture[2].txt [ /e-2dj6wjnyolcjigp.stats.esomniture ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.contactmusic[1].txt [ /ads.contactmusic ]
C:\Documents and Settings\Anthony\Cookies\anthony@adserving.versaneeds[1].txt [ /adserving.versaneeds ]
C:\Documents and Settings\Anthony\Cookies\anthony@banners.dragonfable[1].txt [ /banners.dragonfable ]
C:\Documents and Settings\Anthony\Cookies\anthony@stats.sympatico[1].txt [ /stats.sympatico ]
C:\Documents and Settings\Anthony\Cookies\anthony@dealfind[2].txt [ /dealfind ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.adk2[2].txt [ /ads.adk2 ]
C:\Documents and Settings\Anthony\Cookies\anthony@content2.kitnmedia[2].txt [ /content2.kitnmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@media.reitmans[1].txt [ /media.reitmans ]
C:\Documents and Settings\Anthony\Cookies\anthony@optimize.indieclick[2].txt [ /optimize.indieclick ]
C:\Documents and Settings\Anthony\Cookies\anthony@tracking.servedbyy[2].txt [ /tracking.servedbyy ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.swimmingpool[1].txt [ /ads.swimmingpool ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.shorttail[2].txt [ /ads.shorttail ]
C:\Documents and Settings\Anthony\Cookies\anthony@gotacha.rotator.hadj7.adjuggler[1].txt [ /gotacha.rotator.hadj7.adjuggler ]
C:\Documents and Settings\Anthony\Cookies\anthony@gotacha.rotator.hadj7.adjuggler[2].txt [ /gotacha.rotator.hadj7.adjuggler ]
C:\Documents and Settings\Anthony\Cookies\anthony@vehicle-tracking[1].txt [ /vehicle-tracking ]
C:\Documents and Settings\Anthony\Cookies\anthony@steelhousemedia[1].txt [ /steelhousemedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@1.sharkadnetwork[2].txt [ /1.sharkadnetwork ]
C:\Documents and Settings\Anthony\Cookies\anthony@thefind[1].txt [ /thefind ]
C:\Documents and Settings\Anthony\Cookies\anthony@pluckit.demandmedia[2].txt [ /pluckit.demandmedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@dc.tremormedia[1].txt [ /dc.tremormedia ]
C:\Documents and Settings\Anthony\Cookies\anthony@ads.eqads[2].txt [ /ads.eqads ]
C:\Documents and Settings\Anthony\Cookies\E8EIFRS7.txt [ /collective-media.net ]
C:\Documents and Settings\Anthony\Cookies\LX28PSTF.txt [ /adcentriconline.com ]
C:\Documents and Settings\Anthony\Cookies\IKK7X0R6.txt [ /avazutracking.net ]
C:\Documents and Settings\Anthony\Cookies\2F2JHU04.txt [ /invitemedia.com ]
C:\Documents and Settings\Anthony\Cookies\97JDQS8E.txt [ /ads.networldmedia.net ]
C:\Documents and Settings\Anthony\Cookies\K6SH5Z3H.txt [ /networldmedia.net ]
C:\Documents and Settings\Anthony\Cookies\CESSNNO0.txt [ /vitamine.networldmedia.net ]
C:\Documents and Settings\Anthony\Cookies\BQEHD6SH.txt [ /bizrate.com ]
C:\Documents and Settings\Anthony\Cookies\6E4O3XO9.txt [ /media6degrees.com ]
C:\Documents and Settings\Anthony\Cookies\YX5UYP7Y.txt [ /interclick.com ]
C:\Documents and Settings\Anthony\Cookies\3VC0MI3J.txt [ /lucidmedia.com ]
C:\Documents and Settings\Anthony\Cookies\9ZHRL861.txt [ /calendar.pdgmedia.com ]
C:\Documents and Settings\Anthony\Cookies\ITKDCGI2.txt [ /ads.networldmedia.net ]
C:\Documents and Settings\Anthony\Cookies\TZY23XMO.txt [ /atrack.allposters.com ]
C:\Documents and Settings\Anthony\Cookies\LAPGSTNP.txt [ /legolas-media.com ]
C:\Documents and Settings\Anthony\Cookies\252VOBEQ.txt [ /statsadv.dadapro.com ]
C:\Documents and Settings\Anthony\Cookies\THA8Z519.txt [ /ads.undertone.com ]
C:\Documents and Settings\Anthony\Cookies\X69T1RQ1.txt [ /ad.adperium.com ]
C:\Documents and Settings\Anthony\Cookies\D344Q48F.txt [ /mm.chitika.net ]
C:\Documents and Settings\Anthony\Cookies\1NAH73E9.txt [ /www.windowsmedia.com ]
C:\Documents and Settings\Anthony\Cookies\17F07WEJ.txt [ /mediabrandsww.com ]
C:\Documents and Settings\Anthony\Cookies\BYV1MZFC.txt [ /mediaforge.com ]
C:\Documents and Settings\Anthony\Cookies\XEJFZVZC.txt [ /symptomfind.com ]
C:\Documents and Settings\Anthony\Cookies\C2PR10K1.txt [ /rts.pgmediaserve.com ]
C:\Documents and Settings\Anthony\Cookies\anthony@us.sitestat[1].txt [ /us.sitestat.com ]
C:\Documents and Settings\Anthony\Cookies\AXQHIA5U.txt [ /www.bizrate.com ]
C:\Documents and Settings\Anthony\Cookies\R4ZXTGVS.txt [ /ads.songs.pk ]
C:\Documents and Settings\Anthony\Cookies\VRVCXRPU.txt [ /amazon-adsystem.com ]
C:\Documents and Settings\Anthony\Cookies\KGIOJDQ0.txt [ /ads.wagerweb.com ]
C:\Documents and Settings\Anthony\Cookies\QQAN0QPP.txt [ /wstat.wibiya.com ]
C:\Documents and Settings\Anthony\Cookies\anthony@us.sitestat[2].txt [ /us.sitestat.com ]
C:\Documents and Settings\Anthony\Cookies\G8YHNHP7.txt [ /ads2.songs.pk ]
C:\Documents and Settings\Anthony\Cookies\3HE9F28S.txt [ /openx.microsites.transcontinentalmedia.com ]
C:\Documents and Settings\Anthony\Cookies\DZZR5247.txt [ /ads.pubmatic.com ]
C:\Documents and Settings\Anthony\Cookies\9M7OTDBC.txt [ /banner.motorcycle-usa.com ]
C:\Documents and Settings\Anthony\Cookies\FHNENW86.txt [ /ad.jdtracker.com ]
C:\Documents and Settings\Anthony\Cookies\OQIBY14D.txt [ /eyewonder.com ]
C:\Documents and Settings\Anthony\Cookies\HTY2SSKY.txt [ /static.getclicky.com ]
C:\Documents and Settings\Anthony\Cookies\RLRX0Z1W.txt [ /ads.saymedia.com ]
C:\Documents and Settings\Anthony\Cookies\XAMLG25T.txt [ /lfstmedia.com ]
C:\Documents and Settings\Anthony\Cookies\XH84Q2G0.txt [ /gsimedia.net ]
C:\Documents and Settings\Anthony\Cookies\3YZTWNVK.txt [ /www.findlayattorneysbrantford.ca ]
C:\Documents and Settings\Anthony\Cookies\MCXACGE2.txt [ /getclicky.com ]
C:\Documents and Settings\Anthony\Cookies\OH3PNOCF.txt [ /findlayattorneysbrantford.ca ]
C:\Documents and Settings\Anthony\Cookies\UU187V1Q.txt [ /seth.avazutracking.net ]
C:\Documents and Settings\Anthony\Cookies\NCS8L6Y0.txt [ /www.googleadservices.com ]
C:\Documents and Settings\Anthony\Cookies\V2Q1QSJ0.txt [ /home.mywebsearch.com ]
C:\Documents and Settings\Anthony\Cookies\A6E528P7.txt [ /e-2dj6wjkoqmcpohp.stats.esomniture.com ]
C:\Documents and Settings\Anthony\Cookies\1636KAAX.txt [ /accounts.google.com ]
C:\Documents and Settings\Anthony\Cookies\6S1B4S0F.txt [ /traffic.prod.cobaltgroup.com ]
C:\Documents and Settings\Anthony\Cookies\NWMAQMAA.txt [ /ad.wsod.com ]
C:\Documents and Settings\Anthony\Cookies\434HKGW9.txt [ /mywebsearch.com ]
C:\Documents and Settings\Anthony\Cookies\KVUFVRL5.txt [ /ad.adbull.com ]
C:\Documents and Settings\Anthony\Cookies\3LVE37K0.txt [ /pointroll.com ]
C:\Documents and Settings\Anthony\Cookies\PPGK4Z8Q.txt [ /www.googleadservices.com ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\anthony@www.everydayhealth[3].txt [ Cookie:anthony@www.everydayhealth.com/adhd/adult-adhd/ ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\6G04JD1R.txt [ Cookie:anthony@clkads.com/adServe/banners ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\SUOHA470.txt [ Cookie:anthony@delish.com/recipefinder/advanced/ ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\RNWKLSHL.txt [ Cookie:anthony@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\anthony@blogs.babble[2].txt [ Cookie:anthony@blogs.babble.com/being-pregnant/wp-content/plugins/pixelstats/ ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\anthony@marquee.blogs.cnn[9].txt [ Cookie:anthony@marquee.blogs.cnn.com/2011/06/20/cameron-diaz-talks-sex-with-ex-justin-timberlake/ ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\S1GRGA6P.txt [ Cookie:anthony@delish.com/recipefinder/ ]
C:\DOCUMENTS AND SETTINGS\ANTHONY\Cookies\KOXUT37U.txt [ Cookie:anthony@clkads.com/adServe/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\1L27BB7E.txt [ Cookie:shayne@adcentriconline.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\2PVGG98M.txt [ Cookie:shayne@statse.webtrendslive.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@us.sitestat[1].txt [ Cookie:shayne@us.sitestat.com/future/gamesradar/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@us.sitestat[2].txt [ Cookie:shayne@us.sitestat.com/future/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\CYKG1Q0F.txt [ Cookie:shayne@mediaplex.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\1ZY3MPIA.txt [ Cookie:shayne@tacoda.at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\B77LJR80.txt [ Cookie:shayne@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@pointroll[1].txt [ Cookie:shayne@pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\HOGN0K8Z.txt [ Cookie:shayne@invitemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@msnportal.112.2o7[1].txt [ Cookie:shayne@msnportal.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\3OMTTP31.txt [ Cookie:shayne@adbrite.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\TX5QGKY4.txt [ Cookie:shayne@fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\KQ6OFGSG.txt [ Cookie:shayne@www.windowsmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\0PRKJFX0.txt [ Cookie:shayne@networldmedia.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\8X6J2GRD.txt [ Cookie:shayne@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\2RMLR6QG.txt [ Cookie:shayne@legolas-media.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@zedo[2].txt [ Cookie:shayne@zedo.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\B6IVNWZJ.txt [ Cookie:shayne@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\2WW9M2A3.txt [ Cookie:shayne@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@astralmedia.112.2o7[1].txt [ Cookie:shayne@astralmedia.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\HRIVWBL5.txt [ Cookie:shayne@adinterax.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\L91QFNSW.txt [ Cookie:shayne@lfstmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@specificmedia[1].txt [ Cookie:shayne@specificmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\A9BYMLBR.txt [ Cookie:shayne@pro-market.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@nhl.112.2o7[1].txt [ Cookie:shayne@nhl.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\M7EGL722.txt [ Cookie:shayne@e-2dj6wfloujdpekq.stats.esomniture.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\3LUOPCK4.txt [ Cookie:shayne@server.cpmstar.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@imrworldwide[2].txt [ Cookie:shayne@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@bellglobemediapublishing.122.2o7[1].txt [ Cookie:shayne@bellglobemediapublishing.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\5GSO4CJ6.txt [ Cookie:shayne@ar.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\EPKJIYFK.txt [ Cookie:shayne@hitbox.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\3L9FY2DB.txt [ Cookie:shayne@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@rbc.bridgetrack[2].txt [ Cookie:shayne@rbc.bridgetrack.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\J7WI3KOY.txt [ Cookie:shayne@serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\PNU2R5F7.txt [ Cookie:shayne@content.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\GV5BK9Z6.txt [ Cookie:shayne@ads.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\EZKLXZWG.txt [ Cookie:shayne@gr.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@clicksor[1].txt [ Cookie:shayne@clicksor.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\TOWWNXPX.txt [ Cookie:shayne@statcounter.com/ ]ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b6e9e68356adad4cad38451145cd84c4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-10 04:32:42
# local_time=2012-03-09 08:32:42 (-0800, Pacific Standard Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=81162
# found=23
# cleaned=23
# scan_time=5808
C:\Documents and Settings\Anthony\My Documents\Downloads\Windows XP Pro SP3 - Activated\WXPVOL_EN.iso a variant of Win32/PSWTool.RAS.A application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Anthony\Desktop\SmitfraudFix.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Anthony\Desktop\virus protection\SmitfraudFix\Process.exe Win32/PrcView application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Anthony\Desktop\virus protection\SmitfraudFix\restart.exe Win32/Shutdown.NAA application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\del_IEBHO_35.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\del_DM_EXE_87.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\del_DM_DLL_69.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\Datamngr\DnsBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\Datamngr\IEBHO.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngr.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052663.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052664.exe Win32/PrcView application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052665.exe Win32/Shutdown.NAA application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052666.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052667.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052668.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052669.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052670.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052671.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052672.dll Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{203A9C89-7A2C-419F-A40E-8C82E0800C2E}\RP314\A0052673.exe Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b6e9e68356adad4cad38451145cd84c4
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-10 11:28:36
# local_time=2012-03-10 03:28:36 (-0800, Pacific Standard Time)
# country="Canada"
# lang=4105
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=81785
# found=0
# cleaned=0
# scan_time=4209

C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@apmebf[2].txt [ Cookie:shayne@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@myroitracking[1].txt [ Cookie:shayne@myroitracking.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\NEVGWL2A.txt [ Cookie:shayne@at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\5P8X73GB.txt [ Cookie:shayne@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\TIN7WJAU.txt [ Cookie:shayne@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@pelmorexmedia.122.2o7[1].txt [ Cookie:shayne@pelmorexmedia.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@vitamine.networldmedia[2].txt [ Cookie:shayne@vitamine.networldmedia.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\01V5RWTS.txt [ Cookie:shayne@mm.chitika.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@adxpose[1].txt [ Cookie:shayne@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\06AA984X.txt [ Cookie:shayne@interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@adserving.greenadvertizing[2].txt [ Cookie:shayne@adserving.greenadvertizing.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\C9L1S1XE.txt [ Cookie:shayne@accounts.google.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\EH5RFTSE.txt [ Cookie:shayne@googleads.g.doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@screensaversandwallpapersfree[2].txt [ Cookie:shayne@screensaversandwallpapersfree.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@www.screensaversandwallpapersfree[1].txt [ Cookie:shayne@www.screensaversandwallpapersfree.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@bellcan.adbureau[2].txt [ Cookie:shayne@bellcan.adbureau.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\SN8HGXDA.txt [ Cookie:shayne@lego.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\KD6SPRU1.txt [ Cookie:shayne@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\BYE4RQ2B.txt [ Cookie:shayne@bs.serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\C83NNOL9.txt [ Cookie:shayne@yamahamotorusa.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\1FEUHLBZ.txt [ Cookie:shayne@nextag.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\RLLC2SGS.txt [ Cookie:shayne@clkads.com/adServe/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@www.bizrate[1].txt [ Cookie:shayne@www.bizrate.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\4HJ2BKBJ.txt [ Cookie:shayne@c.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\F4W97HBZ.txt [ Cookie:shayne@kontera.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\6JL6G0QK.txt [ Cookie:shayne@www.google.com/accounts/recovery ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\FDRM43T0.txt [ Cookie:shayne@www.googleadservices.com/pagead/conversion/1001747818/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\2FO6JDWS.txt [ Cookie:shayne@clkads.com/adServe/banners ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\U9A0A2Z3.txt [ Cookie:shayne@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\CAIPQ9FP.txt [ Cookie:shayne@insightexpressai.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\HYOJ39UH.txt [ Cookie:shayne@in.getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\LOW4YW0U.txt [ Cookie:shayne@www.googleadservices.com/pagead/conversion/1069788006/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\V7AKVMSA.txt [ Cookie:shayne@canadaboatshopper.advertserve.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\shayne@openx.microsites.transcontinentalmedia[1].txt [ Cookie:shayne@openx.microsites.transcontinentalmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\1LC9Q9PQ.txt [ Cookie:shayne@www.google.com/accounts ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\Cookies\OFMAFHD5.txt [ Cookie:shayne@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\E1OA577B.txt [ Cookie:nichole@anrtx.tacoda.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\13TH1V9L.txt [ Cookie:nichole@tribalfusion.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FHHXWW93.txt [ Cookie:nichole@clkads.com/adServe/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\XB4PJSJC.txt [ Cookie:nichole@bizrate.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\75Q1C1LZ.txt [ Cookie:nichole@tradedoubler.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\P3G6KA5C.txt [ Cookie:nichole@casalemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\C4GJEMGT.txt [ Cookie:nichole@rogersmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\0K9GN958.txt [ Cookie:nichole@torstardigital.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\U9F8IE1U.txt [ Cookie:nichole@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\GEYYW4AF.txt [ Cookie:nichole@adxpose.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\013J0HRC.txt [ Cookie:nichole@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\1FAGE5U6.txt [ Cookie:nichole@ads.pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\YWMAJ7KX.txt [ Cookie:nichole@adcentriconline.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\Y2YMPTF8.txt [ Cookie:nichole@statcounter.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\COK08QPJ.txt [ Cookie:nichole@hearstmagazines.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\43D8FCK9.txt [ Cookie:nichole@mediaforge.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\OEI65A5B.txt [ Cookie:nichole@mywebsearch.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\S51ULJTI.txt [ Cookie:nichole@nextag.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\MLGVKD5M.txt [ Cookie:nichole@adtech.de/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\3YNA90RY.txt [ Cookie:nichole@home.mywebsearch.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\BZFJK4MR.txt [ Cookie:nichole@content.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\3GES8DAJ.txt [ Cookie:nichole@www6.addfreestats.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\6WALSS31.txt [ Cookie:nichole@www.torontosun.com/sports/hockey/nhl/playoff/stats/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\JQUG990M.txt [ Cookie:nichole@pro-market.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\UUXVM0LN.txt [ Cookie:nichole@pointroll.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\Q8CTXBWE.txt [ Cookie:nichole@bs.serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\AD1F0JR0.txt [ Cookie:nichole@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\CVW5UZ5D.txt [ Cookie:nichole@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\RYDXAA2O.txt [ Cookie:nichole@h.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\9X0EJZXB.txt [ Cookie:nichole@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\D6T1PJLY.txt [ Cookie:nichole@ar.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\5S5ETAG1.txt [ Cookie:nichole@zedo.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\T64P309Y.txt [ Cookie:nichole@msnportal.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\CO49LKGN.txt [ Cookie:nichole@ru4.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\XKRNSSXD.txt [ Cookie:nichole@symptomfind.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\DB5HFRJ2.txt [ Cookie:nichole@tjx.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\63XNI75H.txt [ Cookie:nichole@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\JQ660CAV.txt [ Cookie:nichole@in.getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\8KGD4ZQD.txt [ Cookie:nichole@stats.com/nhl/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\0F8TOHNR.txt [ Cookie:nichole@microsoftwlcashback.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\440D4IK2.txt [ Cookie:nichole@gsimedia.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\2SUM102K.txt [ Cookie:nichole@tacoda.at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\4S24HA8V.txt [ Cookie:nichole@sales.liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\AZZXI62K.txt [ Cookie:nichole@insightexpressai.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\O0RSKAO0.txt [ Cookie:nichole@specificclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\8Z5VFT51.txt [ Cookie:nichole@sympatico.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\Y92IGLCO.txt [ Cookie:nichole@warnerbros.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FRU8LLZ1.txt [ Cookie:nichole@liveperson.net/hc/17490713 ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\RS4Y910L.txt [ Cookie:nichole@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\7W1VTGXN.txt [ Cookie:nichole@media2.legacy.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\9E832P6T.txt [ Cookie:nichole@cbsdigitalmedia.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\QJ8HX816.txt [ Cookie:nichole@trafficmp.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FY082D0L.txt [ Cookie:nichole@mediaplex.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\E6UCFEV4.txt [ Cookie:nichole@adinterax.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\JVW8ZA7N.txt [ Cookie:nichole@overture.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\SD0DCX6A.txt [ Cookie:nichole@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\TC56XLLS.txt [ Cookie:nichole@advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\TS03RU0F.txt [ Cookie:nichole@r1-ads.ace.advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\NRHWOH8J.txt [ Cookie:nichole@vitamine.networldmedia.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\YB34YPMT.txt [ Cookie:nichole@adsonar.com/adserving ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\RAMNT0J8.txt [ Cookie:nichole@liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\75A3W78S.txt [ Cookie:nichole@bonniercorp.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\A5UZUPPF.txt [ Cookie:nichole@thechart.blogs.cnn.com/.element/ssi/ads.iframes/eyewonder/interim.html ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\8GA7W4FV.txt [ Cookie:nichole@levelwing.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\GH7NNKMO.txt [ Cookie:nichole@lfstmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\2H9NR2I5.txt [ Cookie:nichole@giftscom.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\A95DQ718.txt [ Cookie:nichole@c.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\2KVRMOXY.txt [ Cookie:nichole@accounts.learninga-z.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\LZH1PV8D.txt [ Cookie:nichole@liveperson.net/hc/52493658 ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\U0RL5IK9.txt [ Cookie:nichole@amazon-adsystem.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\MPRENHU3.txt [ Cookie:nichole@steelhousemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\CNIXV0CB.txt [ Cookie:nichole@en.ca.msn.stats.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\MGEUHP35.txt [ Cookie:nichole@vermontcountrystore.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\PWYOPF4G.txt [ Cookie:nichole@ads.networldmedia.net/servlet/ajrotator ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\NLX83347.txt [ Cookie:nichole@rogersmedia.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\WIQOU679.txt [ Cookie:nichole@canam.bbstats.pointstreak.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\GZQ2MOO4.txt [ Cookie:nichole@dmtracker.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\T6NF64IQ.txt [ Cookie:nichole@247realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\TVZJEMX0.txt [ Cookie:nichole@enhance.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\2E9L6ALX.txt [ Cookie:nichole@server.iad.liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\NBL66B0E.txt [ Cookie:nichole@legolas-media.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\RVF2SRAX.txt [ Cookie:nichole@blog.country.inmusic.ca/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FJ4JDSVA.txt [ Cookie:nichole@dc.tremormedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\BDHXLN5T.txt [ Cookie:nichole@liveperson.net/hc/73495063 ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\XCQARS0H.txt [ Cookie:nichole@religion.blogs.cnn.com/2011/10/07/joel-osteen-takes-on-his-critics/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\W49APD7A.txt [ Cookie:nichole@data.coremetrics.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\PIPTHY1F.txt [ Cookie:nichole@statse.webtrendslive.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\YRCAGDMS.txt [ Cookie:nichole@stats.royalbank.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\8RC3AXRR.txt [ Cookie:nichole@ox-d.coedmediagroup.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\4SZVL6AW.txt [ Cookie:nichole@atrack.allposters.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\5NGWIPQI.txt [ Cookie:nichole@ad.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\0C134BYL.txt [ Cookie:nichole@lucidmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\XBL6YU58.txt [ Cookie:nichole@rbc.bridgetrack.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\96FAG8L7.txt [ Cookie:nichole@www9.addfreestats.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\LDL2X7Q9.txt [ Cookie:nichole@tracking.foxnews.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\RN453FIA.txt [ Cookie:nichole@liveperson.net/hc/88287119 ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\UHZ02K7W.txt [ Cookie:nichole@eas.apm.emediate.eu/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\0MGJP1V2.txt [ Cookie:nichole@insession.blogs.cnn.com/2011/12/08/will-casey-anthony-be-forced-to-answer-some-tough-questions/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\1NZ9VM27.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/952729023/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\BG9OKJ8V.txt [ Cookie:nichole@www.hlntv.com/video/2012/01/28/erin-brockovich-investigating-teen-mystery-illness ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\E59BMTOC.txt [ Cookie:nichole@tracking.godatafeed.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\09QMW4EK.txt [ Cookie:nichole@rtst.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\HFZK0L6J.txt [ Cookie:nichole@adserver.twitpic.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\N82GB14E.txt [ Cookie:nichole@ox-d.rdmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\8X3CJD38.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1067527785/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\I32X2D4K.txt [ Cookie:nichole@cbs.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\T6JPZJA2.txt [ Cookie:nichole@msnbc.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FH07G9YM.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/954880626/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\UCVDUZVY.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1071149228/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\L6N33HCD.txt [ Cookie:nichole@serenitycountrycandles.ca/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\WWYJ389E.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/954460365/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\QLZSF8CD.txt [ Cookie:nichole@eyewonder.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\K33MIC3X.txt [ Cookie:nichole@video.ca.msn.com/watch/video/crackdown-on-gay-people-in-uganda/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\OU2K2P2J.txt [ Cookie:nichole@accounts.google.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\MZZ40SS5.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1055598448/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\AH0R40HL.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1046947016/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\QI4VAUEL.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1026835746/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\XC1W825X.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1072699689/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\L28O2YQY.txt [ Cookie:nichole@foxinteractivemedia.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\ZS3817T0.txt [ Cookie:nichole@dealtime.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\G05TSM89.txt [ Cookie:nichole@www.hlntv.com/article/2012/01/24/casey-anthony-finally-answers-some-questions ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\R29KB2PF.txt [ Cookie:nichole@yadro.ru/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\MCGY8P90.txt [ Cookie:nichole@partners.mediatakeout.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\KQEUSYSK.txt [ Cookie:nichole@clickorlando.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\Q3W71O9Q.txt [ Cookie:nichole@static.freewebs.getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\K8G5EL4Q.txt [ Cookie:nichole@nancygrace.blogs.cnn.com/2012/01/10/teenage-girl-pleads-guilty-in-alleged-thrill-killing-of-9-year-old/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\EW13OHLY.txt [ Cookie:nichole@www.sleepcountry.ca/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\QENQ66T0.txt [ Cookie:nichole@www.vermontcountrystore.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\ME0O8V1G.txt [ Cookie:nichole@religion.blogs.cnn.com/2011/11/30/joel-osteen-developing-reality-show-with-survivor-producer/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\5CJEDQF8.txt [ Cookie:nichole@www5.addfreestats.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\NPKMNZIC.txt [ Cookie:nichole@googleads.g.doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\9E342ATW.txt [ Cookie:nichole@knowledgeadventure.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\1CNIA7KL.txt [ Cookie:nichole@liveperson.net/hc/57386690 ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\CPKNNHPI.txt [ Cookie:nichole@roiservice.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\93H50D5L.txt [ Cookie:nichole@content.yieldmanager.com/ak/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\OTUHFVM6.txt [ Cookie:nichole@www.clickorlando.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\9092YHF7.txt [ Cookie:nichole@care2.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\Q1N3TB9M.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1018185704/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\1OP44636.txt [ Cookie:nichole@tripod.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\CUET66QM.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1034892697/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\SBVKRRA7.txt [ Cookie:nichole@ads.saymedia.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\TR2X46LW.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1072617968/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\JBXJKZLO.txt [ Cookie:nichole@mlbam.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\LQ2DACEA.txt [ Cookie:nichole@sleepcountry.ca/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\GH9X5Y9N.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1005970738/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\FF4EO0AH.txt [ Cookie:nichole@airmilesrewardprogram.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\LWGHLXIH.txt [ Cookie:nichole@adnet.affinity.com/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\TIFPAA5H.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1010447590/ ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Cookies\SFP0YTTO.txt [ Cookie:nichole@www.googleadservices.com/pagead/conversion/1069788006/ ]
vitamine.networldmedia.net [ C:\DOCUMENTS AND SETTINGS\ANTHONY\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\SNJQNVZ2 ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@SPECIFICCLICK[2].TXT [ /SPECIFICCLICK ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@TRAFFICMP[2].TXT [ /TRAFFICMP ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@GO.EVOLUTIONMEDIA.BBELEMENTS[1].TXT [ /GO.EVOLUTIONMEDIA.BBELEMENTS ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@BANNER.MOTORCYCLE-USA[1].TXT [ /BANNER.MOTORCYCLE-USA ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@ADS.CREAFI[2].TXT [ /ADS.CREAFI ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@ROGERSMEDIA[1].TXT [ /ROGERSMEDIA ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@DMTRACKER[1].TXT [ /DMTRACKER ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@ANALYTICS.ROGERSMEDIA[1].TXT [ /ANALYTICS.ROGERSMEDIA ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@STAT.ONESTAT[2].TXT [ /STAT.ONESTAT ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@RICHMEDIA.YAHOO[2].TXT [ /RICHMEDIA.YAHOO ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@SYMPATICO.112.2O7[1].TXT [ /SYMPATICO.112.2O7 ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@ADS.AD4GAME[2].TXT [ /ADS.AD4GAME ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@ADS.CNN[1].TXT [ /ADS.CNN ]
C:\DOCUMENTS AND SETTINGS\SHAYNE\COOKIES\SHAYNE@112.2O7[2].TXT [ /112.2O7 ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]
msntest.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]
vitamine.networldmedia.net [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]
serving-sys.com [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]
s0.2mdn.net [ C:\DOCUMENTS AND SETTINGS\NICHOLE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\ZTSLS4B6 ]

PUP.MyWebSearch
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CF0WY0MZ\ads[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\H5FXP3FG\ads[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\ZAL12LIM\generic8[1].gif [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\A2SL2G9H\ads[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\H5FXP3FG\ping[1].gif [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CDB5JN4Q\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\81W6IBYT\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CHN5CRPV\r[1].js [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\Z2ZQQC2P\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EINK0R9K\query[4] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\NMHR05OR\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EA4JN7XE\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\ZAL12LIM\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LGW3T69G\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CHN5CRPV\afs[2].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\81W6IBYT\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\Z2ZQQC2P\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CDB5JN4Q\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EINK0R9K\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EINK0R9K\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CDB5JN4Q\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CDB5JN4Q\query[3] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\WRGAU5PJ\GGmain[3].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LB2I03BY\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EA4JN7XE\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\81W6IBYT\GGmain[2].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CF0WY0MZ\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LB2I03BY\afs[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\WRGAU5PJ\GGmain[2].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CF0WY0MZ\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\H5FXP3FG\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\Z2ZQQC2P\ads[3] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LGW3T69G\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\ZAL12LIM\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\WRGAU5PJ\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\WRGAU5PJ\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\EINK0R9K\query[3] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CHN5CRPV\query[3] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\A2SL2G9H\GGmain[1].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LB2I03BY\mwsGBv2-compressed[1].js [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\J3OEE1SZ\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CHN5CRPV\query[2] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CDB5JN4Q\GGmain[3].htm [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CHN5CRPV\query[4] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\J3OEE1SZ\query[1] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\LB2I03BY\query[3] [ cache:mywebsearch.com ]
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\WRGAU5PJ\GGmain[4].htm [ cache:mywebsearch.com ]

Trace.Known Threat Sources
C:\DOCUMENTS AND SETTINGS\NICHOLE\Local Settings\Temporary Internet Files\Content.IE5\CF0WY0MZ\page1_v1[8].jpg [ cache:webfile ]

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 PM

Posted 12 March 2012 - 06:39 PM

Ok, that looks good... If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 tagman66

tagman66
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 PM

Posted 14 March 2012 - 06:22 PM

ran antivirus scan and bloodhoun.malpe was back

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 PM

Posted 14 March 2012 - 07:17 PM

Rats ...we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 tagman66

tagman66
  • Topic Starter

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:53 PM

Posted 15 March 2012 - 08:20 PM

everthing went well and posted a new topic

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:53 PM

Posted 15 March 2012 - 09:58 PM

Thank you... Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - days and ALL logs are answered.

To avoid confusion, I am closing this topic
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users