Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

search-results.com browser redirect problem


  • Please log in to reply
9 replies to this topic

#1 seankobuk

seankobuk

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 16 March 2012 - 08:29 PM

My stepson installed ilivid video downloader program on my laptop (dell e1705 windows xp sp3) and at first I noticed that chrome and firefox home pages were changed to searchqu.com/406. I reset the default home pages but now if I type in the address bar of chrome or firefox the search results get redirected to either dts.search-results.com or search-results.com. I see numerous registry entries with these domain names but malwarebytes and avg don't detect anything when I run a scan. I did a restore to a date before ilivid was installed but this did not correct the issue.

I could use some guidance from one of the pros here. thank you.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 16 March 2012 - 08:41 PM

Hello seankobuk

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 seankobuk

seankobuk
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 17 March 2012 - 08:14 PM

Thanks for replying to my post.

I ran all 3 programs. At some point I noticed that chrome was no longer installed. Tried a test search in the address bar of Firefox v 11.0 and it went to http://www.search-results.com/web?l=dis&o=1928&q=u2&atb=sysid%3D406%3Aappid%3D283%3Auid%3De55e5beeaac5faf6%3Auc%3D1331851618%3Aq%3Du2%3Asrc%3Dffb%3Ao%3D1928. The second search landed on http://dnssearch.rr.com/index.php?origURL=http%3A//website/&r=


Logs posted below.

minitool log

MiniToolBox by Farbar Version: 18-01-2012
Ran by Sean Kennedy (administrator) on 17-03-2012 at 09:24:57
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
192.168.1.100 jack.local
127.0.0.1 bob.test
127.0.0.1 localhost
127.0.0.1 healthy.test
127.0.0.1 gorges.test
127.0.0.1 nwsc.test
127.0.0.1 dmm.test
127.0.0.1 asu_wine.test
127.0.0.1 nv.prototype
127.0.0.1 flu.test
127.0.0.1 hecm.test
127.0.0.1 nv.test
127.0.0.1 kobuk.test
127.0.0.1 clarity.test
127.0.0.1 gorges.test
127.0.0.1 ithacaderm.test
127.0.0.1 armstrong.test

There are 16 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Bluetooth Network Connection"

set address name="Bluetooth Network Connection" source=dhcp
set dns name="Bluetooth Network Connection" source=dhcp register=PRIMARY
set wins name="Bluetooth Network Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : sean-bj3q757cez Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . .

: Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : twcny.rr.comEthernet

adapter Local Area Connection: Connection-specific DNS Suffix . : twcny.rr.com Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated

Controller Physical Address. . . . . . . . . : 00-15-C5-3C-76-48 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.110 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 209.18.47.61 209.18.47.62

Lease Obtained. . . . . . . . . . : Saturday, March 17, 2012 3:25:55 AM Lease Expires . . . . . . . . . . : Monday, March 19, 2012 3:25:55 AMEthernet adapter

Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG

Network Connection Physical Address. . . . . . . . . : 00-13-02-B2-28-E2Ethernet adapter Bluetooth Network Connection: Media State . . . . . . . . . . . :

Media disconnected Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2 Physical Address. . . . . . . . . :

00-16-41-89-B0-30Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 72.14.204.100, 72.14.204.101, 72.14.204.102, 72.14.204.113
72.14.204.138

Pinging google.com [72.14.204.113] with 32 bytes of data:Reply from 72.14.204.113: bytes=32 time=45ms TTL=51Reply from 72.14.204.113: bytes=32 time=47ms TTL=51Ping

statistics for 72.14.204.113: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 45ms, Maximum = 47ms,

Average = 46msServer: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140, 98.139.183.24, 209.191.122.70

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=77ms TTL=47Reply from 98.139.183.24: bytes=32 time=76ms TTL=47Ping

statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 76ms, Maximum = 77ms,

Average = 76msServer: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host

unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms,

Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping

statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average

= 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 c5 3c 76 48 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3

...00 13 02 b2 28 e2 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x10005 ...00 16 41 89 b0 30 ...... Bluetooth Device (Personal

Area Network) #2
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.110 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.110 192.168.1.110 20
192.168.1.0 255.255.255.0 192.168.1.110 192.168.1.110 20
192.168.1.110 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.110 192.168.1.110 20
224.0.0.0 240.0.0.0 192.168.1.110 192.168.1.110 20
255.255.255.255 255.255.255.255 192.168.1.110 3 1
255.255.255.255 255.255.255.255 192.168.1.110 192.168.1.110 1
255.255.255.255 255.255.255.255 192.168.1.110 10005 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog5 05 C:\Windows\system32\wshbth.dll [108032] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/16/2012 08:45:39 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/16/2012 07:45:49 PM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 12572, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (03/16/2012 07:45:46 PM) (Source: LoadPerf) (User: )
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The
Error code is the first DWORD in Data section.

Error: (03/16/2012 07:45:46 PM) (Source: LoadPerf) (User: )
Description: The performance counter name string value in the registry is incorrectly
formatted. The bogus string is 12572, the bogus index value is the first
DWORD in Data section while the last valid index values are the second and
third DWORD in Data section.

Error: (03/11/2012 10:32:04 PM) (Source: Application Error) (User: )
Description: Faulting application divx plus player.exe, version 10.2.1.20, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.
Processing media-specific event for [divx plus player.exe!ws!]

Error: (03/11/2012 10:04:20 PM) (Source: Application Error) (User: )
Description: Faulting application divx plus player.exe, version 10.2.1.20, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.
Processing media-specific event for [divx plus player.exe!ws!]

Error: (03/10/2012 11:02:44 PM) (Source: Application Error) (User: )
Description: Faulting application divx plus player.exe, version 10.2.1.20, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.
Processing media-specific event for [divx plus player.exe!ws!]

Error: (03/10/2012 07:51:57 PM) (Source: Application Error) (User: )
Description: Faulting application divx plus player.exe, version 10.2.1.20, faulting module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.
Processing media-specific event for [divx plus player.exe!ws!]

Error: (02/26/2012 09:48:19 AM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 17.0.963.56, faulting module chrome.dll, version 17.0.963.56, fault address 0x015f333c.
Processing media-specific event for [chrome.exe!ws!]

Error: (02/20/2012 06:13:44 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 5.5.0.124, faulting module skype.exe, version 5.5.0.124, fault address 0x008b7483.
Processing media-specific event for [skype.exe!ws!]


System errors:
=============
Error: (03/16/2012 07:44:01 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 001302B228E2. The following error
occurred:
%%121.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (03/16/2012 07:39:44 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (03/16/2012 05:15:40 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (03/16/2012 05:15:29 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.102 for the Network Card with network address 0015C53C7648 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/15/2012 08:18:31 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{51BFD896-BB8F-41A9-81EA-875D03BC32F1} because another computer on the network has the same

name. The server could not start.

Error: (03/15/2012 03:28:07 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.102 for the Network Card with network address 0015C53C7648 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/14/2012 03:28:17 AM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (03/13/2012 03:29:09 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.100 for the Network Card with network address 001302B228E2 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/12/2012 08:01:14 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.100 for the Network Card with network address 001302B228E2 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (03/12/2012 01:55:24 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.110 for the Network Card with network address 0015C53C7648 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (03/16/2012 08:45:39 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (03/16/2012 07:45:49 PM) (Source: LoadPerf)(User: )
Description: 12572

Error: (03/16/2012 07:45:46 PM) (Source: LoadPerf)(User: )
Description: WmiApRplWmiApRpl

Error: (03/16/2012 07:45:46 PM) (Source: LoadPerf)(User: )
Description: 12572

Error: (03/11/2012 10:32:04 PM) (Source: Application Error)(User: )
Description: divx plus player.exe10.2.1.20qtcore4.dll4.5.0.0000e1b16

Error: (03/11/2012 10:04:20 PM) (Source: Application Error)(User: )
Description: divx plus player.exe10.2.1.20qtcore4.dll4.5.0.0000e1b16

Error: (03/10/2012 11:02:44 PM) (Source: Application Error)(User: )
Description: divx plus player.exe10.2.1.20qtcore4.dll4.5.0.0000e1b16

Error: (03/10/2012 07:51:57 PM) (Source: Application Error)(User: )
Description: divx plus player.exe10.2.1.20qtcore4.dll4.5.0.0000e1b16

Error: (02/26/2012 09:48:19 AM) (Source: Application Error)(User: )
Description: chrome.exe17.0.963.56chrome.dll17.0.963.56015f333c

Error: (02/20/2012 06:13:44 PM) (Source: Application Error)(User: )
Description: skype.exe5.5.0.124skype.exe5.5.0.124008b7483


=========================== Installed Programs ============================

1073 SS
Acronis True Image Home (Version: 13.0.6029)
AcusticaAudio Nebula3
Adobe AIR (Version: 2.7.0.19530)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Creative Suite 5 Design Standard (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.53.64)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Reader 9.2 (Version: 9.2.0)
AIM 7
Amazon MP3 Downloader 1.0.10
Any Video Converter 3.1.7
Apple Application Support (Version: 1.2.0)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.1.116)
Audio Transcoder (Version: 2.6)
AVG 2011 (Version: 10.0.1424)
AVG 2011 (Version: 10.0.2113)
Bonjour (Version: 1.0.106)
Broadcom 440x 10/100 Integrated Controller (Version: 10.04.01)
bx_cleansweep Native 1.0
CCleaner (Version: 3.10)
CDBurnerXP (Version: 4.2.7.1893)
Conexant HDA D110 MDC V.92 Modem
CutePDF Writer 2.8
DC++ 0.782 (Version: 0.782)
DebugBar v5.3 for Internet Explorer (remove only) (Version: 5.3)
DivX Setup (Version: 2.5.0.8)
Doc Fear
Download Updater (AOL LLC)
Drush (Version: 1.0.5.10728)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
Free Download Manager 3.0
Free MOV to AVI Converter 1.2
Free Presets From the "Mastering Suite"
Free Sound Recorder 2010 v8.2.1
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
hp instant support (Version: 5.0.2.4.asst_classic.asst_install)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 2.3 - Scanjet 4600 Series (Version: 2.3.0000)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
IETester v0.4.6 (remove only) (Version: 0.4.6)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless WiFi Software (Version: 13.04.0000)
Interlok driver setup x32 (Version: 5.8.5)
Internet Explorer Developer Toolbar (Version: 1.0.2188)
IrfanView (remove only)
iTunes (Version: 9.0.3.15)
Java Auto Updater (Version: 2.0.3.1)
Java DB 10.6.2.1 (Version: 10.6.2.1)
Java™ 6 Update 24 (Version: 6.0.240)
JavaFX™ 1.3 SDK (Version: 1.3.0)
Logitech Webcam Software (Version: 2.0)
LWS Webcam Software (Version: 13.00.1774.0)
M30 Reverb (Version: 1.0.0.1)
magicJack (Version: 2.0.6073.4252)
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MediaInfo 0.7.50 (Version: 0.7.50)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Virtual PC 2007 SP1 (Version: 6.0.192.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MiniTool Partition Wizard Home Edition 6.0
mLAN Tools 2.0 (Version: 1.3.4.0)
mLANApplications for Yamaha (Version: 1.6.3)
MozBackup 1.4.9
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
Mozilla Thunderbird (8.0) (Version: 8.0 (en-US))
mProSafe (Version: 9.00.0000)
MSXML 6.0 Parser (KB927977) (Version: 6.00.3890.0)
mWlsSafe (Version: 9.00.0000)
NRGUI PRO
Octoshape add-in for Adobe Flash Player
OpenOffice.org 3.1 (Version: 3.1.9420)
Overloud BREVERB audioMIDI.com 1.5.4 VST (Version: 1.5.4)
PDF Settings CS5 (Version: 10.0)
Pluggo Runtime 3.6.1 (Version: 3.6.1004)
QuickTime (Version: 7.65.17.80)
REAPER
Ruby 1.9.2-p0 (Version: 1.9.2-p0)
Safari (Version: 5.31.22.7)
SigmaTel Audio (Version: 5.10.5210.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
Sony Vegas Pro 8.0 (Version: 8.0.217)
Spotify (Version: 0.5.2)
SQLyog Community 8.5 RC (Version: 8.5 RC)
SSL LMC-1 v1.0 (Version: v1.0)
Steven Slate Steven Slate Drums EX
Steven Slate Steven Slate Drums EX (Version: 1.0.0.001)
SUPERAntiSpyware (Version: 4.38.1004)
Sylenth1 v2.0
Synaptics Pointing Device Driver (Version: 8.2.4.6)
Synful Orchestra v2.31
System Requirements Lab for Intel (Version: 4.4.16.0)
Tar-1.13 Binaries (GnuWin32) (Version: 1.13)
TimeCard (Version: 1.19)
TPKD Installer x32 (Version: 5.8.5)
TT Dynamic Range Meter 1.0
Tube Console Bundle
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.0.3 (Version: 1.0.3)
WampServer 2.0
WebEx
WebFldrs XP (Version: 9.50.6513)
WIDI Audio To MIDI VST 1.10 (remove only)
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (Version: 11/14/2006 6.00.01.04)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WinSCP 4.1.9 (Version: 4.1.9)
XnView 1.96.5 (Version: 1.96.5)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 2038.37 MB
Available physical RAM: 1256.62 MB
Total Pagefile: 3929.08 MB
Available Pagefile: 3311.01 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:146.48 GB) (Free:21.48 GB) NTFS
2 Drive f: (Files) (Fixed) (Total:151.61 GB) (Free:35.2 GB) NTFS

========================= Users: ========================================

User accounts for \\SEAN-BJ3Q757CEZ

Administrator basic Guest
HelpAssistant Sean Kennedy SUPPORT_388945a0


**** End of log ****


Super Anti Spyware Log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/17/2012 at 02:18 PM

Application Version : 4.56.1000

Core Rules Database Version : 8206
Trace Rules Database Version: 6018

Scan type : Complete Scan
Total Scan Time : 02:57:07

Memory items scanned : 489
Memory threats detected : 0
Registry items scanned : 6983
Registry threats detected : 0
File items scanned : 353930
File threats detected : 352

Adware.Tracking Cookie
C:\Documents and Settings\Sean Kennedy\Cookies\C94X91OP.txt
C:\Documents and Settings\Sean Kennedy\Cookies\F0660ZA9.txt
C:\Documents and Settings\Sean Kennedy\Cookies\06IXTFTS.txt
gearslutz.advertserve.com [ C:\Documents and Settings\basic\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cdn.media.abc.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
cdn.tremormedia.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
cloud.video.unrulymedia.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
content.yieldmanager.edgesuite(2).net [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
content.yieldmanager.edgesuite.net [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
ds.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
ec.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
ia.media-imdb.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
media.journalism.berkeley.edu [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
media.mtvnservices.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
media3.break.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
msnbcmedia.msn.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
objects.tremormedia.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
s0.2mdn.net [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
stat.easydate.biz [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
www.toontrack.com [ C:\Documents and Settings\Sean Kennedy\Application Data\Macromedia\Flash Player\#SharedObjects\JV4G7DS7 ]
gearslutz.advertserve.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.getclicky.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.static.getclicky.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kontera.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.gsimedia.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.gsimedia.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediatvzones.blogspot.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediatvzones.blogspot.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fidelity.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fidelity.rotator.hadj7.adjuggler.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.myroitracking.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.akamai.interclickproxy.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.paypal.112.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.adfrontiers.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adviva.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.paypal.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
advertisers.pixfuture.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
adserver.adreactor.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.saymedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.saymedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.citygridmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clickfuse.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
srv.clickfuse.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
7.rotator.wigetmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.steelhousemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.evite.112.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.steelhousemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
counter.hitslink.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.cbs.112.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
s06.flagcounter.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
mediaservices-d.openxenterprise.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.audiosex.pro [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.audiosex.pro [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.harrenmedianetwork.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rotator.adjuggler.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
rotator.adjuggler.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xm.xtendmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.rambler.ru [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yahoogroups.112.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
imagesrv.adition.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
7.rotator.wigetmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tns-counter.ru [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.openstat.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.eyewonder.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.steelhousemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ar.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ar.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediafire.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.insightexpressai.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
findnsave.azcentral.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findnsave.azcentral.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findnsave.azcentral.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.travidia.112.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.amazon-adsystem.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.amazon-adsystem.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adfarm1.adition.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad2.adfarm1.adition.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.overture.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.ebay.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.c.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.c.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.c.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.c.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.wegotmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.wegotmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lucidmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.network.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
supremeadserver.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
supremeadserver.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
supremeadserver.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
supremeadserver.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
supremeadserver.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ar.atwola.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.h.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.h.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.h.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.h.atdmt.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.azjmp.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.azjmp.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
cn.clickable.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
accounts.youtube.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.etracker.de [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.etracker.de [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.accounts.google.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.accounts.google.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
accounts.google.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
accounts.google.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adlegend.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ads.pointroll.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dmtracker.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.cybersoftwaresolutions.122.2o7.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaforge.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.liveperson.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clickfuse.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media2.legacy.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media.adfrontiers.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media2.legacy.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.lfstmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaforge.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
server.iad.liveperson.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
wstat.wibiya.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trafficmp.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.burstnet.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.a1.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.andomedia.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.traveladvertising.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.zedo.com [ C:\Documents and Settings\Sean Kennedy\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

MBAM Log

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.17.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Sean Kennedy :: SEAN-BJ3Q757CEZ [administrator]

3/17/2012 8:21:07 PM
mbam-log-2012-03-17 (20-21-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215022
Time elapsed: 5 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by seankobuk, 17 March 2012 - 08:16 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 17 March 2012 - 08:28 PM

Hello,we have a few things to do...
Do you run Free AVG?

Are you on a router? Are other machines on it,if so are they redirecting?



Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.





Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 seankobuk

seankobuk
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 17 March 2012 - 08:51 PM

Update. I reinstalled chrome and now the search results are staying in google. I used about:config to reset the search url in firefox and it also appears to be working correctly now. I'm hoping all is well but please let me know if you see anything in the logs tat looks like it still needs attention.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 17 March 2012 - 08:58 PM

Ok, I look back when you post them.

Do you run Free AVG?


Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

Edited by boopme, 17 March 2012 - 09:00 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 seankobuk

seankobuk
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 18 March 2012 - 09:54 AM

Updated Adobe Reader and Java. Thanks for the tip on java security issues. I was unaware of that.

There are other computers attached to the wireless network but none are getting the redirect to search-results.com type sites.

TDS Killer didn't need a reboot.

TDS Killer Log

08:08:52.0328 5112 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
08:08:53.0062 5112 ============================================================
08:08:53.0062 5112 Current date / time: 2012/03/18 08:08:53.0062
08:08:53.0062 5112 SystemInfo:
08:08:53.0062 5112
08:08:53.0062 5112 OS Version: 5.1.2600 ServicePack: 3.0
08:08:53.0062 5112 Product type: Workstation
08:08:53.0062 5112 ComputerName: SEAN-BJ3Q757CEZ
08:08:53.0062 5112 UserName: Sean Kennedy
08:08:53.0062 5112 Windows directory: C:\WINDOWS
08:08:53.0062 5112 System windows directory: C:\WINDOWS
08:08:53.0062 5112 Processor architecture: Intel x86
08:08:53.0062 5112 Number of processors: 2
08:08:53.0062 5112 Page size: 0x1000
08:08:53.0062 5112 Boot type: Normal boot
08:08:53.0062 5112 ============================================================
08:08:55.0703 5112 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:08:55.0703 5112 \Device\Harddisk0\DR0:
08:08:55.0703 5112 MBR used
08:08:55.0703 5112 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124F6BF3
08:08:55.0718 5112 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x124F6C71, BlocksNum 0x12F36A50
08:08:55.0812 5112 Initialize success
08:08:55.0812 5112 ============================================================
08:10:35.0796 4104 ============================================================
08:10:35.0796 4104 Scan started
08:10:35.0796 4104 Mode: Manual;
08:10:35.0796 4104 ============================================================
08:10:36.0187 4104 0b3df744-7bae-4fff-9776-23c6606e7298 - ok
08:10:36.0359 4104 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
08:10:36.0375 4104 61883 - ok
08:10:36.0406 4104 Abiosdsk - ok
08:10:36.0421 4104 abp480n5 - ok
08:10:36.0468 4104 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:10:36.0468 4104 ACPI - ok
08:10:36.0500 4104 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:10:36.0515 4104 ACPIEC - ok
08:10:36.0531 4104 adfs - ok
08:10:36.0546 4104 adpu160m - ok
08:10:36.0578 4104 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:10:36.0578 4104 aec - ok
08:10:36.0593 4104 afcdp (60073ff4c0717cf93a77496598b5962b) C:\WINDOWS\system32\DRIVERS\afcdp.sys
08:10:36.0609 4104 afcdp - ok
08:10:36.0671 4104 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:10:36.0750 4104 AFD - ok
08:10:36.0781 4104 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
08:10:36.0828 4104 AFS2K - ok
08:10:36.0843 4104 Aha154x - ok
08:10:36.0843 4104 aic78u2 - ok
08:10:36.0859 4104 aic78xx - ok
08:10:36.0875 4104 AliIde - ok
08:10:36.0890 4104 amsint - ok
08:10:36.0921 4104 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
08:10:36.0953 4104 APPDRV - ok
08:10:36.0984 4104 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:10:37.0015 4104 Arp1394 - ok
08:10:37.0015 4104 asc - ok
08:10:37.0031 4104 asc3350p - ok
08:10:37.0046 4104 asc3550 - ok
08:10:37.0093 4104 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:10:37.0125 4104 AsyncMac - ok
08:10:37.0156 4104 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:10:37.0156 4104 atapi - ok
08:10:37.0156 4104 Atdisk - ok
08:10:37.0187 4104 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:10:37.0203 4104 Atmarpc - ok
08:10:37.0250 4104 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:10:37.0250 4104 audstub - ok
08:10:37.0281 4104 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
08:10:37.0312 4104 Avc - ok
08:10:37.0359 4104 AVGIDSDriver (2d18221aab3db2d408d6c55c0f23090a) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
08:10:37.0359 4104 AVGIDSDriver - ok
08:10:37.0375 4104 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
08:10:37.0406 4104 AVGIDSEH - ok
08:10:37.0421 4104 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
08:10:37.0437 4104 AVGIDSFilter - ok
08:10:37.0453 4104 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
08:10:37.0453 4104 AVGIDSShim - ok
08:10:37.0484 4104 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
08:10:37.0484 4104 Avgldx86 - ok
08:10:37.0500 4104 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
08:10:37.0500 4104 Avgmfx86 - ok
08:10:37.0531 4104 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
08:10:37.0546 4104 Avgrkx86 - ok
08:10:37.0578 4104 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
08:10:37.0593 4104 Avgtdix - ok
08:10:37.0640 4104 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
08:10:37.0656 4104 bcm4sbxp - ok
08:10:37.0687 4104 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:10:37.0687 4104 Beep - ok
08:10:37.0765 4104 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
08:10:37.0781 4104 BthEnum - ok
08:10:37.0828 4104 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
08:10:37.0828 4104 BthPan - ok
08:10:37.0875 4104 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
08:10:37.0890 4104 BTHPORT - ok
08:10:37.0921 4104 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
08:10:37.0953 4104 BTHUSB - ok
08:10:37.0984 4104 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:10:38.0000 4104 cbidf2k - ok
08:10:38.0046 4104 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:10:38.0046 4104 CCDECODE - ok
08:10:38.0046 4104 cd20xrnt - ok
08:10:38.0078 4104 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:10:38.0093 4104 Cdaudio - ok
08:10:38.0171 4104 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:10:38.0187 4104 Cdfs - ok
08:10:38.0218 4104 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:10:38.0218 4104 Cdrom - ok
08:10:38.0234 4104 Changer - ok
08:10:38.0281 4104 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:10:38.0296 4104 CmBatt - ok
08:10:38.0296 4104 CmdIde - ok
08:10:38.0328 4104 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:10:38.0328 4104 Compbatt - ok
08:10:38.0343 4104 Cpqarray - ok
08:10:38.0359 4104 dac2w2k - ok
08:10:38.0375 4104 dac960nt - ok
08:10:38.0406 4104 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:10:38.0406 4104 Disk - ok
08:10:38.0453 4104 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:10:38.0515 4104 dmboot - ok
08:10:38.0546 4104 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:10:38.0546 4104 dmio - ok
08:10:38.0562 4104 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:10:38.0562 4104 dmload - ok
08:10:38.0578 4104 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:10:38.0593 4104 DMusic - ok
08:10:38.0609 4104 dpti2o - ok
08:10:38.0625 4104 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:10:38.0625 4104 drmkaud - ok
08:10:38.0656 4104 ENUM1394 (80d1b490b60e74e002dc116ec5d41748) C:\WINDOWS\system32\DRIVERS\enum1394.sys
08:10:38.0671 4104 ENUM1394 - ok
08:10:38.0734 4104 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:10:38.0781 4104 Fastfat - ok
08:10:38.0812 4104 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:10:38.0812 4104 Fdc - ok
08:10:38.0828 4104 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:10:38.0859 4104 Fips - ok
08:10:38.0875 4104 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:10:38.0875 4104 Flpydisk - ok
08:10:38.0906 4104 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:10:38.0921 4104 FltMgr - ok
08:10:38.0953 4104 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:10:38.0953 4104 Fs_Rec - ok
08:10:38.0968 4104 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:10:38.0968 4104 Ftdisk - ok
08:10:39.0000 4104 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:10:39.0015 4104 GEARAspiWDM - ok
08:10:39.0046 4104 glancedrv (1e6c235714a42b2edc0cfa93d0ea66d3) C:\WINDOWS\system32\DRIVERS\glancedrv.sys
08:10:39.0078 4104 glancedrv - ok
08:10:39.0093 4104 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:10:39.0093 4104 Gpc - ok
08:10:39.0125 4104 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:10:39.0125 4104 HDAudBus - ok
08:10:39.0156 4104 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:10:39.0156 4104 HidUsb - ok
08:10:39.0171 4104 hpn - ok
08:10:39.0218 4104 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
08:10:39.0250 4104 HSF_DPV - ok
08:10:39.0281 4104 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
08:10:39.0312 4104 HSXHWAZL - ok
08:10:39.0343 4104 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:10:39.0375 4104 HTTP - ok
08:10:39.0390 4104 i2omgmt - ok
08:10:39.0406 4104 i2omp - ok
08:10:39.0437 4104 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:10:39.0437 4104 i8042prt - ok
08:10:39.0625 4104 ialm (e8c7cc369c2fb657e0792af70df529e6) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
08:10:39.0828 4104 ialm - ok
08:10:39.0859 4104 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:10:39.0890 4104 Imapi - ok
08:10:39.0906 4104 ini910u - ok
08:10:39.0921 4104 IntelIde - ok
08:10:39.0953 4104 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:10:39.0953 4104 intelppm - ok
08:10:39.0968 4104 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:10:40.0000 4104 ip6fw - ok
08:10:40.0031 4104 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:10:40.0031 4104 IpFilterDriver - ok
08:10:40.0062 4104 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:10:40.0078 4104 IpInIp - ok
08:10:40.0125 4104 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:10:40.0125 4104 IpNat - ok
08:10:40.0156 4104 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:10:40.0187 4104 IPSec - ok
08:10:40.0203 4104 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:10:40.0218 4104 IRENUM - ok
08:10:40.0250 4104 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:10:40.0250 4104 isapnp - ok
08:10:40.0281 4104 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:10:40.0281 4104 Kbdclass - ok
08:10:40.0312 4104 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:10:40.0312 4104 kbdhid - ok
08:10:40.0343 4104 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:10:40.0343 4104 kmixer - ok
08:10:40.0375 4104 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:10:40.0375 4104 KSecDD - ok
08:10:40.0390 4104 lbrtfdc - ok
08:10:40.0437 4104 LVRS (a1857fbb9b4930eeb2fd92386c45c529) C:\WINDOWS\system32\DRIVERS\lvrs.sys
08:10:40.0484 4104 LVRS - ok
08:10:40.0625 4104 LVUVC (3703406af0726badd24c5e552493e5b1) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
08:10:40.0765 4104 LVUVC - ok
08:10:40.0781 4104 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:10:40.0796 4104 mdmxsdk - ok
08:10:40.0828 4104 mLanBus (10082c8dc03f560f4137773c77cbcc41) C:\WINDOWS\system32\Drivers\mLanBus.sys
08:10:40.0843 4104 mLanBus - ok
08:10:40.0890 4104 mLanMIDI (7f7f05bb04cac2b458cf1344db99f150) C:\WINDOWS\system32\drivers\mLanMIDI.sys
08:10:40.0921 4104 mLanMIDI - ok
08:10:40.0968 4104 mLanPDev (f12e113317665083b4a2aa006e21054d) C:\WINDOWS\system32\Drivers\mLanPDev.sys
08:10:40.0984 4104 mLanPDev - ok
08:10:41.0015 4104 mLanStrm (10fb4b0fca654754b51fddda5f883098) C:\WINDOWS\system32\drivers\mLanStrm.sys
08:10:41.0062 4104 mLanStrm - ok
08:10:41.0093 4104 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:10:41.0125 4104 mnmdd - ok
08:10:41.0156 4104 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:10:41.0156 4104 Modem - ok
08:10:41.0187 4104 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:10:41.0187 4104 Mouclass - ok
08:10:41.0218 4104 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:10:41.0234 4104 mouhid - ok
08:10:41.0281 4104 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:10:41.0281 4104 MountMgr - ok
08:10:41.0296 4104 mraid35x - ok
08:10:41.0328 4104 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:10:41.0328 4104 MRxDAV - ok
08:10:41.0390 4104 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:10:41.0437 4104 MRxSmb - ok
08:10:41.0453 4104 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:10:41.0453 4104 Msfs - ok
08:10:41.0484 4104 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:10:41.0484 4104 MSKSSRV - ok
08:10:41.0500 4104 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:10:41.0500 4104 MSPCLOCK - ok
08:10:41.0531 4104 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:10:41.0531 4104 MSPQM - ok
08:10:41.0562 4104 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:10:41.0562 4104 mssmbios - ok
08:10:41.0593 4104 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
08:10:41.0625 4104 MSTEE - ok
08:10:41.0656 4104 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:10:41.0656 4104 Mup - ok
08:10:41.0687 4104 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:10:41.0703 4104 NABTSFEC - ok
08:10:41.0734 4104 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:10:41.0750 4104 NDIS - ok
08:10:41.0781 4104 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:10:41.0812 4104 NdisIP - ok
08:10:41.0859 4104 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:10:41.0937 4104 NdisTapi - ok
08:10:41.0984 4104 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:10:41.0984 4104 Ndisuio - ok
08:10:42.0000 4104 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:10:42.0031 4104 NdisWan - ok
08:10:42.0062 4104 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:10:42.0078 4104 NDProxy - ok
08:10:42.0109 4104 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:10:42.0109 4104 NetBIOS - ok
08:10:42.0125 4104 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:10:42.0140 4104 NetBT - ok
08:10:42.0234 4104 NETw4x32 (88100ebdd10309fbd445ef8e42452eae) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
08:10:42.0343 4104 NETw4x32 - ok
08:10:42.0562 4104 NETwLx32 (72062b53186e4a3f5fcbc41ebb62b905) C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
08:10:42.0859 4104 NETwLx32 - ok
08:10:42.0890 4104 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:10:42.0890 4104 NIC1394 - ok
08:10:42.0953 4104 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:10:42.0953 4104 Npfs - ok
08:10:43.0000 4104 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:10:43.0015 4104 Ntfs - ok
08:10:43.0046 4104 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:10:43.0062 4104 Null - ok
08:10:43.0078 4104 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:10:43.0109 4104 NwlnkFlt - ok
08:10:43.0140 4104 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:10:43.0140 4104 NwlnkFwd - ok
08:10:43.0171 4104 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:10:43.0171 4104 ohci1394 - ok
08:10:43.0203 4104 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
08:10:43.0203 4104 Parport - ok
08:10:43.0218 4104 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:10:43.0218 4104 PartMgr - ok
08:10:43.0250 4104 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:10:43.0250 4104 ParVdm - ok
08:10:43.0265 4104 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:10:43.0265 4104 PCI - ok
08:10:43.0281 4104 PCIDump - ok
08:10:43.0312 4104 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:10:43.0312 4104 PCIIde - ok
08:10:43.0343 4104 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:10:43.0343 4104 Pcmcia - ok
08:10:43.0359 4104 PDCOMP - ok
08:10:43.0375 4104 PDFRAME - ok
08:10:43.0390 4104 PDRELI - ok
08:10:43.0390 4104 PDRFRAME - ok
08:10:43.0406 4104 perc2 - ok
08:10:43.0421 4104 perc2hib - ok
08:10:43.0453 4104 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:10:43.0468 4104 PptpMiniport - ok
08:10:43.0484 4104 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
08:10:43.0500 4104 Processor - ok
08:10:43.0531 4104 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:10:43.0546 4104 PSched - ok
08:10:43.0578 4104 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:10:43.0578 4104 Ptilink - ok
08:10:43.0593 4104 pwdrvio (31c396331f61990ce235b046a03be0a1) C:\WINDOWS\system32\pwdrvio.sys
08:10:43.0656 4104 pwdrvio - ok
08:10:43.0671 4104 pwdspio (cee974ef297015b9600dcd16a82821b4) C:\WINDOWS\system32\pwdspio.sys
08:10:43.0703 4104 pwdspio - ok
08:10:43.0718 4104 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:10:43.0750 4104 PxHelp20 - ok
08:10:43.0765 4104 ql1080 - ok
08:10:43.0765 4104 Ql10wnt - ok
08:10:43.0781 4104 ql12160 - ok
08:10:43.0796 4104 ql1240 - ok
08:10:43.0812 4104 ql1280 - ok
08:10:43.0843 4104 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:10:43.0843 4104 RasAcd - ok
08:10:43.0859 4104 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:10:43.0890 4104 Rasl2tp - ok
08:10:43.0937 4104 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:10:43.0953 4104 RasPppoe - ok
08:10:43.0984 4104 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:10:43.0984 4104 Raspti - ok
08:10:44.0015 4104 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:10:44.0031 4104 Rdbss - ok
08:10:44.0062 4104 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:10:44.0062 4104 RDPCDD - ok
08:10:44.0078 4104 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:10:44.0093 4104 rdpdr - ok
08:10:44.0140 4104 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:10:44.0218 4104 RDPWD - ok
08:10:44.0250 4104 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:10:44.0265 4104 redbook - ok
08:10:44.0312 4104 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
08:10:44.0312 4104 RFCOMM - ok
08:10:44.0343 4104 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
08:10:44.0390 4104 rimmptsk - ok
08:10:44.0406 4104 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
08:10:44.0421 4104 rimsptsk - ok
08:10:44.0437 4104 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
08:10:44.0468 4104 rismxdp - ok
08:10:44.0531 4104 s24trans (27fc71da659305e260acbda15a318399) C:\WINDOWS\system32\DRIVERS\s24trans.sys
08:10:44.0578 4104 s24trans - ok
08:10:44.0640 4104 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:10:44.0656 4104 SASDIFSV - ok
08:10:44.0671 4104 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:10:44.0703 4104 SASKUTIL - ok
08:10:44.0750 4104 sbp2port (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
08:10:44.0765 4104 sbp2port - ok
08:10:44.0812 4104 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
08:10:44.0828 4104 sdbus - ok
08:10:44.0859 4104 sdcplh (b7ea2f12416693d2d9bffaaa5eff7037) C:\WINDOWS\system32\drivers\sdcplh.sys
08:10:44.0875 4104 sdcplh - ok
08:10:44.0906 4104 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:10:44.0968 4104 Secdrv - ok
08:10:45.0015 4104 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
08:10:45.0015 4104 Serial - ok
08:10:45.0046 4104 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:10:45.0078 4104 Sfloppy - ok
08:10:45.0125 4104 SI3132 (0b9b5c6df6226497ef4819b6e1b2efd5) C:\WINDOWS\system32\DRIVERS\SI3132.sys
08:10:45.0140 4104 SI3132 - ok
08:10:45.0156 4104 SiFilter (ad29a80543c63e5b3588d118fb327e22) C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
08:10:45.0156 4104 SiFilter - ok
08:10:45.0171 4104 Simbad - ok
08:10:45.0187 4104 SiRemFil (b19efe5e45ae31f3c3e4c4f0f9da3c49) C:\WINDOWS\system32\DRIVERS\SiRemFil.sys
08:10:45.0187 4104 SiRemFil - ok
08:10:45.0218 4104 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:10:45.0218 4104 SLIP - ok
08:10:45.0265 4104 snapman (5bceb1b306878035dacba6dd18366eda) C:\WINDOWS\system32\DRIVERS\snapman.sys
08:10:45.0281 4104 snapman - ok
08:10:45.0281 4104 Sparrow - ok
08:10:45.0312 4104 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:10:45.0328 4104 splitter - ok
08:10:45.0359 4104 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
08:10:45.0359 4104 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
08:10:45.0359 4104 sptd ( LockedFile.Multi.Generic ) - warning
08:10:45.0359 4104 sptd - detected LockedFile.Multi.Generic (1)
08:10:45.0375 4104 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:10:45.0390 4104 sr - ok
08:10:45.0421 4104 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:10:45.0437 4104 Srv - ok
08:10:45.0484 4104 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
08:10:45.0500 4104 StarOpen - ok
08:10:45.0562 4104 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
08:10:45.0640 4104 STHDA - ok
08:10:45.0656 4104 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:10:45.0687 4104 streamip - ok
08:10:45.0718 4104 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:10:45.0734 4104 swenum - ok
08:10:45.0781 4104 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:10:45.0796 4104 swmidi - ok
08:10:45.0812 4104 symc810 - ok
08:10:45.0828 4104 symc8xx - ok
08:10:45.0843 4104 sym_hi - ok
08:10:45.0859 4104 sym_u3 - ok
08:10:45.0890 4104 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:10:45.0921 4104 SynTP - ok
08:10:45.0953 4104 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:10:45.0953 4104 sysaudio - ok
08:10:45.0984 4104 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:10:46.0000 4104 Tcpip - ok
08:10:46.0031 4104 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:10:46.0046 4104 TDPIPE - ok
08:10:46.0125 4104 tdrpman258 (8de3e45000ba8c9ebb16737d3f83e216) C:\WINDOWS\system32\DRIVERS\tdrpm258.sys
08:10:46.0156 4104 tdrpman258 - ok
08:10:46.0187 4104 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:10:46.0203 4104 TDTCP - ok
08:10:46.0234 4104 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:10:46.0250 4104 TermDD - ok
08:10:46.0281 4104 timounter (3e06987fedbcdfbff8e85ef8108565f9) C:\WINDOWS\system32\DRIVERS\timntr.sys
08:10:46.0296 4104 timounter - ok
08:10:46.0312 4104 TosIde - ok
08:10:46.0343 4104 TPkd (5f226c681049fb1df1578af32bb641f1) C:\WINDOWS\system32\drivers\TPkd.sys
08:10:46.0343 4104 TPkd - ok
08:10:46.0390 4104 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:10:46.0406 4104 Udfs - ok
08:10:46.0421 4104 UIUSys - ok
08:10:46.0437 4104 ultra - ok
08:10:46.0468 4104 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:10:46.0484 4104 Update - ok
08:10:46.0531 4104 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
08:10:46.0562 4104 USBAAPL - ok
08:10:46.0593 4104 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
08:10:46.0609 4104 usbaudio - ok
08:10:46.0656 4104 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:10:46.0671 4104 usbccgp - ok
08:10:46.0703 4104 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:10:46.0734 4104 usbehci - ok
08:10:46.0765 4104 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:10:46.0796 4104 usbhub - ok
08:10:46.0828 4104 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:10:46.0859 4104 usbscan - ok
08:10:46.0890 4104 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:10:46.0906 4104 USBSTOR - ok
08:10:46.0953 4104 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:10:46.0968 4104 usbuhci - ok
08:10:47.0015 4104 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
08:10:47.0015 4104 usbvideo - ok
08:10:47.0046 4104 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:10:47.0046 4104 VgaSave - ok
08:10:47.0062 4104 ViaIde - ok
08:10:47.0109 4104 vmm (817da66b1b889fad1dbf669e0e2f3228) C:\WINDOWS\system32\Drivers\vmm.sys
08:10:47.0125 4104 vmm - ok
08:10:47.0156 4104 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:10:47.0156 4104 VolSnap - ok
08:10:47.0203 4104 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
08:10:47.0203 4104 VPCNetS2 - ok
08:10:47.0250 4104 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:10:47.0265 4104 Wanarp - ok
08:10:47.0281 4104 WDICA - ok
08:10:47.0312 4104 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:10:47.0328 4104 wdmaud - ok
08:10:47.0359 4104 WIBUKEY (e02e9c10c4d1cbc7a4ed579e38ebd9a9) C:\WINDOWS\system32\DRIVERS\WibuKey.sys
08:10:47.0390 4104 WIBUKEY - ok
08:10:47.0453 4104 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
08:10:47.0515 4104 winachsf - ok
08:10:47.0578 4104 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:10:47.0593 4104 WSTCODEC - ok
08:10:47.0640 4104 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:10:47.0656 4104 WudfPf - ok
08:10:47.0687 4104 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:10:47.0718 4104 WudfRd - ok
08:10:47.0765 4104 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:10:48.0031 4104 \Device\Harddisk0\DR0 - ok
08:10:48.0031 4104 Boot (0x1200) (f550fb386de411cf25bcd2c853352af4) \Device\Harddisk0\DR0\Partition0
08:10:48.0046 4104 \Device\Harddisk0\DR0\Partition0 - ok
08:10:48.0062 4104 Boot (0x1200) (72b9e0063cb0dafa4825a9539c526bad) \Device\Harddisk0\DR0\Partition1
08:10:48.0062 4104 \Device\Harddisk0\DR0\Partition1 - ok
08:10:48.0062 4104 ============================================================
08:10:48.0062 4104 Scan finished
08:10:48.0062 4104 ============================================================
08:10:48.0078 2164 Detected object count: 1
08:10:48.0078 2164 Actual detected object count: 1
08:11:01.0281 2164 sptd ( LockedFile.Multi.Generic ) - skipped by user
08:11:01.0281 2164 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
08:11:08.0187 5524 Deinitialize success

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 18 March 2012 - 01:35 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 seankobuk

seankobuk
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 19 March 2012 - 07:11 AM

Thanks so much for the guidance and the prevention tips.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 AM

Posted 19 March 2012 - 02:49 PM

You're welcome!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users