Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista / Gateway mx6959 S...L...O...WWWW


  • Please log in to reply
4 replies to this topic

#1 Djimbe

Djimbe

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:11:09 PM

Posted 05 November 2012 - 01:36 PM

I was trying to Setup an Ad Hoc network in my house, badly I may Add, And I well , im not sure if its a malware Issue or not , but this box is running SLOWLY. I mean like Apple IIe slow. Like Commodore64 Slow. Like K-6 Slow... okay, Im showing my age now. But I seriously thought that the days of Tape Drives were behind me.I think one of my other boxes DEFINITELY has a Malware Issue, and I wonder if I could have spread it around, STD style to the others ? What tool would I use to find out?

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:09 PM

Posted 06 November 2012 - 02:10 PM

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

#3 Djimbe

Djimbe
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:11:09 PM

Posted 09 November 2012 - 02:05 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.08.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Administrator :: -1 [administrator]

11/8/2012 6:05:40 PM
mbam-log-2012-11-08 (18-05-40).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237851
Time elapsed: 20 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/08/2012 at 07:05 PM

Application Version : 5.6.1014

Core Rules Database Version : 9558
Trace Rules Database Version: 7370

Scan type : Quick Scan
Total Scan Time : 00:14:22

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 693
Memory threats detected : 0
Registry items scanned : 30307
Registry threats detected : 17
File items scanned : 8407
File threats detected : 290

Adware.Zugo
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\InprocServer32
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\InprocServer32#ThreadingModel
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ProgID
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\Programmable
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\TypeLib
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\VersionIndependentProgID
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
HKCR\SearchToolbarLib.CSearchToolbarImpl.1
HKCR\SearchToolbarLib.CSearchToolbarImpl.1\CLSID
HKCR\SearchToolbarLib.CSearchToolbarImpl
HKCR\SearchToolbarLib.CSearchToolbarImpl\CLSID
HKCR\SearchToolbarLib.CSearchToolbarImpl\CurVer
HKCR\TypeLib\{E43AD97A-5248-46A7-BB03-35574058224C}
HKU\S-1-5-21-2496519656-3590466210-1232353965-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9D425283-D487-4337-BAB6-AB8354A81457}
[SASINPROCSERVER32]

Adware.Tracking Cookie
ad.yieldmanager.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.microsoftwindows.112.2o7.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.c1.atdmt.com [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
.eset.122.2o7.net [ C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RIH59VQB.DEFAULT\COOKIES.SQLITE ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\RHIHPR1W.txt [ /atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\21DHQYJ3.txt [ /apmebf.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\UAF8I27F.txt [ /c.atdmt.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\06CR0MR8.txt [ /ad.360yield.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\SLMMUI57.txt [ /ru4.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\VOOFWR72.txt [ /adbrite.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\HHH6XIGZ.txt [ /revsci.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\5MFDPEYU.txt [ /msnportal.112.2o7.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\LGK7IB5O.txt [ /invitemedia.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\L3I1KJ5Q.txt [ /ads.bleepingcomputer.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\4Z0IAX2W.txt [ /kontera.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\M5UIL0A5.txt [ /doubleclick.net ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\U6N46S5L.txt [ /burstnet.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\TG2Q8JCW.txt [ /mediaplex.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\QTMKTIWQ.txt [ /ad.yieldmanager.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\APPR4UL5.txt [ /casalemedia.com ]
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies\R5N9PJJB.txt [ /eset.122.2o7.net ]
C:\USERS\ADMINISTRATOR\Cookies\RHIHPR1W.txt [ Cookie:administrator@atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\21DHQYJ3.txt [ Cookie:administrator@apmebf.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\UAF8I27F.txt [ Cookie:administrator@c.atdmt.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\SLMMUI57.txt [ Cookie:administrator@ru4.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\VOOFWR72.txt [ Cookie:administrator@adbrite.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\HHH6XIGZ.txt [ Cookie:administrator@revsci.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\4Z0IAX2W.txt [ Cookie:administrator@kontera.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\M5UIL0A5.txt [ Cookie:administrator@doubleclick.net/ ]
C:\USERS\ADMINISTRATOR\Cookies\U6N46S5L.txt [ Cookie:administrator@burstnet.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\TG2Q8JCW.txt [ Cookie:administrator@mediaplex.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\QTMKTIWQ.txt [ Cookie:administrator@ad.yieldmanager.com/ ]
C:\USERS\ADMINISTRATOR\Cookies\R5N9PJJB.txt [ Cookie:administrator@eset.122.2o7.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@xiti[1].txt [ Cookie:djimbe@xiti.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\KTDVKDVQ.txt [ Cookie:djimbe@ads2.zeusclicks.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@ads.saymedia[2].txt [ Cookie:djimbe@ads.saymedia.com/ ]
.doubleclick.net [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@realmedia[2].txt [ Cookie:djimbe@realmedia.com/ ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@adserver.adtechus[2].txt [ Cookie:djimbe@adserver.adtechus.com/ ]
statse.webtrendslive.com [ C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@amazon-adsystem[1].txt [ Cookie:djimbe@amazon-adsystem.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\5ZF1WYAG.txt [ Cookie:djimbe@adxpansion.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\R36RZI3O.txt [ Cookie:djimbe@statcounter.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@www.crackle[2].txt [ Cookie:djimbe@www.crackle.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@network.realmedia[2].txt [ Cookie:djimbe@network.realmedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\2SSYJCUJ.txt [ Cookie:djimbe@ad.yieldmanager.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@crackle[2].txt [ Cookie:djimbe@crackle.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\M9LYVEQW.txt [ Cookie:djimbe@ero-advertising.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\KHRMFDW1.txt [ Cookie:djimbe@invitemedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@openx.sexsearch[2].txt [ Cookie:djimbe@openx.sexsearch.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@at.atwola[1].txt [ Cookie:djimbe@at.atwola.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\djimbe@estat[1].txt [ Cookie:djimbe@estat.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@tacoda.at.atwola[2].txt [ Cookie:djimbe@tacoda.at.atwola.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@blackteengirlfriends[1].txt [ Cookie:djimbe@blackteengirlfriends.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@2o7[1].txt [ Cookie:djimbe@2o7.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@join.blackteengirlfriends[1].txt [ Cookie:djimbe@join.blackteengirlfriends.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@media6degrees[2].txt [ Cookie:djimbe@media6degrees.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@liveperson[2].txt [ Cookie:djimbe@liveperson.net/hc/69606660 ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.xxxmatch[2].txt [ Cookie:djimbe@www.xxxmatch.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adserver.adtechus[1].txt [ Cookie:djimbe@adserver.adtechus.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@realmedia[1].txt [ Cookie:djimbe@realmedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.liutilities[2].txt [ Cookie:djimbe@www.liutilities.com/products/campaigns/adv/rb/speedtest/lb/us/t02b/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.googleadservices[1].txt [ Cookie:djimbe@www.googleadservices.com/pagead/conversion/1043715552/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@stat.onestat[2].txt [ Cookie:djimbe@stat.onestat.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adecn[2].txt [ Cookie:djimbe@adecn.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@tubepornstars[2].txt [ Cookie:djimbe@tubepornstars.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@pornstarbritish[1].txt [ Cookie:djimbe@pornstarbritish.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@wt.xxxmatch[1].txt [ Cookie:djimbe@wt.xxxmatch.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@webpornsex[2].txt [ Cookie:djimbe@webpornsex.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adxpansion[2].txt [ Cookie:djimbe@adxpansion.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adinterax[2].txt [ Cookie:djimbe@adinterax.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@pornxplorer[1].txt [ Cookie:djimbe@pornxplorer.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@user.lucidmedia[1].txt [ Cookie:djimbe@user.lucidmedia.com/clicksense/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@statcounter[2].txt [ Cookie:djimbe@statcounter.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@mileyxxx[1].txt [ Cookie:djimbe@mileyxxx.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@socialsexnetwork[2].txt [ Cookie:djimbe@socialsexnetwork.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.youporn[1].txt [ Cookie:djimbe@www.youporn.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adnetxchange[2].txt [ Cookie:djimbe@adnetxchange.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@clickbank[1].txt [ Cookie:djimbe@clickbank.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@a1.interclick[2].txt [ Cookie:djimbe@a1.interclick.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@lfstmedia[2].txt [ Cookie:djimbe@lfstmedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@ad.yieldmanager[1].txt [ Cookie:djimbe@ad.yieldmanager.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@ads.zeusclicks[1].txt [ Cookie:djimbe@ads.zeusclicks.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@xxxbunker[2].txt [ Cookie:djimbe@xxxbunker.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@streamhomesex[2].txt [ Cookie:djimbe@streamhomesex.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.burstnet[1].txt [ Cookie:djimbe@www.burstnet.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@ero-advertising[1].txt [ Cookie:djimbe@ero-advertising.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@xm.xtendmedia[1].txt [ Cookie:djimbe@xm.xtendmedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@timeinc.122.2o7[1].txt [ Cookie:djimbe@timeinc.122.2o7.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.google[2].txt [ Cookie:djimbe@www.google.com/accounts ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@mediabrandsww[2].txt [ Cookie:djimbe@mediabrandsww.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@google[4].txt [ Cookie:djimbe@google.com/accounts/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@invitemedia[2].txt [ Cookie:djimbe@invitemedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.statstrackeronline[1].txt [ Cookie:djimbe@www.statstrackeronline.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@at.atwola[2].txt [ Cookie:djimbe@at.atwola.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@toplist[1].txt [ Cookie:djimbe@toplist.cz/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adultadworld[2].txt [ Cookie:djimbe@adultadworld.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@burstbeacon[1].txt [ Cookie:djimbe@burstbeacon.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@lxtraffic[1].txt [ Cookie:djimbe@lxtraffic.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@dmtracker[1].txt [ Cookie:djimbe@dmtracker.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@richmedia.yahoo[2].txt [ Cookie:djimbe@richmedia.yahoo.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@vidsbleeper[2].txt [ Cookie:djimbe@vidsbleeper.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@adcentriconline[1].txt [ Cookie:djimbe@adcentriconline.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@content.yieldmanager[3].txt [ Cookie:djimbe@content.yieldmanager.com/ak/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@liveperson[1].txt [ Cookie:djimbe@liveperson.net/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@server.cpmstar[1].txt [ Cookie:djimbe@server.cpmstar.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@galleries1.adult-empire[1].txt [ Cookie:djimbe@galleries1.adult-empire.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@content.yieldmanager[1].txt [ Cookie:djimbe@content.yieldmanager.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@intermundomedia[2].txt [ Cookie:djimbe@intermundomedia.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.freeteenpassport[2].txt [ Cookie:djimbe@www.freeteenpassport.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@ads.youporn[2].txt [ Cookie:djimbe@ads.youporn.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@sextronix[1].txt [ Cookie:djimbe@sextronix.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.vintagepornarchive[1].txt [ Cookie:djimbe@www.vintagepornarchive.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@clicksor[2].txt [ Cookie:djimbe@clicksor.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@youpornmate[2].txt [ Cookie:djimbe@youpornmate.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@oporn[1].txt [ Cookie:djimbe@oporn.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@vintagepornarchive[2].txt [ Cookie:djimbe@vintagepornarchive.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@burstnet[1].txt [ Cookie:djimbe@burstnet.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@pornoxo[1].txt [ Cookie:djimbe@pornoxo.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@xxx-rewind[1].txt [ Cookie:djimbe@xxx-rewind.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@www.eroticporninside[1].txt [ Cookie:djimbe@www.eroticporninside.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@ar.atwola[1].txt [ Cookie:djimbe@ar.atwola.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@web-traffic-analysis[1].txt [ Cookie:djimbe@web-traffic-analysis.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@go.trafficshop[2].txt [ Cookie:djimbe@go.trafficshop.com/ ]
C:\USERS\DJIMBE\AppData\Roaming\Microsoft\Windows\Cookies\Low\djimbe@eroticporninside[2].txt [ Cookie:djimbe@eroticporninside.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@xiti[1].txt [ Cookie:djimbe@xiti.com/ ]
C:\USERS\DJIMBE\Cookies\KTDVKDVQ.txt [ Cookie:djimbe@ads2.zeusclicks.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@ads.saymedia[2].txt [ Cookie:djimbe@ads.saymedia.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@realmedia[2].txt [ Cookie:djimbe@realmedia.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@adserver.adtechus[2].txt [ Cookie:djimbe@adserver.adtechus.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@amazon-adsystem[1].txt [ Cookie:djimbe@amazon-adsystem.com/ ]
C:\USERS\DJIMBE\Cookies\5ZF1WYAG.txt [ Cookie:djimbe@adxpansion.com/ ]
C:\USERS\DJIMBE\Cookies\R36RZI3O.txt [ Cookie:djimbe@statcounter.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@www.crackle[2].txt [ Cookie:djimbe@www.crackle.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@network.realmedia[2].txt [ Cookie:djimbe@network.realmedia.com/ ]
C:\USERS\DJIMBE\Cookies\2SSYJCUJ.txt [ Cookie:djimbe@ad.yieldmanager.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@crackle[2].txt [ Cookie:djimbe@crackle.com/ ]
C:\USERS\DJIMBE\Cookies\M9LYVEQW.txt [ Cookie:djimbe@ero-advertising.com/ ]
C:\USERS\DJIMBE\Cookies\KHRMFDW1.txt [ Cookie:djimbe@invitemedia.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@openx.sexsearch[2].txt [ Cookie:djimbe@openx.sexsearch.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@at.atwola[1].txt [ Cookie:djimbe@at.atwola.com/ ]
C:\USERS\DJIMBE\Cookies\djimbe@estat[1].txt [ Cookie:djimbe@estat.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@naiadsystems[1].txt [ Cookie:yvette@naiadsystems.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@trafficmp[2].txt [ Cookie:yvette@trafficmp.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@myroitracking[1].txt [ Cookie:yvette@myroitracking.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@yieldmanager[2].txt [ Cookie:yvette@yieldmanager.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@ads.clicksor[1].txt [ Cookie:yvette@ads.clicksor.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@interclick[2].txt [ Cookie:yvette@interclick.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@insightexpressai[1].txt [ Cookie:yvette@insightexpressai.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@www.adtrak[1].txt [ Cookie:yvette@www.adtrak.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@a1.interclick[1].txt [ Cookie:yvette@a1.interclick.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@adtech[1].txt [ Cookie:yvette@adtech.de/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@advertising[1].txt [ Cookie:yvette@advertising.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@media6degrees[1].txt [ Cookie:yvette@media6degrees.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@doubleclick[1].txt [ Cookie:yvette@doubleclick.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@casalemedia[1].txt [ Cookie:yvette@casalemedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@burstnet[1].txt [ Cookie:yvette@burstnet.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@atdmt[2].txt [ Cookie:yvette@atdmt.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@www.burstnet[1].txt [ Cookie:yvette@www.burstnet.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@kontera[1].txt [ Cookie:yvette@kontera.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@collective-media[1].txt [ Cookie:yvette@collective-media.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@ad.yieldmanager[2].txt [ Cookie:yvette@ad.yieldmanager.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@tribalfusion[1].txt [ Cookie:yvette@tribalfusion.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@wachovia.112.2o7[2].txt [ Cookie:yvette@wachovia.112.2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\yvette@adserving.cpxinteractive[1].txt [ Cookie:yvette@adserving.cpxinteractive.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@media.adrevolver[1].txt [ Cookie:yvette@media.adrevolver.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.sexvideohq[2].txt [ Cookie:yvette@www.sexvideohq.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@hardsextube[1].txt [ Cookie:yvette@hardsextube.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@247realmedia[2].txt [ Cookie:yvette@247realmedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ads.lucidmedia[1].txt [ Cookie:yvette@ads.lucidmedia.com/clicksense/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@stats1.clicktracks[2].txt [ Cookie:yvette@stats1.clicktracks.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@pornhost[2].txt [ Cookie:yvette@pornhost.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@openxxx.viragemedia[1].txt [ Cookie:yvette@openxxx.viragemedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@data.coremetrics[1].txt [ Cookie:yvette@data.coremetrics.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@trafficmp[2].txt [ Cookie:yvette@trafficmp.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adserver.fusacapital[2].txt [ Cookie:yvette@adserver.fusacapital.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@forums.crackberry[1].txt [ Cookie:yvette@forums.crackberry.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@maxporn[1].txt [ Cookie:yvette@maxporn.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@myroitracking[2].txt [ Cookie:yvette@myroitracking.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adopt.euroclick[1].txt [ Cookie:yvette@adopt.euroclick.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@yieldmanager[2].txt [ Cookie:yvette@yieldmanager.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adultfriendfinder[1].txt [ Cookie:yvette@adultfriendfinder.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@specificclick[2].txt [ Cookie:yvette@specificclick.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@revsci[2].txt [ Cookie:yvette@revsci.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.burstbeacon[2].txt [ Cookie:yvette@www.burstbeacon.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@e-2dj6wgkyalcjmhq.stats.esomniture[2].txt [ Cookie:yvette@e-2dj6wgkyalcjmhq.stats.esomniture.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ehg-reebok.hitbox[2].txt [ Cookie:yvette@ehg-reebok.hitbox.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@mediaplex[2].txt [ Cookie:yvette@mediaplex.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ads.pointroll[1].txt [ Cookie:yvette@ads.pointroll.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@media.medhelp[2].txt [ Cookie:yvette@media.medhelp.org/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@interclick[2].txt [ Cookie:yvette@interclick.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@questionmarket[1].txt [ Cookie:yvette@questionmarket.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@bs.serving-sys[1].txt [ Cookie:yvette@bs.serving-sys.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@insightexpressai[1].txt [ Cookie:yvette@insightexpressai.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.google[2].txt [ Cookie:yvette@www.google.com/accounts ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@server.iad.liveperson[1].txt [ Cookie:yvette@server.iad.liveperson.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adopt.specificclick[2].txt [ Cookie:yvette@adopt.specificclick.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ad1.clickhype[1].txt [ Cookie:yvette@ad1.clickhype.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adtech[1].txt [ Cookie:yvette@adtech.de/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.blackberryadserver[1].txt [ Cookie:yvette@www.blackberryadserver.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@google[1].txt [ Cookie:yvette@google.com/accounts/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@imediablast[2].txt [ Cookie:yvette@imediablast.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@advertising[1].txt [ Cookie:yvette@advertising.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@yadro[1].txt [ Cookie:yvette@yadro.ru/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@sexcravedteenies[2].txt [ Cookie:yvette@sexcravedteenies.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@imrworldwide[2].txt [ Cookie:yvette@imrworldwide.com/cgi-bin ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@media6degrees[1].txt [ Cookie:yvette@media6degrees.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@doubleclick[1].txt [ Cookie:yvette@doubleclick.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@statcounter[2].txt [ Cookie:yvette@statcounter.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@casalemedia[2].txt [ Cookie:yvette@casalemedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@burstnet[2].txt [ Cookie:yvette@burstnet.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@specificmedia[2].txt [ Cookie:yvette@specificmedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@clickbank[2].txt [ Cookie:yvette@clickbank.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adultadworld[2].txt [ Cookie:yvette@adultadworld.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@atdmt[2].txt [ Cookie:yvette@atdmt.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adecn[2].txt [ Cookie:yvette@adecn.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@e-2dj6wjk4ggd5wap.stats.esomniture[2].txt [ Cookie:yvette@e-2dj6wjk4ggd5wap.stats.esomniture.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@kontera[2].txt [ Cookie:yvette@kontera.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@server.iad.liveperson[3].txt [ Cookie:yvette@server.iad.liveperson.net/hc/25102549 ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@2o7[1].txt [ Cookie:yvette@2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ehg-researchinmotion.hitbox[2].txt [ Cookie:yvette@ehg-researchinmotion.hitbox.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@apmebf[1].txt [ Cookie:yvette@apmebf.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@network.realmedia[1].txt [ Cookie:yvette@network.realmedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.clicktorrent[2].txt [ Cookie:yvette@www.clicktorrent.info/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.maxporn[1].txt [ Cookie:yvette@www.maxporn.com/pornvideos/10092/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@tns-counter[1].txt [ Cookie:yvette@tns-counter.ru/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@hitbox[2].txt [ Cookie:yvette@hitbox.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ehg-foxnewsnetworkllc.hitbox[1].txt [ Cookie:yvette@ehg-foxnewsnetworkllc.hitbox.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@tribalfusion[2].txt [ Cookie:yvette@tribalfusion.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ad.yieldmanager[2].txt [ Cookie:yvette@ad.yieldmanager.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@adlegend[2].txt [ Cookie:yvette@adlegend.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@supermediastore[1].txt [ Cookie:yvette@supermediastore.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@stats.adbrite[1].txt [ Cookie:yvette@stats.adbrite.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@laptopmag.122.2o7[1].txt [ Cookie:yvette@laptopmag.122.2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:yvette@microsoftinternetexplorer.112.2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@server.iad.liveperson[4].txt [ Cookie:yvette@server.iad.liveperson.net/hc/59239906 ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@e-2dj6wgkywgczmeq.stats.esomniture[2].txt [ Cookie:yvette@e-2dj6wgkywgczmeq.stats.esomniture.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@crackberry[2].txt [ Cookie:yvette@crackberry.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www6.addfreestats[1].txt [ Cookie:yvette@www6.addfreestats.com/cgi-bin ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@perf.overture[1].txt [ Cookie:yvette@perf.overture.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@serving-sys[2].txt [ Cookie:yvette@serving-sys.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@tacoda[2].txt [ Cookie:yvette@tacoda.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@clicktorrent[2].txt [ Cookie:yvette@clicktorrent.info/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@ads.escalatemedia[1].txt [ Cookie:yvette@ads.escalatemedia.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@at.atwola[2].txt [ Cookie:yvette@at.atwola.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@counter2.hitslink[1].txt [ Cookie:yvette@counter2.hitslink.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@overture[2].txt [ Cookie:yvette@overture.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.supermediastore[1].txt [ Cookie:yvette@www.supermediastore.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@bleepgrowth[1].txt [ Cookie:yvette@bleepgrowth.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@videoegg.adbureau[1].txt [ Cookie:yvette@videoegg.adbureau.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@medhelpinternational.112.2o7[1].txt [ Cookie:yvette@medhelpinternational.112.2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@researchinmotion.122.2o7[1].txt [ Cookie:yvette@researchinmotion.122.2o7.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@collective-media[1].txt [ Cookie:yvette@collective-media.net/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@www.roommateclick[1].txt [ Cookie:yvette@www.roommateclick.com/ ]
C:\USERS\YVETTE\AppData\Roaming\Microsoft\Windows\Cookies\Low\yvette@clickaider[1].txt [ Cookie:yvette@clickaider.com/ ]
C:\USERS\YVETTE\Cookies\yvette@naiadsystems[1].txt [ Cookie:yvette@naiadsystems.com/ ]
C:\USERS\YVETTE\Cookies\yvette@trafficmp[2].txt [ Cookie:yvette@trafficmp.com/ ]
C:\USERS\YVETTE\Cookies\yvette@myroitracking[1].txt [ Cookie:yvette@myroitracking.com/ ]
C:\USERS\YVETTE\Cookies\yvette@yieldmanager[2].txt [ Cookie:yvette@yieldmanager.com/ ]
C:\USERS\YVETTE\Cookies\yvette@ads.clicksor[1].txt [ Cookie:yvette@ads.clicksor.com/ ]
C:\USERS\YVETTE\Cookies\yvette@interclick[2].txt [ Cookie:yvette@interclick.com/ ]
C:\USERS\YVETTE\Cookies\yvette@insightexpressai[1].txt [ Cookie:yvette@insightexpressai.com/ ]
C:\USERS\YVETTE\Cookies\yvette@www.adtrak[1].txt [ Cookie:yvette@www.adtrak.net/ ]
C:\USERS\YVETTE\Cookies\yvette@a1.interclick[1].txt [ Cookie:yvette@a1.interclick.com/ ]
C:\USERS\YVETTE\Cookies\yvette@adtech[1].txt [ Cookie:yvette@adtech.de/ ]
C:\USERS\YVETTE\Cookies\yvette@advertising[1].txt [ Cookie:yvette@advertising.com/ ]
C:\USERS\YVETTE\Cookies\yvette@media6degrees[1].txt [ Cookie:yvette@media6degrees.com/ ]
C:\USERS\YVETTE\Cookies\yvette@doubleclick[1].txt [ Cookie:yvette@doubleclick.net/ ]
C:\USERS\YVETTE\Cookies\yvette@casalemedia[1].txt [ Cookie:yvette@casalemedia.com/ ]
C:\USERS\YVETTE\Cookies\yvette@burstnet[1].txt [ Cookie:yvette@burstnet.com/ ]
C:\USERS\YVETTE\Cookies\yvette@atdmt[2].txt [ Cookie:yvette@atdmt.com/ ]
C:\USERS\YVETTE\Cookies\yvette@www.burstnet[1].txt [ Cookie:yvette@www.burstnet.com/ ]
C:\USERS\YVETTE\Cookies\yvette@kontera[1].txt [ Cookie:yvette@kontera.com/ ]
C:\USERS\YVETTE\Cookies\yvette@collective-media[1].txt [ Cookie:yvette@collective-media.net/ ]
C:\USERS\YVETTE\Cookies\yvette@ad.yieldmanager[2].txt [ Cookie:yvette@ad.yieldmanager.com/ ]
C:\USERS\YVETTE\Cookies\yvette@tribalfusion[1].txt [ Cookie:yvette@tribalfusion.com/ ]
C:\USERS\YVETTE\Cookies\yvette@wachovia.112.2o7[2].txt [ Cookie:yvette@wachovia.112.2o7.net/ ]
C:\USERS\YVETTE\Cookies\yvette@adserving.cpxinteractive[1].txt [ Cookie:yvette@adserving.cpxinteractive.com/ ]

C:\Program Files\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Program Files\Search Toolbar\SearchToolbarUpdater.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\86353.exe.vir probably unknown NewHeur_PE virus deleted - quarantined
C:\Qoobox\Quarantine\C\windows32.exe.vir Win32/HackTool.VB.NAC trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\PlayAllDVD\Uninstall.exe.vir probably a variant of Win32/Agent.HQJKXTM trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Yvette\AppData\Roaming\gadcom\gadcom.exe.vir Win32/Agent.AMYY trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\brastk.exe.vir a variant of Win32/TrojanDownloader.FakeAlert.GU trojan cleaned by deleting - quarantined
C:\Users\Djimbe\Desktop\one.click.root.exploitv2.5.5.zip Android/Exploit.RageCage.A trojan deleted - quarantined
C:\Users\Djimbe\Desktop\one.click.root.exploitv2.5.5\rageagainstthecage-arm5.bin Android/Exploit.RageCage.A trojan cleaned by deleting - quarantined
C:\Windows\Installer\c0704e2.msi Win32/Adware.ADON application deleted - quarantined

MiniToolBox by Farbar Version: 07-11-2012
Ran by Administrator (administrator) on 09-11-2012 at 04:25:23
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188RU Wireless LAN 802.11n USB High Power Dongle = Wireless Network Connection 3 (Connected)
Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Media disconnected)
Linksys Wireless-G Notebook Adapter WPC54G V3 = Wireless Network Connection 2 (Media disconnected)
EasyTether Network Adapter = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection" address=192.168.72.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : -1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cable.rcn.com

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : cable.rcn.com
Description . . . . . . . . . . . : Realtek RTL8188RU Wireless LAN 802.11n USB High Power Dongle
Physical Address. . . . . . . . . : 00-C0-CA-66-1C-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f0fa:b2e9:7ce6:ac8e%18(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 08, 2012 5:24:55 PM
Lease Expires . . . . . . . . . . : Friday, November 09, 2012 8:38:53 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 503365834
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-91-90-34-00-E0-B8-C1-58-D7
DNS Servers . . . . . . . . . . . : 208.59.247.45
208.59.247.46
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : connectify
Description . . . . . . . . . . . : Linksys Wireless-G Notebook Adapter WPC54G V3
Physical Address. . . . . . . . . : 00-22-6B-60-52-D2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : EasyTether Network Adapter
Physical Address. . . . . . . . . : 02-00-54-74-68-72
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-E0-B8-C1-58-D7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-18-DE-95-AA-46
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.connectify
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cable.rcn.com
Description . . . . . . . . . . . : isatap.cable.rcn.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{819926DC-3351-4528-90B8-BD0E9C4C33A4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{70D79A21-FED3-4E9F-97F7-16F372B8A89D}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{DF1F3B37-9DFF-4A1A-B0F5-BB4FCD031253}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns2.dns.rcn.net
Address: 208.59.247.45

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:4006:801::100e
74.125.226.226
74.125.226.232
74.125.226.224
74.125.226.225
74.125.226.227
74.125.226.228
74.125.226.230
74.125.226.229
74.125.226.233
74.125.226.238
74.125.226.231



Pinging google.com [74.125.226.231] with 32 bytes of data:

Reply from 74.125.226.231: bytes=32 time=48ms TTL=55

Reply from 74.125.226.231: bytes=32 time=20ms TTL=55



Ping statistics for 74.125.226.231:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 20ms, Maximum = 48ms, Average = 34ms

Server: ns2.dns.rcn.net
Address: 208.59.247.45

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=403ms TTL=52

Reply from 98.139.183.24: bytes=32 time=283ms TTL=52



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 283ms, Maximum = 403ms, Average = 343ms

Server: ns2.dns.rcn.net
Address: 208.59.247.45

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
18 ...00 c0 ca 66 1c 0b ...... Realtek RTL8188RU Wireless LAN 802.11n USB High Power Dongle
15 ...00 22 6b 60 52 d2 ...... Linksys Wireless-G Notebook Adapter WPC54G V3
14 ...02 00 54 74 68 72 ...... EasyTether Network Adapter
8 ...00 e0 b8 c1 58 d7 ...... Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller
9 ...00 18 de 95 aa 46 ...... Intel® PRO/Wireless 3945ABG Network Connection
1 ........................... Software Loopback Interface 1
31 ...00 00 00 00 00 00 00 e0 isatap.connectify
17 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
32 ...00 00 00 00 00 00 00 e0 isatap.cable.rcn.com
16 ...00 00 00 00 00 00 00 e0 isatap.{819926DC-3351-4528-90B8-BD0E9C4C33A4}
30 ...00 00 00 00 00 00 00 e0 isatap.{70D79A21-FED3-4E9F-97F7-16F372B8A89D}
20 ...00 00 00 00 00 00 00 e0 isatap.{DF1F3B37-9DFF-4A1A-B0F5-BB4FCD031253}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 286
192.168.1.101 255.255.255.255 On-link 192.168.1.101 286
192.168.1.255 255.255.255.255 On-link 192.168.1.101 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
18 286 fe80::/64 On-link
18 286 fe80::f0fa:b2e9:7ce6:ac8e/128
On-link
1 306 ff00::/8 On-link
18 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/08/2012 05:39:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2012 07:59:14 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (11/07/2012 06:41:12 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\CONFIG.MSI\B43D16.RBS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (11/07/2012 06:06:54 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 32c
Start Time: 01cdbd3c1e6f5e4a
Termination Time: 206

Error: (11/07/2012 03:29:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2012 03:29:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2012 03:23:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (11/07/2012 03:20:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2012 03:20:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/07/2012 03:19:10 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (11/09/2012 00:18:29 AM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (11/08/2012 10:32:17 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (11/08/2012 10:07:32 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (11/08/2012 08:38:36 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (11/08/2012 05:37:29 PM) (Source: DCOM) (User: )
Description: {A42F1F9E-9990-493A-8DE0-36F78B459313}

Error: (11/08/2012 05:32:41 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (11/08/2012 05:32:30 PM) (Source: ipnathlp) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

Error: (11/08/2012 05:29:57 PM) (Source: Service Control Manager) (User: )
Description: 30000Realtek11nSU

Error: (11/08/2012 05:27:03 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (11/08/2012 05:22:17 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (11/08/2012 05:39:21 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{0B2D57D5-8BFD-4554-A9B6-CC8CC0580F1D}\recordingmanager.exe

Error: (11/07/2012 07:59:14 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (11/07/2012 06:41:12 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog


Details:
A device attached to the system is not functioning. (0x8007001f)
C:\CONFIG.MSI\B43D16.RBS

Error: (11/07/2012 06:06:54 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1642132c01cdbd3c1e6f5e4a206

Error: (11/07/2012 03:29:31 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{0B2D57D5-8BFD-4554-A9B6-CC8CC0580F1D}\recordingmanager.exe

Error: (11/07/2012 03:29:31 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{0B2D57D5-8BFD-4554-A9B6-CC8CC0580F1D}\recordingmanager.exe

Error: (11/07/2012 03:23:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (11/07/2012 03:20:20 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{0B2D57D5-8BFD-4554-A9B6-CC8CC0580F1D}\recordingmanager.exe

Error: (11/07/2012 03:20:20 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{0B2D57D5-8BFD-4554-A9B6-CC8CC0580F1D}\recordingmanager.exe

Error: (11/07/2012 03:19:10 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


=========================== Installed Programs ============================

"Nero SoundTrax Help (Version: 4.0.15.0)
µTorrent (Version: 1.8.1)
µTorrent (Version: 2.0.4)
32 Bit HP CIO Components Installer (Version: 2.1.0)
AAC Decoder (Version: 7.1.0)
ABC Amber BlackBerry Editor
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Ad-Aware (Version: 9.0.7)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 Plugin (Version: 10.0.12.36)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.233)
Advertising Center (Version: 0.0.0.1)
AIO_Scan (Version: 100.0.206.000)
AutoUpdate (Version: 1.1)
BlackBerry Desktop Software 5.0.1 (Version: 5.0.1.28)
BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone (Version: 4.5.0.131 (Platform 3.4.0.25))
BufferChm (Version: 100.0.170.000)
C7200 (Version: 100.0.206.000)
C7200_Help (Version: 100.0.206.000)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000)
CDisplay 1.8
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Connectify Hotspot (Version: 3.7.0.25374)
Copy (Version: 100.0.170.000)
CustomerResearchQFolder (Version: 1.00.0000)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DivX Converter (Version: 7.0.0)
DivX Player (Version: 7.0.0)
DivX Plus DirectShow Filters
DivX Version Checker (Version: 7.0.0.19)
DivX Web Player (Version: 1.4.2)
DocProc (Version: 10.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DolbyFiles (Version: 2.0)
EasyTether (Version: 1.1.13)
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 100.0.187.000)
FormatFactory (Version: 1.65)
Google Chrome (Version: 23.0.1271.64)
Google Talk Plugin (Version: 2.8.7.6830)
Google Update Helper (Version: 1.3.21.123)
GPBaseService (Version: 100.0.187.000)
H.264 Decoder (Version: 1.0.0)
HamsterFreeVideoConverter
HijackThis 2.0.2 (Version: 2.0.2)
HP Customer Participation Program 10.0 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Solution Center 10.0 (Version: 10.0)
HP Update (Version: 4.000.007.003)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000)
hpphotosmartdisclabelplugin (Version: 2.02.0000)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000)
HPProductAssistant (Version: 100.0.170.000)
HPSSupply (Version: 100.0.170.000)
ImagXpress (Version: 7.0.74.0)
ImgBurn (Version: 2.4.2.0)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
K-Lite Mega Codec Pack 4.6.2 (Version: 4.6.2)
LightScribe System Software 1.14.17.1 (Version: 1.14.17.1)
LimeWire 5.1.4 (Version: 5.1.4)
Magic Berry
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 100.0.170.000)
Menu Templates - Starter Kit (Version: 9.0.4.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Silverlight (Version: 1.0.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
MKV Splitter (Version: 1.0.0)
Movie Templates - Starter Kit (Version: 9.0.4.0)
Moyea FLV Downloader version 1.16.0.17
Moyea FLV Player version 1.0.0.0
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MyVideoConverter 2.33 (Version: 2.33)
Nero 9
Nero BurningROM (Version: 9.0.0.0)
Nero BurnRights (Version: 2.99.6.100)
Nero ControlCenter (Version: 0.0.0.1)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.0.5.100)
Nero CoverDesigner Help (Version: 4.0.0.0)
Nero Disc Copy Gadget (Version: 1.53.0.0)
Nero Disc Copy Gadget Help (Version: 2.0.0.0)
Nero DiscSpeed (Version: 4.99.5.105)
Nero DriveSpeed (Version: 3.99.5.105)
Nero Express (Version: 9.0.0.0)
Nero InfoTool (Version: 5.99.5.105)
Nero Installer (Version: 2.0.0.1)
Nero Live (Version: 1.0.164.0)
Nero Live Help (Version: 1.0.162.0)
Nero PhotoSnap (Version: 1.53.2.0)
Nero PhotoSnap Help (Version: 1.53.2.0)
Nero Recode (Version: 3.53.0.0)
Nero Recode Help (Version: 3.53.0.0)
Nero Rescue Agent (Version: 1.99.0.1)
Nero RescueAgent Help (Version: 1.99.0.1)
Nero ShowTime (Version: 4.99.0.0)
Nero StartSmart (Version: 9.0.10.100)
Nero StartSmart Help (Version: 9.0.0.0)
Nero Vision (Version: 0.0.0.1)
Nero Vision (Version: 6.0.6.100)
Nero WaveEditor (Version: 5.0.18.0)
Nero WaveEditor Help (Version: 5.0.15.0)
NeroBurningROM (Version: 9.0.9.100)
NeroExpress (Version: 9.0.9.100)
neroxml (Version: 1.0.0)
NetDeviceManager (Version: 100.0.170.000)
OCR Software by I.R.I.S. 10.0 (Version: 10.0)
PanoStandAlone (Version: 100.0.170.000)
PS_AIO_02_ProductContext (Version: 100.0.206.000)
PS_AIO_02_Software (Version: 100.0.206.000)
PS_AIO_02_Software_Min (Version: 100.0.206.000)
PSSWCORE (Version: 2.02.0000)
QuickTime
Real Alternative 2.0.2 (Version: 2.0.2)
RealDownloader (Version: 1.1.0)
REALTEK Wireless LAN Driver and Utility (Version: 1.00.0179)
Scan (Version: 10.1.0.0)
Shop for HP Supplies (Version: 10.0)
SolutionCenter (Version: 100.0.175.000)
SoundTrax (Version: 4.0.18.0)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 100.0.175.000)
SUPERAntiSpyware (Version: 5.6.1014)
Toolbox (Version: 100.0.170.000)
Total Commander (Remove or Repair) (Version: 7.55a)
TrayApp (Version: 100.0.170.000)
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009 (Version: 3.0)
UnloadSupport (Version: 10.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
Verizon Download Manager (Version: 1.0.0)
Verizon Servicepoint 3.7.44 (Version: 3.7.44)
VideoToolkit01 (Version: 100.0.128.000)
ViewMate Laser Mouse
Viewpoint Media Player
Vz In Home Agent (Version: 7.06.10)
WebReg (Version: 100.0.170.000)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Wireless-G Notebook Adapter
XP Codec Pack
Xvid 1.1.3 final uninstall (Version: 1.1)

========================= Devices: ================================

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Trusted Platform Module 1.2
Description: Trusted Platform Module 1.2
Class Guid: {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}
Manufacturer: (Standard)
Service: TPM
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 70%
Total physical RAM: 1013.45 MB
Available physical RAM: 295.64 MB
Total Pagefile: 3027.77 MB
Available Pagefile: 1676.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:86.32 GB) (Free:12.73 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:6.83 GB) (Free:6.82 GB) FAT32
4 Drive f: () (Removable) (Total:0.94 GB) (Free:0.03 GB) FAT

========================= Users: ========================================

User accounts for \\-1

Administrator Djimbe Guest
Yvette


**** End of log ****

Norman Malware Cleaner v2.06.01
Copyright © 1990 - 2012, Norman ASA.

Windows running in safe mode.
Norman Scanner Engine Version: 7.00.12
nvcbin.def: Version: 7.00.1803, Date: 2012/11/08 01:20:42, Variants: 15294968
nvcmacro.def: Version: 0.00.00, Date: 1969/12/31 19:00:00, Variants: 0

Operating System: Windows Vista Service Pack 2

Switches: /iagree /cleanrootkit /nosb
Running without NSAK

Scan started: 2012/11/09 05:29:08

Running pre-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Scanning running processes and process memory...

Number of objects found: 817
Number of objects scanned: 817
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1m 12s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\Program Files\Common Files\aolback\Comps\coach\aolcinst.exe: File infected with winpe/Suspicious_Gen.GMGR
Delete file: C:\Program Files\Common Files\aolback\Comps\coach\aolcinst.exe
Cleaning successful
C:\ProgramData\Lavasoft\Ad-Aware\MiniMessage\3: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.67: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.7E: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.80: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.87: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.A0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.VE0: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.VE1: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.VE2: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-690F0423F5ACBA7DD0DCB43C5C4746F52A5A9297.bin.VF: Error opening file for read: 0x00000020
C:\Users\Administrator\ntuser.dat: Error opening file for read: 0x00000020
C:\Users\Administrator\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Administrator\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\Administrator\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\Yvette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GN6MQM7H\hardsextube[2].htm: File infected with xml:jslegacy/Pornpop.A
Delete file: C:\Users\Yvette\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GN6MQM7H\hardsextube[2].htm
Cleaning successful
C:\Users\Yvette\Desktop\Emergency Kit\ComboFix.exe: File infected with W32/FakeAV.W!genr
Delete file: C:\Users\Yvette\Desktop\Emergency Kit\ComboFix.exe
Cleaning successful
C:\Users\Yvette\Downloads\CoFix.exe: Archive infected
C:\Users\Yvette\Downloads\CoFix.exe/noname.rar/32788R22FWJFW\NirCmd.cfexe: File infected with winpe/Suspicious_Gen2.QOTXY
Delete archive object: C:\Users\Yvette\Downloads\CoFix.exe\noname.rar\32788R22FWJFW\NirCmd.cfexe
Cleaning successful
C:\Users\Yvette\Downloads\CoFix.exe/noname.rar/32788R22FWJFW\nircmd.com: File infected with winpe/Suspicious_Gen2.QOTXY
Delete archive object: C:\Users\Yvette\Downloads\CoFix.exe\noname.rar\32788R22FWJFW\nircmd.com
Cleaning successful
C:\Users\Yvette\Downloads\CoFix.exe/noname.rar/32788R22FWJFW\NirCmdC.cfexe: File infected with winpe/Suspicious_Gen4.MLUF
Delete archive object: C:\Users\Yvette\Downloads\CoFix.exe\noname.rar\32788R22FWJFW\NirCmdC.cfexe
Cleaning successful
C:\Users\Yvette\Downloads\RRT.zip: Archive infected
C:\Users\Yvette\Downloads\RRT.zip/RRT.exe: File infected with win32:winpe/VBTroj.AOSA
Delete archive object: C:\Users\Yvette\Downloads\RRT.zip\RRT.exe
Cleaning successful
C:\Users\Yvette\Downloads\RRT\RRT.exe: File infected with win32:winpe/VBTroj.AOSA
Delete file: C:\Users\Yvette\Downloads\RRT\RRT.exe
Cleaning successful
C:\Windows\NIRCMD.exe: File infected with winpe/App_Generic.APWEU
Delete file: C:\Windows\NIRCMD.exe
Cleaning successful
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\COMPONENTS.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\COMPONENTS: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl: Error opening file for read: 0x00000020
D:\Boot\BCD.LOG: Error opening file for read: 0x00000020
D:\Boot\BCD: Error opening file for read: 0x00000020

Number of files found: 159739
Number of archives unpacked: 3615
Number of objects found: 407256
Number of objects scanned: 407198
Number of objects not scanned: 58
Number of malicious objects found: 9
Number of malicious objects cleaned: 9
Number of malicious files found: 7
Number of malicious files cleaned: 6
Scanning time: 2h 5m 0s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 1s

Results:
Total number of files found: 159739
Total number of archives unpacked: 3615
Total number of objects found: 408073
Total number of objects scanned: 408015
Total number of objects not scanned: 58
Total number of malicious objects found: 9
Total number of malicious objects cleaned: 9
Total number of malicious files found: 7
Total number of malicious files cleaned: 6
Total number of objects quarantined: 5
Total scanning time: 2h 6m 13s

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:09 PM

Posted 10 November 2012 - 11:09 AM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results



Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/

Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe

#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:09 PM

Posted 10 November 2012 - 11:11 AM

Also the ad-ware cleaner log please.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users