Solved Another homepage change

mom26gr8kids · Nov 22, 2013

Results of screen317's Security Check version 0.99.77
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
avast! Antivirus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Secunia PSI (3.0.0.4001)
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 11.9.900.117
Mozilla Firefox 21.0 Firefox out of Date!
Google Chrome 31.0.1650.48
Google Chrome 31.0.1650.57
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

mom26gr8kids · Nov 22, 2013

Farbar Service Scanner Version: 10-11-2013
Ran by Dad (administrator) on 22-11-2013 at 12:35:06
Running from "C:\Users\Dad\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

Broni · Nov 22, 2013

Eset?

mom26gr8kids · Nov 22, 2013

Sorry TFC froze up and stopped working and then I had to field some phone calls and take some kids somewhere. Will be running the rest of the scans in a couple hours.

Broni · Nov 22, 2013

Try TFC from safe mode.

mom26gr8kids · Nov 24, 2013

TFC done and Eset found nothing

Broni · Nov 24, 2013

Your Avast is listed as outdated. Make sure it's up to date.

Update Firefox to the current 25.0.1 version.

Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

1. Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Do NOT post JavaRa log.

======================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:

:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

Double-click OTL.exe to start the program.
Close all other programs apart from OTL as this step will require a reboot
On the OTL main screen, press the CLEANUP button
Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.

mom26gr8kids · Nov 26, 2013

Started running some of the updates this morning but I received a notice from my Avast that a threat was found. I also have not been able to get my Avast updates to download. Am running SAS now and it says it found a trojan, which is bizarre because no one has been downloading anything on my computer this week. I assume we need to start the whole process over, so do you want me to open a new thread or just post the logs from the 4 steps here?

mom26gr8kids · Nov 26, 2013

We have been having trouble getting our printer to work, so it's possible that my husband may have tried to download some updates or something for the printer, can't get a hold of him now so no way to confirm that.

mom26gr8kids · Nov 26, 2013

Have to leave in a bit and don't want to leave the logs up on my computer. Inevitably I will say, 'don't touch the computer" and a couple kids won't hear me--plus there are a few who aren't here...anyway will post the logs here for now and can always re-post them if you want to open a new thread.

Mbam log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.26.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dad :: DAD-PC [administrator]

26/11/2013 2:47:12 PM
mbam-log-2013-11-26 (14-47-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 281846
Time elapsed: 13 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

mom26gr8kids · Nov 26, 2013

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16520 BrowserJavaVersion: 10.25.2
Run by Dad at 15:05:57 on 2013-11-26
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2814.841 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 15\minimavis.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Comodo\GeekBuddy\unit.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\ehome\ehRecvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig?brand=ACAW&bmod=ACUS
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: ShowBarObj Class: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Acer Empowering Technology Monitor] c:\program files\acer\empowering technology\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled
mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [tvncontrol] "c:\program files\common files\comodo\GeekBuddyRSP.exe" -controlservice -slave
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\dad\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\person~1.lnk - c:\program files\broderbund\mavis beacon teaches typing 15\minimavis.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{209691AC-D76C-4989-96DB-91FF190476EE} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{209691AC-D76C-4989-96DB-91FF190476EE} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - c:\program files\libronix dls\system\FileProt.dll
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - c:\program files\libronix dls\system\ResProt.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dad\appdata\roaming\mozilla\firefox\profiles\svjtkm5q.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL -
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\common files\oberon media\ncadapter\1.0.0.14\npapicomadapter.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\musicnotes\npmusicn.dll
FF - plugin: c:\program files\musicnotes\NPSibelius.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\dad\appdata\local\roblox\versions\version-fb3436d54f9e4598\NPRobloxProxy.dll
FF - plugin: c:\users\dad\appdata\locallow\sony online entertainment\npsoe.dll
FF - plugin: c:\users\dad\appdata\locallow\sony online entertainment\npsoeact.dll
FF - plugin: c:\users\dad\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\dad\appdata\roaming\mozilla\firefox\profiles\svjtkm5q.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll
FF - plugin: c:\users\dad\appdata\roaming\mozilla\firefox\profiles\svjtkm5q.default\extensions\support@ancestry.com\plugins\npImgCtl.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-08-31 08:55; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-4-5 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-4-5 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-15 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-15 369584]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2013-5-7 35064]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-12-19 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-12-19 42264]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\drivers\hmd.sys [2013-10-6 15400]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-9-4 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-4 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-10-18 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-7-15 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-7-15 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-15 46808]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2013-11-14 70352]
R2 ETService;Empowering Technology Service;c:\program files\acer\empowering technology\service\ETService.exe [2009-1-19 24576]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files\common files\comodo\GeekBuddyRSP.exe [2013-11-14 2327248]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-9-23 144632]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-11-7 40776]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2011-12-16 15544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 HOSTS Anti-PUPs;HOSTS Anti-PUPs;c:\program files\hosts_anti_adwares_pups\hosts_anti-adware.exe -update --> c:\program files\hosts_anti_adwares_pups\HOSTS_Anti-Adware.exe -update [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-8-21 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-8-21 8320]
S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2007-6-18 23680]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-9-23 50424]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-4 12872]
.
=============== Created Last 30 ================
.
2013-11-22 21:13:0874072----a-w-c:\windows\system32\XAPOFX1_5.dll
2013-11-22 21:13:08527192----a-w-c:\windows\system32\XAudio2_7.dll
2013-11-22 21:13:0674072----a-w-c:\windows\system32\XAPOFX1_4.dll
2013-11-22 21:13:06528216----a-w-c:\windows\system32\XAudio2_6.dll
2013-11-22 21:13:05238936----a-w-c:\windows\system32\xactengine3_6.dll
2013-11-22 21:13:0522360----a-w-c:\windows\system32\X3DAudio1_7.dll
2013-11-22 21:13:04515416----a-w-c:\windows\system32\XAudio2_5.dll
2013-11-22 21:13:04238936----a-w-c:\windows\system32\xactengine3_5.dll
2013-11-22 21:13:031974616----a-w-c:\windows\system32\D3DCompiler_42.dll
2013-11-22 21:13:015501792----a-w-c:\windows\system32\d3dcsx_42.dll
2013-11-22 21:13:00453456----a-w-c:\windows\system32\d3dx10_42.dll
2013-11-22 21:13:00235344----a-w-c:\windows\system32\d3dx11_42.dll
2013-11-22 21:11:542297552----a-w-c:\windows\system32\d3dx9_26.dll
2013-11-22 17:00:08--------d-----w-c:\program files\iPod
2013-11-22 17:00:04--------d-----w-c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-15 07:54:35--------d-----w-c:\program files\common files\COMODO
2013-11-13 23:30:08--------d-----w-c:\users\dad\appdata\roaming\.mono
2013-11-13 06:51:36297984----a-w-c:\windows\system32\gdi32.dll
2013-11-13 06:51:32993792----a-w-c:\windows\system32\crypt32.dll
2013-11-13 06:51:21444928----a-w-c:\windows\system32\IKEEXT.DLL
2013-11-13 06:51:20596480----a-w-c:\windows\system32\FWPUCLNT.DLL
2013-11-12 14:06:39--------d-----w-C:\_OTL
2013-11-09 20:00:36--------d-----w-C:\AdwCleaner
2013-11-08 21:35:13--------d-sh--w-C:\$RECYCLE.BIN
2013-11-08 21:05:1898816----a-w-c:\windows\sed.exe
2013-11-08 21:05:18256000----a-w-c:\windows\PEV.exe
2013-11-08 21:05:18208896----a-w-c:\windows\MBR.exe
2013-11-07 20:57:2640776----a-w-c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-07 20:50:1775992----a-w-c:\windows\system32\drivers\mbamchameleon.sys
2013-11-06 20:31:594879744----a-w-c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-11-06 20:31:59275568----a-w-c:\program files\mozilla firefox\firefox.exe
2013-11-06 20:31:572106216----a-w-c:\program files\mozilla firefox\D3DCompiler_43.dll
2013-11-06 20:31:57117360----a-w-c:\program files\mozilla firefox\crashreporter.exe
2013-11-06 20:31:554879744----a-w-c:\program files\mozilla firefox\browser\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-11-06 20:31:55272496----a-w-c:\program files\mozilla firefox\browser\components\browsercomps.dll
2013-11-06 20:31:5475376----a-w-c:\program files\mozilla firefox\breakpadinjector.dll
2013-11-06 20:31:5320080----a-w-c:\program files\mozilla firefox\AccessibleMarshal.dll
2013-10-28 23:13:56--------d-----w-c:\program files\dumps
2013-10-28 23:12:35--------d-----w-c:\program files\Steam
2013-10-28 23:11:25--------d-----w-c:\users\dad\appdata\local\AVG SafeGuard toolbar
2013-10-28 22:37:23--------d-----w-c:\program files\gravitysensation.com
.
==================== Find3M ====================
.
2013-10-13 09:48:061806848----a-w-c:\windows\system32\jscript9.dll
2013-10-13 09:35:521427968----a-w-c:\windows\system32\inetcpl.cpl
2013-10-13 09:35:381129472----a-w-c:\windows\system32\wininet.dll
2013-10-13 09:30:14142848----a-w-c:\windows\system32\ieUnatt.exe
2013-10-13 09:29:02420864----a-w-c:\windows\system32\vbscript.dll
2013-10-13 09:25:392382848----a-w-c:\windows\system32\mshtml.tlb
2013-10-09 15:59:1171048----a-w-c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 15:59:11692616----a-w-c:\windows\system32\FlashPlayerApp.exe
2013-10-07 05:17:3815400----a-w-c:\windows\system32\drivers\hmd.sys
2013-10-07 05:17:3815400----a-w-c:\windows\inf\hmd\hmd.sys
2013-09-05 09:35:0655504----a-w-c:\windows\system32\offreg.dll
2013-08-30 07:48:13177864----a-w-c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48:12770344----a-w-c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48:1249376----a-w-c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48:1166336----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47:4041664----a-w-c:\windows\avastSS.scr
2013-08-29 07:36:042050048----a-w-c:\windows\system32\win32k.sys
.
============= FINISH: 15:07:56.36 ===============

mom26gr8kids · Nov 26, 2013

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/10/2006 7:16:20 PM
System Uptime: 26/11/2013 1:55:24 PM (2 hours ago)
.
Motherboard: Acer | | WMCP78M
Processor: AMD Athlon(tm) 7450 Dual-Core Processor | Socket AM2 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 142 GiB total, 1.163 GiB free.
D: is FIXED (NTFS) - 142 GiB total, 141.814 GiB free.
H: is CDROM ()
I: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_05AC&PID_1263&MI_00\000A270020581F29&AAPL0
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_05AC&PID_1263&MI_00\000A270020581F29&AAPL0
Service: USBSTOR
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
2002 Games
7-Zip 9.20
Acer eDataSecurity Management
Acer Empowering Technology
Acer eRecovery Management
Acer Registration
Acrobat.com
Adobe Acrobat 4.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 12.0
Agere Systems PCI-SV92EX Soft Modem
Alice Greenfingers
Allmyapps
Amazon MP3 Downloader 1.0.12
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AV Input Selection
avast! Free Antivirus
Batch Update
Bible Data Type System Files
Big Fish Games: Game Manager
Bing Rewards Client Installer
Bonjour
Build In Time
Burger Shop
C:\Program Files\Acer GameZone\GameConsole
Cake Mania
Choice Guard
Common System Files
COMODO Internet Security
Cooking Dash
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Direct Show Ogg Vorbis Filter (remove only)
Doggie Dash
Dota 2
Double Play Jojo's Fashion Show 1 & 2
Double Play Jojo’s Fashion Show 1 & 2
Dream Day First Home
Dream Day Wedding
Dream Day Wedding Married in Manhattan
ESET Online Scanner v3
Family Tree Maker 2005
Foxit Reader
Foxtab
Free Realms Installer
Garfield's Typing Pal
GeekBuddy
Go-Go Gourmet
Go Go Gourmet Chef of the Year
Google Chrome
Google Desktop
Google Drive
Google Earth Plug-in
Google SketchUp 8
Google Update Helper
Graphical Query Editor
Hax264 Codec 2.1.0.8
Home Sweet Home
Hotel Dash Suite Success
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP FWUpdateEDO2
HP Officejet 6700 Basic Device Software
HP Officejet 6700 Help
HP Officejet 6700 Product Improvement Study
HP Photo Creations
HP Update
HPDiagnosticAlert
HPOJ6700FWUpdateAlert
I.R.I.S. OCR
ijji REACTOR
iTunes
Java 7 Update 25
Java Auto Updater
Jessicas Cupcake Cafe
Junk Mail filter update
Kitchen Brigade
Libronix Digital Library System
Libronix DLS Application
Libronix DLS Shortcuts
LibronixUpdate
Lizard Safeguard - PDF Viewer 2.6.25
LLS Resource Driver
Magic Match Adventures
Malwarebytes Anti-Malware version 1.75.0.1300
Math Missions Grades 3-5
Mavis Beacon Teaches Typing 15
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Minecraft version Beta 1.8
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
Musicnotes Software Suite 1.5.5
Mystery Solitaire - Secret Island
Norton Internet Security
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA Control Panel 311.06
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Graphics Driver 311.06
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
OEB Resource Driver
OGA Notifier 2.0.0048.0
Orchard
Passport to Perfume™
PDF Resource Driver
PDFCreator
Picasa 3
Plants vs. Zombies
PlayReady PC runtime
PunkBuster Services
Puzzle and Board XP Championship
QuickTime
Roblox
Roblox for Dad
ScanToWeb
Secunia PSI (3.0.0.4001)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Sentence Diagramming
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype Click to Call
Skype™ 6.6
Smilebox
Spybot - Search & Destroy
Steam
Sumotori Dreams
Sumotori Full Version
SUPERAntiSpyware Free Edition
swMSM
System Requirements Lab
Tapestry Year 1 MapAids
Timez Attack
Uninstall Dual Mode Camera
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Wedding Dash 2
Wedding Dash Ready Aim Love
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Worms Clan Wars
Yard Sale Junkie
Year 2 year-plan
Year 3 Curriculum
Year 3 Interface
Year 4 Curriculum
Year 4 Government
Year 4 Interface
Year 4 MapAids
.
==== Event Viewer Messages From Past Week ========
.
26/11/2013 2:02:22 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
26/11/2013 2:02:22 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
26/11/2013 1:58:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
26/11/2013 1:58:52 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HOSTS Anti-PUPs service to connect.
26/11/2013 1:58:52 PM, Error: Service Control Manager [7000] - The HOSTS Anti-PUPs service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
26/11/2013 1:51:08 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Modern Economics-P4.docx, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 141304. Number of bytes printed: 0. Total number of pages in the document: 4. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
25/11/2013 6:15:38 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Document1, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 5505024. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
25/11/2013 3:01:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070070: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.
25/11/2013 10:00:25 PM, Error: nvstor32 [5] - A parity error was detected on \Device\RaidPort0.
25/11/2013 1:04:11 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Microsoft Word - Modern Economics-P4.docx, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 172260. Number of bytes printed: 0. Total number of pages in the document: 4. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
25/11/2013 1:02:32 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document AuldLangSyne.pdf, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 51188128. Number of bytes printed: 0. Total number of pages in the document: 6. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
24/11/2013 9:09:59 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
24/11/2013 3:03:53 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070663: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.
23/11/2013 4:02:14 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Greeting Card register.xls, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 38256. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
23/11/2013 3:58:13 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Greeting Card register.xls, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 131072. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
23/11/2013 2:12:04 PM, Error: Service Control Manager [7031] - The GeekBuddyRSP Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
23/11/2013 2:12:02 PM, Error: Service Control Manager [7034] - The COMODO LPS Launcher service terminated unexpectedly. It has done this 1 time(s).
22/11/2013 4:26:48 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document FumFumFum.pdf, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 169817120. Number of bytes printed: 0. Total number of pages in the document: 6. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 4:24:08 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 28782988. Number of bytes printed: 0. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 4:23:33 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 42258352. Number of bytes printed: 0. Total number of pages in the document: 3. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 4:22:39 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 74448504. Number of bytes printed: 0. Total number of pages in the document: 6. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 4:22:25 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 52247512. Number of bytes printed: 0. Total number of pages in the document: 11. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 4:22:08 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 53003776. Number of bytes printed: 0. Total number of pages in the document: 11. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 3:51:50 PM, Error: Microsoft-Windows-PrintSpooler [6161] - The document Print, owned by Dad, failed to print on printer HP Officejet 6700. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 52822016. Number of bytes printed: 0. Total number of pages in the document: 11. Number of pages printed: 0. Client computer: \\DAD-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
22/11/2013 2:08:39 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
21/11/2013 10:12:48 AM, Error: EventLog [6008] - The previous system shutdown at 10:08:15 AM on 11/21/2013 was unexpected.
.
==== End Of File ===========================

mom26gr8kids · Nov 26, 2013

By the way I have noticed a file on my computer that I did not install and would like to remove when we get to a good point in the process. It is the HOSTS_Anti-Adware.exe file. Thanks

Broni · Nov 26, 2013

Where is HOSTS_Anti-Adware.exe file located?

Can you post SAS log?

Reinstall Avast and see if it'll update.
If so run full scan and let me know if it found anything.

mom26gr8kids · Nov 27, 2013

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/26/2013 at 01:50 PM

Application Version : 5.6.1042

Core Rules Database Version : 10869
Trace Rules Database Version: 8681

Scan type : Quick Scan
Total Scan Time : 00:07:26

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 896
Memory threats detected : 0
Registry items scanned : 37421
Registry threats detected : 1
File items scanned : 7186
File threats detected : 354

Trojan.Agent/Gen
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN#20131121

Adware.Tracking Cookie
a.intentmedia.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
tracking.unsene.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
webservices.medianewsgroup.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.ad.mlnadvertising.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\DAD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SVJTKM5Q.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.creafi-online-media.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
app.videostat.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
app.videostat.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyournonprofitjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourmanufacturingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourhospitalityjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourrealestatejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourpublicrelationsjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyouraccountingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyouraccountingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourmediajob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourparalegaljob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourhealthjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourcustomerservicejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourcustomerservicejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourretailjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbusinessjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbusinessjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourqualityassurancejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyouradvertisingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyouradvertisingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd.inpwrd.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
delivery.adseekmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyournonprofitjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyournonprofitjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyournonprofitjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourartjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourartjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourartjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourartjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourartjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmanufacturingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmanufacturingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmanufacturingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourcustomerservicejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourcustomerservicejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourcustomerservicejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbeveragejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbeveragejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbusinessdevelopmentjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findyourbusinessdevelopmentjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouradvertisingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouradvertisingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouradvertisingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhospitalityjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhospitalityjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhospitalityjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmediajob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmediajob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourmediajob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouraccountingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouraccountingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyouraccountingjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourrealestatejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourrealestatejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourrealestatejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessdevelopmentjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessdevelopmentjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbusinessdevelopmentjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourparalegaljob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourparalegaljob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourparalegaljob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourretailjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourretailjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourretailjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourarchitecturejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
partners.mediaextension.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhealthjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhealthjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourhealthjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlooxtracking.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.aimfar.solution.weborama.fr [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbeveragejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbeveragejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www2.findyourbeveragejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourpublicrelationsjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourpublicrelationsjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourpublicrelationsjob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nc.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nc.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nc.darchermedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourqualityassurancejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourqualityassurancejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.o.findyourqualityassurancejob.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
app.videostat.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videostat.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads1.solocpm.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads1.solocpm.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads1.solocpm.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.monk.sitescoutadserver.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyeviewads.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyeviewads.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyeviewads.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.synacor.112.2o7.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.synacorqwest.112.2o7.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
onclickads.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.server.cpmstar.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stats.adotube.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.oracle.112.2o7.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\DAD\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

mom26gr8kids · Nov 27, 2013

Here is the location of the file

C:\Program Files\Hosts_Anti_Adwares_PUPs

mom26gr8kids · Nov 27, 2013

Actually Avast also found a "virus" today, but upon further inspection it is ComboFix that it is saying is a virus. I moved the "virus" to the chest, should I move it back since it appears to be a false positive

Broni · Nov 27, 2013

Trojan.Agent/Gen
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN#20131121

I'm not even sure what it is. No other program detects it. I wouldn't worry too much about it.

C:\Program Files\Hosts_Anti_Adwares_PUPs
Most likely empty leftover folder.
You can delete it.

Complete all steps from my reply #32.
Step 2 will take care of Combofix as well.

Broni · Dec 1, 2013

Still with me?

mom26gr8kids · Dec 3, 2013

Sorry, sometimes I seem to think that I have replied to things when I haven't. Everything is fine now. I have completed all the steps and the computer is doing well. Thanks again for all your help.

Broni · Dec 3, 2013

Way to go!!
Good luck and stay safe

Solved Another homepage change

Posts: 574 +0

Posts: 574 +0

Posts: 56,041 +516

Posts: 574 +0

Posts: 56,041 +516

Posts: 574 +0

Posts: 56,041 +516

Posts: 574 +0

Posts: 574 +0

Posts: 574 +0

Posts: 574 +0

Posts: 574 +0

Posts: 574 +0

Posts: 56,041 +516

Posts: 574 +0

Posts: 574 +0

Posts: 574 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 574 +0

Posts: 56,041 +516

Similar threads