Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: redirect when clicking on google results  (Read 9657 times)

0 Members and 1 Guest are viewing this topic.

Kileykb

    Topic Starter


    Greenhorn

    • Experience: Beginner
    • OS: Unknown
    redirect when clicking on google results
    « on: July 28, 2012, 07:00:45 PM »
    I have a Dell XPS L502X with Windows 7 Professional 64 bit, INTEL core i7-2630, 6 GB memory. I use the free version of Avast for anti-virus software.

    I've been having a problem with searching google for a few weeks with Firefox. (I use Internet Explorer too but don't have a problem searching with google.) I get results for my google search using Firefox, but when I click on a link it redirects to a different website.

    Recently, the problem has got worse. My computer crashed two times yesterday. I was running an anti-virus scan at the time. Immediately preceding that Avast alerted me to potential threats several times. I think it said something about the svchost.exe. The computer restarted and loaded successfully.

    I did try a few things myself to try to fix the problem like the anti-virus scan, but it hasn't fixed the problem.

    I really would appreciate help and thank every one in advance.

    Below are the scan logs.


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/28/2012 at 08:43 PM

    Application Version : 5.5.1012

    Core Rules Database Version : 8975
    Trace Rules Database Version: 6787

    Scan type       : Complete Scan
    Total Scan Time : 03:21:08

    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Administrator

    Memory items scanned      : 689
    Memory threats detected   : 0
    Registry items scanned    : 70140
    Registry threats detected : 0
    File items scanned        : 371446
    File threats detected     : 878

    Adware.Tracking Cookie
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\SNNE22U1.txt [ /www.googleadservices.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\RUUVO5HZ.txt [ /ad.yieldmanager.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\5NOCCG7V.txt [ /adserver.adtechus.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\SY0FI84N.txt [ /ads.undertone.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\HRJ1TKCO.txt [ /realmedia.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\YHVJVPGT.txt [ /at.atwola.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\L2KXU9YO.txt [ /ad.360yield.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\GVUX03WB.txt [ /media6degrees.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\BY98EU6L.txt [ /amazon-adsystem.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\G20HN5IW.txt [ /www.burstnet.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\UXWSRYPG.txt [ /burstnet.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\LNFMOAX7.txt [ /invitemedia.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\VRZ3CNI7.txt [ /clickfuse.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\ZC9TFVPK.txt [ /a1.interclick.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\WJRQ4WXO.txt [ /adsplusadvertising.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\WPLR1XP7.txt [ /statcounter.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\F3CU3XAU.txt [ /www.googleadservices.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\8NZ905E6.txt [ /interclick.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\SRD3JGTY.txt [ /mm.chitika.net ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\KA021LPK.txt [ /chitika.net ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\DHNT55FQ.txt [ /msnbc.112.2o7.net ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\MDNIQP76.txt [ /picadmedia.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\RZFJEXEP.txt [ /ads.pubmatic.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\0LTHO0DI.txt [ /legolas-media.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\14O2D5XH.txt [ /lucidmedia.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\K1XDQSC8.txt [ /azjmp.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\M7M1JMJE.txt [ /dmtracker.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\O754JG75.txt [ /solvemedia.com ]
       C:\Users\Karen\AppData\Roaming\Microsoft\Windows\Cookies\6XF39VYA.txt [ /collective-media.net ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\UK2MTD0O.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\20SEADF6.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\05FFRUZY.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\42ZBY1MX.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\P9OVVBUH.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\IQQWTTBO.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\GTZMZXJ1.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\X9AQL0J6.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\YCT8U0MH.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\4NK9CAHS.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\SEVBXSA3.txt [ Cookie:[email protected]/pagead/conversion/1052245613/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\MXVX809U.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\9OWQCKG2.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\RCZB6V3K.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\O7TDMFQM.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\M5BYW0VP.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\23YPLOU3.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\SCSS921P.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\H7TAVR5X.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\X7JEPT92.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\3MG8B4WZ.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\83RTBOS8.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\OQJ3BZBA.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\DCX6NL14.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\WKQEQQX3.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\JQ2UDNIK.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\J6BOZJDP.txt [ Cookie:[email protected]/hc/37457093 ]
       C:\USERS\KAREN\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZGM8NA8A.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\SNNE22U1.txt [ Cookie:kar[email protected]/pagead/conversion/1064647855/ ]
       C:\USERS\KAREN\Cookies\RUUVO5HZ.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\5NOCCG7V.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\YHVJVPGT.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\GVUX03WB.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\BY98EU6L.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\G20HN5IW.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\UXWSRYPG.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\LNFMOAX7.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\VRZ3CNI7.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\ZC9TFVPK.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\WPLR1XP7.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\F3CU3XAU.txt [ Cookie:[email protected]/pagead/conversion/1040557120/ ]
       C:\USERS\KAREN\Cookies\8NZ905E6.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\SRD3JGTY.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\KA021LPK.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\DHNT55FQ.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\MDNIQP76.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\0LTHO0DI.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\14O2D5XH.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\M7M1JMJE.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\O754JG75.txt [ Cookie:[email protected]/ ]
       C:\USERS\KAREN\Cookies\6XF39VYA.txt [ Cookie:[email protected]/ ]
       cdn2.baronsmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3HBL5U9U ]
       core.saymedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3HBL5U9U ]
       ia.media-imdb.com [ C:\USERS\KAREN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3HBL5U9U ]
       s0.2mdn.net [ C:\USERS\KAREN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3HBL5U9U ]
       wdw1.wdpromedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\3HBL5U9U ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .atdmt.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .zedo.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adbrite.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .specificclick.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ads.pointroll.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .pointroll.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .invitemedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ad.yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediaplex.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .imrworldwide.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .imrworldwide.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .revsci.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adtech.de [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .histats.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .histats.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adserver.adtechus.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .velmedia.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .amazon-adsystem.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .amazon-adsystem.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .247realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .zedo.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .harrenmedianetwork.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .redorbit.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .redorbit.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .technoratimedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .technoratimedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .at.atwola.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       rotator.adjuggler.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .tlvmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .legolas-media.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ads.bridgetrack.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .questionmarket.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.doubleclick.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.doubleclick.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .liveperson.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediaforge.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       hhm.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adnetwork.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       hhm.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adserver.adtechus.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .googleads.g.doubleclick.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       d3.zedo.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       d3.zedo.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .advertising.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .legolas-media.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ad.yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       tracking.hostgator.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       rotator.adjuggler.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adxpose.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       stats.itsssl.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ad.yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .steelhousemedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       track.solocpm.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .findhe.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .findhe.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       7.rotator.wigetmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .msnbc.112.2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .*adult URL* [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .*adult URL* [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .linksynergy.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       track.solocpm.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ads.saymedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .saymedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .serving-sys.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .maximumfindings.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .maximumfindings.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .247realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .247realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .burstnet.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .linksynergy.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.media6degrees.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.velmedia.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ad.velmedia.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.visit-tracker.biz [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       trackstatsnow.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       clk.adgatemedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       stats.buildtraffic.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.track-visits.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .888media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .media.piggypink.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .network.realmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .everyscreenmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .media.adfrontiers.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       pappasgroup.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       pappasgroup.rotator.hadj7.adjuggler.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .atdmt.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       openx1.overadmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       7.rotator.wigetmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .tacoda.at.atwola.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .tacoda.at.atwola.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .tacoda.at.atwola.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .casalemedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .martiniadnetwork.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .martiniadnetwork.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .martiniadnetwork.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .wegmansfoods.112.2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .caloriecount.about.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .caloriecount.about.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .caloriecount.about.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .www.crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ads.redorbit.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .crackle.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ads.gamersmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ads.gamersmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ox-d.enveromedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .server.cpmstar.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .burstnet.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .burstnet.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .linksynergy.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .linksynergy.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .linksynergy.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       tracking.waterfrontmedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .thefind.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       media.gsimedia.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediaforge.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediaforge.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       tracking.hostgator.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .www.burstnet.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .doubleclick.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .burstnet.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mm.chitika.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .kontera.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .dmtracker.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .unrulymedia.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.tracklead.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediafire.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.mediafire.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.mediafire.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediafire.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .mediafire.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .adinterax.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .atwola.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       ad.yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .zedo.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .yieldmanager.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       link.mercent.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .liveperson.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       stat.onestat.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       stat.onestat.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .ru4.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .a1.interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.campusexplorer.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       www.campusexplorer.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .campusexplorer.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .campusexplorer.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .campusexplorer.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .a1.interclick.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .revenuemantra.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .rmserve.revenuemantra.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       maxmedia.educationworld.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       maxmedia.educationworld.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       maxmedia.educationworld.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       click.get-answers-fast.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .overture.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .overture.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .2o7.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .server.cpmstar.com [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .collective-media.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       cn.clickable.net [ C:\USERS\KAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W5WMBZ09.DEFAULT\COOKIES.SQLITE ]
       .insightexpressai.co

    SuperDave

    • Malware Removal Specialist


    • Genius
    • Thanked: 991
    • Certifications: List
    • Experience: Expert
    • OS: Windows 8
    Re: redirect when clicking on google results
    « Reply #1 on: July 29, 2012, 04:34:05 PM »
    Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
    *************************************************************************
    Please download Malwarebytes Anti-Malware from here.
    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the entire report in your next reply.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
    *************************************************
    Download DDS from HERE or HERE and save it to your desktop.

    Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

    * XP users Double click on dds to run it.
    * If your antivirus or firewall try to block DDS then please allow it to run.
    * When finished DDS will open two (2) logs.
    * Save both reports to your desktop.
    * The instructions here ask you to attach the Attach.txt.



    1) DDS.txt
    2) Attach.txt
    Instead of attaching, please copy/past both logs into your Thread

    Note: DDS will instruct you to post the Attach.txt log as an attachment.
    Please just post it as you would any other log by copying and pasting it into the reply.

    •Close the program window, and delete the program from your desktop.

    Please note: You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet.
    Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )
    ***************************************************
    Download Security Check by screen317 from one of the following links and save it to your desktop.

    Link 1
    Link 2

    * Double-click Security Check.bat
    * Follow the on-screen instructions inside of the black box.
    * A Notepad document should open automatically called checkup.txt
    * Post the contents of that document in your next reply.

    Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
    Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

    Kileykb

      Topic Starter


      Greenhorn

      • Experience: Beginner
      • OS: Unknown
      Re: redirect when clicking on google results
      « Reply #2 on: July 31, 2012, 05:52:41 AM »
      Malwarebytes Anti-Malware 1.62.0.1300
      www.malwarebytes.org

      Database version: v2012.07.31.01

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Karen :: KAREN-PC [administrator]

      7/30/2012 8:36:05 PM
      mbam-log-2012-07-30 (20-36-05).txt

      Scan type: Full scan (C:\|Q:\|)
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 604324
      Time elapsed: 2 hour(s), 11 minute(s), 52 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)






      .
      DDS (Ver_2011-08-26.01) - NTFSAMD64
      Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.5.0
      Run by Karen at 7:41:11 on 2012-07-31
      Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.6058.3991 [GMT -4:00]
      .
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\wininit.exe
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\nvvsvc.exe
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      C:\Windows\system32\WLANExt.exe
      C:\Windows\system32\conhost.exe
      C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
      C:\Windows\system32\nvvsvc.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
      C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
      C:\Program Files\Intel\WiFi\bin\EvtEng.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
      C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
      C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
      C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
      C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
      C:\Windows\System32\svchost.exe -k secsvcs
      C:\WINDOWS\System32\igfxtray.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
      C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
      C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
      C:\WINDOWS\System32\rundll32.exe
      C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
      C:\Users\Karen\Local Settings\Apps\F.lux\flux.exe
      C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
      C:\Users\Karen\Downloads\DimScreen.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
      C:\Windows\system32\conhost.exe
      C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
      C:\Program Files (x86)\CyberLink\Shared files\brs.exe
      C:\Program Files\AVAST Software\Avast\AvastUI.exe
      C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
      C:\Program Files (x86)\iTunes\iTunesHelper.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\taskeng.exe
      C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
      C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
      C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
      C:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
      C:\Windows\system32\vssvc.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Windows\system32\svchost.exe -k bthsvcs
      C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
      C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Windows Media Player\wmpnetwk.exe
      C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
      C:\Windows\System32\svchost.exe -k swprv
      C:\Windows\system32\DllHost.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      C:\Windows\system32\sppsvc.exe
      C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\system32\DllHost.exe
      C:\Windows\system32\DllHost.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\conhost.exe
      C:\Windows\SysWOW64\cscript.exe
      C:\Windows\system32\sdclt.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uInternet Settings,ProxyOverride = *.local
      BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
      BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      uRun: [F.lux] "C:\Users\Karen\Local Settings\Apps\F.lux\flux.exe" /noshow
      uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
      mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
      mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
      mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
      mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
      mRun: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
      mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      mRun: [Dell  DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
      mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIMSCR~1.LNK - C:\Users\Karen\Downloads\DimScreen.exe
      mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
      mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
      mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
      DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      TCP: DhcpNameServer = 192.168.1.1
      TCP: Interfaces\{71C0F61C-74BC-4632-AEB4-1F03D111FC6A} : DhcpNameServer = 192.168.1.1
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
      AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
      BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
      BHO-X64:     AcroIEHelperStub - No File
      BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
      BHO-X64:     Increase performance and video formats for your HTML5 <video> - No File
      BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
      BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
      BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
      mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
      mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
      mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
      mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
      mRun-x64: [BDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
      mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
      mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      mRun-x64: [Dell  DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
      mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe"
      mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
      mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
      mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
      mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      AppInit_DLLs-X64: C:\WINDOWS\SysWOW64\nvinit.dll
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5wmbz09.default\
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
      FF - prefs.js: keyword.URL - hxxp://www.google.com.my/search?q=
      FF - prefs.js: network.proxy.type - 0
      FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
      FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
      FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
      FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
      FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
      FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
      FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
      FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
      FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
      FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
      FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
      FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
      FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
      FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
      FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
      FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
      FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
      FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
      FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
      .
      ---- FIREFOX POLICIES ----
      FF - user.js: general.useragent.extra.brc -
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
      R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
      R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
      R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2012-7-26 23208]
      R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]
      R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
      R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
      R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
      R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
      R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
      R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
      R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-3-23 98208]
      R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
      R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
      R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-12 44808]
      R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
      R2 NOBU;Dell  DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-10-20 2823512]
      R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-3-22 1997416]
      R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
      R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-3-22 1692480]
      R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
      R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
      R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-3-22 2656280]
      R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
      R3 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
      R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
      R3 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
      R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
      R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
      R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
      R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
      R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
      R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
      R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
      R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
      R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
      R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
      R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
      R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
      R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
      R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
      R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
      R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
      S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/22 21:03:14;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
      S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-17 136176]
      S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-3-18 1153368]
      S3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2012-7-26 66320]
      S3 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-7-26 3069752]
      S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-20 250056]
      S3 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-4-15 913792]
      S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\system32\DRIVERS\lgandbus64.sys --> C:\Windows\system32\DRIVERS\lgandbus64.sys [?]
      S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\system32\DRIVERS\lganddiag64.sys --> C:\Windows\system32\DRIVERS\lganddiag64.sys [?]
      S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\system32\DRIVERS\lgandgps64.sys --> C:\Windows\system32\DRIVERS\lgandgps64.sys [?]
      S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\system32\DRIVERS\lgandmodem64.sys --> C:\Windows\system32\DRIVERS\lgandmodem64.sys [?]
      S3 androidusb;ADB Interface Driver;C:\Windows\system32\Drivers\lgandadb.sys --> C:\Windows\system32\Drivers\lgandadb.sys [?]
      S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
      S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-3-17 136176]
      S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
      S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
      S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-29 113120]
      S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
      S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
      S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
      S3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
      S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
      S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
      S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
      S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
      .
      =============== Created Last 30 ================
      .
      2012-07-30 23:30:45   69000   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F46DE5A-EE63-4C99-93C8-768B44CB9575}\offreg.dll
      2012-07-28 21:28:23   772592   ----a-w-   C:\Windows\SysWow64\npDeployJava1.dll
      2012-07-28 19:31:49   --------   d-----w-   C:\Program Files\WhoCrashed
      2012-07-28 02:34:13   --------   d-sh--w-   C:\$RECYCLE.BIN
      2012-07-28 02:19:26   98816   ----a-w-   C:\Windows\sed.exe
      2012-07-28 02:19:26   518144   ----a-w-   C:\Windows\SWREG.exe
      2012-07-28 02:19:26   256000   ----a-w-   C:\Windows\PEV.exe
      2012-07-28 02:19:26   208896   ----a-w-   C:\Windows\MBR.exe
      2012-07-28 02:12:33   --------   d-----w-   C:\TDSSKiller_Quarantine
      2012-07-27 21:58:00   9133488   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F46DE5A-EE63-4C99-93C8-768B44CB9575}\mpengine.dll
      2012-07-25 01:38:55   --------   d-----w-   C:\ProgramData\Kaspersky Lab
      2012-07-20 02:39:04   --------   d-----w-   C:\Program Files\Enigma Software Group
      2012-07-20 02:38:24   --------   d-----w-   C:\Windows\F896D02690164122B9BD957FF092FFE9.TMP
      2012-07-20 02:38:22   --------   d-----w-   C:\Program Files (x86)\Common Files\Wise Installation Wizard
      2012-07-20 02:20:03   --------   d-----w-   C:\Program Files (x86)\PC Tools
      2012-07-20 02:16:28   251528   ----a-w-   C:\Windows\System32\drivers\PCTSD64.sys
      2012-07-20 02:16:27   --------   d-----w-   C:\Program Files (x86)\Common Files\PC Tools
      2012-07-20 02:15:15   --------   d-----w-   C:\Users\Karen\AppData\Roaming\TestApp
      2012-07-20 02:15:15   --------   d-----w-   C:\ProgramData\PC Tools
      2012-07-20 02:07:49   388096   ----a-r-   C:\Users\Karen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
      2012-07-20 02:07:48   --------   d-----w-   C:\Program Files (x86)\Trend Micro
      2012-07-19 00:59:55   514560   ----a-w-   C:\Windows\SysWow64\qdvd.dll
      2012-07-19 00:59:55   366592   ----a-w-   C:\Windows\System32\qdvd.dll
      2012-07-12 21:59:58   19600   ----a-w-   C:\Windows\System32\drivers\aswKbd.sys
      2012-07-11 05:38:30   3148800   ----a-w-   C:\Windows\System32\win32k.sys
      2012-07-10 23:53:14   2004480   ----a-w-   C:\Windows\System32\msxml6.dll
      2012-07-10 23:53:13   1881600   ----a-w-   C:\Windows\System32\msxml3.dll
      2012-07-10 23:53:12   1390080   ----a-w-   C:\Windows\SysWow64\msxml6.dll
      2012-07-10 23:53:09   1236992   ----a-w-   C:\Windows\SysWow64\msxml3.dll
      2012-07-10 23:53:08   2048   ----a-w-   C:\Windows\SysWow64\msxml3r.dll
      2012-07-10 23:53:08   2048   ----a-w-   C:\Windows\System32\msxml3r.dll
      .
      ==================== Find3M  ====================
      .
      2012-07-28 21:27:40   687600   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
      2012-07-27 23:34:01   70344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-27 23:34:01   426184   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
      2012-07-03 17:46:44   24904   ----a-w-   C:\Windows\System32\drivers\mbam.sys
      2012-07-03 16:21:52   958400   ----a-w-   C:\Windows\System32\drivers\aswSnx.sys
      2012-07-03 16:21:52   71064   ----a-w-   C:\Windows\System32\drivers\aswMonFlt.sys
      2012-07-03 16:21:52   54072   ----a-w-   C:\Windows\System32\drivers\aswRdr2.sys
      2012-07-03 16:21:32   41224   ----a-w-   C:\Windows\avastSS.scr
      2012-06-27 03:40:53   0   ----a-w-   C:\Windows\SysWow64\shoD886.tmp
      2012-06-20 16:56:41   71104   ----a-w-   C:\Windows\CouponPrinter.ocx
      2012-06-06 06:02:54   1133568   ----a-w-   C:\Windows\System32\cdosys.dll
      2012-06-06 05:03:06   805376   ----a-w-   C:\Windows\SysWow64\cdosys.dll
      2012-06-02 22:15:31   2622464   ----a-w-   C:\Windows\System32\wucltux.dll
      2012-06-02 22:15:08   99840   ----a-w-   C:\Windows\System32\wudriver.dll
      2012-06-02 19:19:42   186752   ----a-w-   C:\Windows\System32\wuwebv.dll
      2012-06-02 19:15:12   36864   ----a-w-   C:\Windows\System32\wuapp.exe
      2012-06-02 12:12:17   2311680   ----a-w-   C:\Windows\System32\jscript9.dll
      2012-06-02 12:05:28   1392128   ----a-w-   C:\Windows\System32\wininet.dll
      2012-06-02 12:04:50   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
      2012-06-02 12:01:40   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
      2012-06-02 11:57:08   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
      2012-06-02 08:33:25   1800192   ----a-w-   C:\Windows\SysWow64\jscript9.dll
      2012-06-02 08:25:08   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
      2012-06-02 08:25:03   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
      2012-06-02 08:20:33   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
      2012-06-02 08:16:52   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
      2012-06-02 05:50:10   458704   ----a-w-   C:\Windows\System32\drivers\cng.sys
      2012-06-02 05:48:16   95600   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
      2012-06-02 05:48:16   151920   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
      2012-06-02 05:45:31   340992   ----a-w-   C:\Windows\System32\schannel.dll
      2012-06-02 05:44:21   307200   ----a-w-   C:\Windows\System32\ncrypt.dll
      2012-06-02 04:40:42   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
      2012-06-02 04:40:39   225280   ----a-w-   C:\Windows\SysWow64\schannel.dll
      2012-06-02 04:39:10   219136   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
      2012-06-02 04:34:09   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
      2012-05-31 16:25:12   279656   ------w-   C:\Windows\System32\MpSigStub.exe
      2012-05-24 14:47:56   24448   ----a-w-   C:\Windows\System32\RegistryDefragBootTime.exe
      2012-05-05 04:54:40   0   ------w-   C:\Windows\SysWow64\shoD233.tmp
      2012-05-04 11:06:22   5559664   ----a-w-   C:\Windows\System32\ntoskrnl.exe
      2012-05-04 10:03:53   3968368   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
      2012-05-04 10:03:50   3913072   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
      .
      ============= FINISH:  7:42:52.00 ===============



      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2011-08-26.01)
      .
      Microsoft Windows 7 Professional
      Boot Device: \Device\HarddiskVolume2
      Install Date: 3/17/2012 8:20:42 PM
      System Uptime: 7/31/2012 7:35:30 AM (0 hours ago)
      .
      Motherboard: Dell Inc.          |  |       
      Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz | CPU | 780/100mhz
      .
      ==== Disk Partitions =========================
      .
      C: is FIXED (NTFS) - 581 GiB total, 352.774 GiB free.
      D: is CDROM ()
      E: is CDROM ()
      .
      ==== Disabled Device Manager Items =============
      .
      Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
      Description: Integrated Webcam
      Device ID: USB\VID_0408&PID_2FB1&MI_00\7&36C23B80&0&0000
      Manufacturer: Quanta Computer Inc.
      Name: Integrated Webcam
      PNP Device ID: USB\VID_0408&PID_2FB1&MI_00\7&36C23B80&0&0000
      Service: usbvideo
      .
      ==== System Restore Points ===================
      .
      RP114: 7/27/2012 5:57:25 PM - Windows Update
      RP115: 7/28/2012 5:26:40 PM - Installed Java(TM) 7 Update 5
      RP117: 7/28/2012 5:38:37 PM - Installed JavaFX 2.1.1
      RP118: 7/29/2012 7:00:23 PM - Windows Backup
      .
      ==== Installed Programs ======================
      .
      7-Zip 9.20
      AccelerometerP11
      Adobe Flash Player 11 ActiveX
      Adobe Flash Player 11 Plugin
      Adobe Photoshop CS2
      Adobe Reader 9.5.1
      Advanced Audio FX Engine
      Advanced SystemCare 5
      Apple Application Support
      Apple Software Update
      avast! Free Antivirus
      calibre
      Consumer In-Home Service Agreement
      Coupon Printer for Windows
      CyberLink PowerDVD 9.6
      D3DX10
      Dell  DataSafe Online
      Dell DataSafe Local Backup
      Dell DataSafe Local Backup - Support Software
      Dell Getting Started Guide
      Dell MusicStage
      Dell PhotoStage
      Dell Stage
      Dell VideoStage
      Dell Webcam Central
      DivX Setup
      Emsisoft Anti-Malware
      F.lux
      Glary Utilities 2.44.0.1450
      Google Chrome
      Google Update Helper
      HiJackThis
      Intel(R) Control Center
      Intel(R) Management Engine Components
      Intel(R) Processor Graphics
      Intel(R) Wireless Display
      Internet Explorer
      Java Auto Updater
      Java(TM) 6 Update 31
      Java(TM) 7 Update 5
      Junk Mail filter update
      LG United Mobile Driver
      Malwarebytes Anti-Malware version 1.62.0.1300
      Media Player Codec Pack 4.2.0
      Mesh Runtime
      Messenger Companion
      Microsoft Office 2010
      Microsoft Office Click-to-Run 2010
      Microsoft Office Starter 2010 - English
      Microsoft Silverlight
      Microsoft SQL Server 2005 Compact Edition [ENU]
      Microsoft Visual C++ 2005 Redistributable
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      Mozilla Firefox 14.0.1 (x86 en-US)
      Mozilla Maintenance Service
      MSVCRT
      MSVCRT_amd64
      MSXML 4.0 SP2 (KB954430)
      MSXML 4.0 SP2 (KB973688)
      NVIDIA Stereoscopic 3D Driver
      PDFCreator
      PowerISO
      QuickTime
      Realtek High Definition Audio Driver
      Rosetta Stone Version 3
      Roxio Burn
      Safari
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
      Skype™ 4.2
      Spybot - Search & Destroy
      Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
      Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
      Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
      VC80CRTRedist - 8.0.50727.6195
      Windows Live Communications Platform
      Windows Live Essentials
      Windows Live Installer
      Windows Live Mail
      Windows Live Mesh
      Windows Live Mesh ActiveX Control for Remote Connections
      Windows Live Messenger
      Windows Live Messenger Companion Core
      Windows Live Movie Maker
      Windows Live Photo Common
      Windows Live Photo Gallery
      Windows Live PIMT Platform
      Windows Live SOXE
      Windows Live SOXE Definitions
      Windows Live UX Platform
      Windows Live UX Platform Language Pack
      Windows Live Writer
      Windows Live Writer Resources
      .
      ==== Event Viewer Messages From Past Week ========
      .
      7/31/2012 7:37:09 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
      7/31/2012 7:37:09 AM, Error: Service Control Manager [7000]  - The SBSD Security Center Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
      7/31/2012 7:36:42 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EvtEng service.
      7/30/2012 6:00:18 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Bluetooth Device Monitor service to connect.
      7/30/2012 6:00:18 PM, Error: Service Control Manager [7000]  - The Bluetooth Device Monitor service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
      7/30/2012 6:00:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service Bluetooth Device Monitor with arguments "" in order to run the server: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
      7/29/2012 9:15:22 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 87
      7/28/2012 8:51:21 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
      7/28/2012 8:49:51 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) PROSet/Wireless Event Log service to connect.
      7/28/2012 8:49:51 AM, Error: Service Control Manager [7000]  - The Intel(R) PROSet/Wireless Event Log service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
      7/27/2012 9:56:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030b07ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072712-23509-01.
      7/27/2012 7:55:26 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030c57ef, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 072712-31090-01.
      7/27/2012 7:18:15 PM, Error: Service Control Manager [7031]  - The avast! Antivirus service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
      7/27/2012 7:16:52 PM, Error: Service Control Manager [7031]  - The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
      7/27/2012 5:52:49 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
      7/27/2012 10:40:06 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
      7/27/2012 10:30:49 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
      7/27/2012 10:30:07 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
      7/27/2012 10:22:17 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Bluetooth Device Monitor service.
      7/27/2012 10:18:52 PM, Error: Service Control Manager [7034]  - The Bluetooth OBEX Service service terminated unexpectedly.  It has done this 1 time(s).
      7/27/2012 10:18:52 PM, Error: Service Control Manager [7034]  - The Bluetooth Media Service service terminated unexpectedly.  It has done this 1 time(s).
      7/26/2012 9:53:11 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 258
      .
      ==== End Of File ===========================





       Results of screen317's Security Check version 0.99.43 
       Windows 7 Service Pack 1 x64 (UAC is enabled) 
       Internet Explorer 9 
      ``````````````Antivirus/Firewall Check:``````````````[/u]
       Windows Firewall Enabled! 
      avast! Antivirus   
       Antivirus up to date!   
      `````````Anti-malware/Other Utilities Check:`````````[/u]
       Spybot - Search & Destroy
       Malwarebytes Anti-Malware version 1.62.0.1300 
       Java(TM) 6 Update 31 
       Java(TM) 7 Update 5 
       Adobe Reader 9 Adobe Reader out of Date!
       Mozilla Firefox (14.0.1)
       Google Chrome 20.0.1132.47 
       Google Chrome 20.0.1132.57 
       Google Chrome plugins... 
      ````````Process Check: objlist.exe by Laurent````````[/u] 
       AVAST Software Avast AvastSvc.exe 
       AVAST Software Avast AvastUI.exe 
      `````````````````System Health check`````````````````[/u]
       Total Fragmentation on Drive C: 3%
      ````````````````````End of Log``````````````````````[/u]


      SuperDave

      • Malware Removal Specialist


      • Genius
      • Thanked: 991
      • Certifications: List
      • Experience: Expert
      • OS: Windows 8
      Re: redirect when clicking on google results
      « Reply #3 on: July 31, 2012, 06:21:25 PM »
      Please download aswMBR.exe ( 511KB ) to your desktop.

      Double click the aswMBR.exe to run it



      Click the "Scan" button to start scan

      Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



      On completion of the scan click save log, save it to your desktop and post in your next reply
      *********************************************************
      Download Combofix from any of the links below, and save it to your DESKTOP

      Link 1
      Link 2
      Link 3

      To prevent your anti-virus application interfering with  ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
      • Close any open windows and double click ComboFix.exe to run it.

        You will see the following image:


      Click I Agree to start the program.

      ComboFix will then extract the necessary files and you will see this:



      As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to  have this pre-installed on your machine before doing any malware  removal. This will not occur in Windows Vista and 7

      It will allow you to boot up into a special recovery/repair  mode that will allow us to more easily help you should your computer  have a problem after an attempted removal of malware.

      If you did not have it installed, you will see the prompt below. Choose YES.



      Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

      Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



      Click on Yes, to continue scanning for malware.

      When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

      Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

      Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
      Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

      Kileykb

        Topic Starter


        Greenhorn

        • Experience: Beginner
        • OS: Unknown
        Re: redirect when clicking on google results
        « Reply #4 on: August 01, 2012, 05:48:57 AM »
        I had trouble running aswMBR initially. It finally finished when I ran it in safe mode.

        aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
        Run date: 2012-07-31 22:44:18
        -----------------------------
        22:44:18.287    OS Version: Windows x64 6.1.7601 Service Pack 1
        22:44:18.287    Number of processors: 8 586 0x2A07
        22:44:18.302    ComputerName: KAREN-PC  UserName: Karen
        22:44:19.800    Initialize success
        22:44:21.110    AVAST engine defs: 12073102
        22:44:24.886    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
        22:44:24.901    Disk 0 Vendor: TOSHIBA_ MC00 Size: 610480MB BusType: 3
        22:44:24.901    Disk 0 MBR read successfully
        22:44:24.917    Disk 0 MBR scan
        22:44:25.276    Disk 0 Windows VISTA default MBR code
        22:44:25.307    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      101 MB offset 63
        22:44:25.650    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 208845
        22:44:25.962    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       595377 MB offset 30928845
        22:44:26.212    Disk 0 scanning C:\Windows\system32\drivers
        22:44:40.033    Service scanning
        22:45:03.184    Modules scanning
        22:45:03.184    Disk 0 trace - called modules:
        22:45:03.215    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
        22:45:03.215    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006dad790]
        22:45:03.215    3 CLASSPNP.SYS[fffff88001b9843f] -> nt!IofCallDriver -> [0xfffffa8006cbf930]
        22:45:03.215    5 stdcfltn.sys[fffff88001addc52] -> nt!IofCallDriver -> [0xfffffa800554f6b0]
        22:45:03.230    7 ACPI.sys[fffff88000ee07a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f10050]
        22:45:04.400    AVAST engine scan C:\Windows
        22:45:07.536    AVAST engine scan C:\Windows\system32
        22:47:15.753    AVAST engine scan C:\Windows\system32\drivers
        22:47:36.376    AVAST engine scan C:\Users\Karen
        23:05:58.097    AVAST engine scan C:\ProgramData
        00:36:37.795    Scan finished successfully
        07:16:33.242    Disk 0 MBR has been saved successfully to "C:\Users\Karen\Desktop\MBR.dat"
        07:16:33.242    The log file has been saved successfully to "C:\Users\Karen\Desktop\aswMBR.txt"



        ComboFix 12-07-30.03 - Karen 08/01/2012   7:25.3.8 - x64
        Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.6058.3951 [GMT -4:00]
        Running from: c:\users\Karen\Desktop\ComboFix.exe
        AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
        SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
        .
        .
        (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        c:\program files (x86)\Adobe\Photoshop.exe
        c:\program files (x86)\Adobe\SHFOLDER.dll
        .
        .
        (((((((((((((((((((((((((   Files Created from 2012-07-01 to 2012-08-01  )))))))))))))))))))))))))))))))
        .
        .
        2012-08-01 11:37 . 2012-08-01 11:37   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
        2012-08-01 11:37 . 2012-08-01 11:37   --------   d-----w-   c:\users\Default\AppData\Local\temp
        2012-07-31 23:34 . 2012-06-29 10:04   9133488   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{C7948416-F1EC-422E-B47D-53E00D75296D}\mpengine.dll
        2012-07-28 21:28 . 2012-07-28 21:27   772592   ----a-w-   c:\windows\SysWow64\npDeployJava1.dll
        2012-07-28 19:31 . 2012-07-28 19:32   --------   d-----w-   c:\program files\WhoCrashed
        2012-07-28 02:12 . 2012-07-28 02:12   --------   d-----w-   C:\TDSSKiller_Quarantine
        2012-07-25 01:38 . 2012-07-25 01:38   --------   d-----w-   c:\programdata\Kaspersky Lab
        2012-07-20 02:39 . 2012-07-20 02:39   --------   d-----w-   c:\program files\Enigma Software Group
        2012-07-20 02:38 . 2012-07-20 03:08   --------   d-----w-   c:\windows\F896D02690164122B9BD957FF092FFE9.TMP
        2012-07-20 02:38 . 2012-07-20 02:38   --------   d-----w-   c:\program files (x86)\Common Files\Wise Installation Wizard
        2012-07-20 02:20 . 2012-07-20 02:20   --------   d-----w-   c:\program files (x86)\PC Tools
        2012-07-20 02:16 . 2012-05-11 15:14   251528   ----a-w-   c:\windows\system32\drivers\PCTSD64.sys
        2012-07-20 02:16 . 2012-07-20 22:29   --------   d-----w-   c:\program files (x86)\Common Files\PC Tools
        2012-07-20 02:15 . 2012-07-20 02:48   --------   d-----w-   c:\programdata\PC Tools
        2012-07-20 02:15 . 2012-07-20 02:15   --------   d-----w-   c:\users\Karen\AppData\Roaming\TestApp
        2012-07-20 02:07 . 2012-07-20 02:07   388096   ----a-r-   c:\users\Karen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
        2012-07-20 02:07 . 2012-07-20 02:07   --------   d-----w-   c:\program files (x86)\Trend Micro
        2012-07-19 00:59 . 2012-07-19 00:59   514560   ----a-w-   c:\windows\SysWow64\qdvd.dll
        2012-07-19 00:59 . 2012-07-19 00:59   366592   ----a-w-   c:\windows\system32\qdvd.dll
        2012-07-12 21:59 . 2012-07-03 16:21   19600   ----a-w-   c:\windows\system32\drivers\aswKbd.sys
        2012-07-11 05:38 . 2012-06-12 03:08   3148800   ----a-w-   c:\windows\system32\win32k.sys
        2012-07-11 05:35 . 2012-06-02 12:12   2311680   ----a-w-   c:\windows\system32\jscript9.dll
        2012-07-10 23:53 . 2012-06-06 06:06   2004480   ----a-w-   c:\windows\system32\msxml6.dll
        2012-07-10 23:53 . 2012-06-06 06:06   1881600   ----a-w-   c:\windows\system32\msxml3.dll
        2012-07-10 23:53 . 2012-06-06 05:05   1390080   ----a-w-   c:\windows\SysWow64\msxml6.dll
        2012-07-10 23:53 . 2012-06-06 05:05   1236992   ----a-w-   c:\windows\SysWow64\msxml3.dll
        2012-07-10 23:53 . 2010-06-26 03:55   2048   ----a-w-   c:\windows\system32\msxml3r.dll
        2012-07-10 23:53 . 2010-06-26 03:24   2048   ----a-w-   c:\windows\SysWow64\msxml3r.dll
        .
        .
        .
        ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2012-07-28 21:27 . 2011-03-23 01:31   687600   ----a-w-   c:\windows\SysWow64\deployJava1.dll
        2012-07-27 23:34 . 2012-03-21 00:49   70344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
        2012-07-27 23:34 . 2012-03-21 00:49   426184   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
        2012-07-11 05:36 . 2012-03-18 21:20   59701280   ----a-w-   c:\windows\system32\MRT.exe
        2012-07-03 17:46 . 2012-03-18 20:57   24904   ----a-w-   c:\windows\system32\drivers\mbam.sys
        2012-07-03 16:21 . 2012-03-18 02:56   54072   ----a-w-   c:\windows\system32\drivers\aswRdr2.sys
        2012-07-03 16:21 . 2012-03-18 02:56   355856   ----a-w-   c:\windows\system32\drivers\aswSP.sys
        2012-07-03 16:21 . 2012-03-18 02:56   958400   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
        2012-07-03 16:21 . 2012-03-18 02:56   59728   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
        2012-07-03 16:21 . 2012-03-18 02:56   71064   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
        2012-07-03 16:21 . 2012-03-18 02:56   25232   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
        2012-07-03 16:21 . 2012-03-18 02:55   41224   ----a-w-   c:\windows\avastSS.scr
        2012-07-03 16:21 . 2012-03-18 02:55   227648   ----a-w-   c:\windows\SysWow64\aswBoot.exe
        2012-07-03 16:21 . 2012-03-18 02:56   285328   ----a-w-   c:\windows\system32\aswBoot.exe
        2012-06-27 03:40 . 2012-06-27 03:40   0   ----a-w-   c:\windows\SysWow64\shoD886.tmp
        2012-06-20 16:56 . 2012-01-30 04:25   71104   ----a-w-   c:\windows\CouponPrinter.ocx
        2012-06-02 22:19 . 2012-06-21 22:23   38424   ----a-w-   c:\windows\system32\wups.dll
        2012-06-02 22:19 . 2012-06-21 22:23   2428952   ----a-w-   c:\windows\system32\wuaueng.dll
        2012-06-02 22:19 . 2012-06-21 22:23   44056   ----a-w-   c:\windows\system32\wups2.dll
        2012-06-02 22:19 . 2012-06-21 22:23   57880   ----a-w-   c:\windows\system32\wuauclt.exe
        2012-06-02 22:19 . 2012-06-21 22:23   701976   ----a-w-   c:\windows\system32\wuapi.dll
        2012-06-02 22:15 . 2012-06-21 22:23   2622464   ----a-w-   c:\windows\system32\wucltux.dll
        2012-06-02 22:15 . 2012-06-21 22:23   99840   ----a-w-   c:\windows\system32\wudriver.dll
        2012-06-02 19:19 . 2012-06-21 22:23   186752   ----a-w-   c:\windows\system32\wuwebv.dll
        2012-06-02 19:15 . 2012-06-21 22:23   36864   ----a-w-   c:\windows\system32\wuapp.exe
        2012-05-31 16:25 . 2012-03-18 03:11   279656   ------w-   c:\windows\system32\MpSigStub.exe
        2012-05-24 14:47 . 2012-04-16 18:50   24448   ----a-w-   c:\windows\system32\RegistryDefragBootTime.exe2012-05-05 04:54 . 2012-05-05 04:54   0   ------w-   c:\windows\SysWow64\shoD233.tmp
        2012-05-04 11:06 . 2012-06-12 22:53   5559664   ----a-w-   c:\windows\system32\ntoskrnl.exe
        2012-05-04 10:03 . 2012-06-12 22:53   3968368   ----a-w-   c:\windows\SysWow64\ntkrnlpa.exe
        2012-05-04 10:03 . 2012-06-12 22:53   3913072   ----a-w-   c:\windows\SysWow64\ntoskrnl.exe
        .
        .
        (((((((((((((((((((((((((((((   [email protected]_02.30.50   )))))))))))))))))))))))))))))))))))))))))
        .
        + 2012-08-01 02:42 . 2012-08-01 02:42   13318              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
        - 2012-07-28 02:13 . 2012-07-28 02:13   13318              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
        + 2011-03-23 01:35 . 2012-08-01 11:20   55652              c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
        + 2009-07-14 05:10 . 2012-08-01 11:20   32920              c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
        + 2012-03-18 01:26 . 2012-08-01 11:20   10580              c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1483343337-1257858336-3325897754-1002_UserData.bin
        - 2012-03-18 12:33 . 2012-03-18 12:33   65536              c:\windows\Installer\{236BB7C4-4419-42FD-0409-1E257A25E34D}\NewShortcut1_236BB7C4441942FD04091E257A25E34D.exe
        + 2012-03-18 12:33 . 2012-07-29 21:58   65536              c:\windows\Installer\{236BB7C4-4419-42FD-0409-1E257A25E34D}\NewShortcut1_236BB7C4441942FD04091E257A25E34D.exe
        - 2012-03-18 05:38 . 2012-07-27 04:29   3652              c:\windows\system32\wdi\ERCQueuedResolutions.dat
        + 2012-03-18 05:38 . 2012-07-31 04:14   3652              c:\windows\system32\wdi\ERCQueuedResolutions.dat
        + 2012-08-01 11:17 . 2012-08-01 11:17   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
        - 2012-07-28 02:13 . 2012-07-28 02:13   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
        + 2012-08-01 11:17 . 2012-08-01 11:17   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
        - 2012-07-28 02:13 . 2012-07-28 02:13   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
        + 2012-07-28 21:28 . 2012-07-28 21:27   227824              c:\windows\SysWOW64\javaws.exe
        + 2012-07-28 21:28 . 2012-07-28 21:27   174064              c:\windows\SysWOW64\javaw.exe
        + 2012-07-28 21:28 . 2012-07-28 21:27   174064              c:\windows\SysWOW64\java.exe
        - 2009-07-14 04:54 . 2012-07-28 02:16   114688              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
        + 2009-07-14 04:54 . 2012-08-01 11:33   114688              c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
        + 2012-03-18 03:43 . 2012-07-30 23:58   298674              c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
        + 2009-07-14 04:45 . 2012-07-30 21:58   266848              c:\windows\system32\FNTCACHE.DAT
        - 2009-07-14 04:45 . 2012-07-12 00:21   266848              c:\windows\system32\FNTCACHE.DAT
        - 2009-07-14 05:01 . 2012-07-28 02:13   228720              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
        + 2009-07-14 05:01 . 2012-08-01 02:42   228720              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
        - 2009-07-14 04:54 . 2012-07-28 02:16   2998272              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
        + 2009-07-14 04:54 . 2012-08-01 11:33   2998272              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
        - 2009-07-14 04:54 . 2012-07-28 02:16   4030464              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
        + 2009-07-14 04:54 . 2012-08-01 11:33   4030464              c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
        - 2012-03-21 03:54 . 2012-07-27 04:29   1221018              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1483343337-1257858336-3325897754-1002-12288.dat
        + 2012-03-21 03:54 . 2012-07-29 01:03   1221018              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1483343337-1257858336-3325897754-1002-12288.dat
        + 2012-03-18 02:44 . 2012-08-01 02:42   45856612              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1483343337-1257858336-3325897754-1002-8192.dat
        + 2012-07-28 21:26 . 2012-07-28 21:26   17379840              c:\windows\Installer\1dae53f.msi
        .
        (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        *Note* empty entries & legit default entries are not shown
        REGEDIT4
        .
        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
        "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
        "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-10-20 1118040]
        "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
        "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
        "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048]
        "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
        "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
        "Dell  DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-10-20 1118040]
        "Desktop Disc Tool"="c:\program files (x86)\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-02 522736]
        "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
        "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
        "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
        "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
        .
        c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
        DimScreen - Shortcut.lnk - c:\users\Karen\Downloads\DimScreen.exe [2012-3-17 431399]
        .
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
        "ConsentPromptBehaviorAdmin"= 5 (0x5)
        "ConsentPromptBehaviorUser"= 3 (0x3)
        "EnableUIADesktopToggle"= 0 (0x0)
        .
        [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
        "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
        .
        [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
        Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
        .
        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
        @=""
        .
        [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
        @=""
        .
        R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/03/22 21:03;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
        R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
        R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-18 136176]
        R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-04-30 66320]
        R3 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-06-17 3069752]
        R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
        R3 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
        R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]
        R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]
        R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]
        R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]
        R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]
        R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
        R3 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
        R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
        R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys

        R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-18 136176]
        R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
        R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168]
        R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
        R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
        R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [2010-12-12 121960]
        R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
        R3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
        R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
        R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
        R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
        R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-18 1255736]
        R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
        S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-11-30 25576]
        S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
        S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
        S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]
        S1 aswKbd;aswKbd;

        S1 aswSnx;aswSnx;

        S1 aswSP;aswSP;

        S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
        S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
        S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
        S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
        S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
        S2 aswFsBlk;aswFsBlk;

        S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
        S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
        S2 NOBU;Dell  DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE

        S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-30 1997416]
        S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
        S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
        S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
        S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
        S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
        S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
        S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
        S3 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
        S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128]
        S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
        S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
        S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
        S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
        S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-22 8505856]
        S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
        S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
        S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
        S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
        S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
        S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
        S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
        S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
        S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
        S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
        S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
        .
        .
        --- Other Services/Drivers In Memory ---
        .
        *Deregistered* - CLKMDRV10_9EC60124
        .
        Contents of the 'Scheduled Tasks' folder
        .
        2012-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
        - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-21 23:34]
        .
        2012-08-01 c:\windows\Tasks\GlaryInitialize.job
        - c:\program files (x86)\Glary Utilities\initialize.exe [2012-04-16 01:06]
        .
        2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-18 02:56]
        .
        2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
        - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-18 02:56]
        .
        .
        --------- X64 Entries -----------
        .
        .
        [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
        @="{472083B0-C522-11CF-8763-00608CC02F24}"
        [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
        2012-07-03 16:21   133400   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
        "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384]
        "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-11 2186856]
        "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-11-29 312936]
        "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-19 167960]
        "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-19 391704]
        "Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-19 417304]
        "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
        "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
        "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
        "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
        "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-01-25 1802472]
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
        "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
        .
        ------- Supplementary Scan -------
        .
        uLocal Page = c:\windows\system32\blank.htm
        mLocal Page = c:\windows\SysWOW64\blank.htm
        uInternet Settings,ProxyOverride = *.local
        TCP: DhcpNameServer = 192.168.1.1
        FF - ProfilePath - c:\users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5wmbz09.default\
        FF - prefs.js: browser.search.selectedEngine - Google
        FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
        FF - prefs.js: keyword.URL - hxxp://www.google.com.my/search?q=
        FF - prefs.js: network.proxy.type - 0
        FF - user.js: general.useragent.extra.brc -
        .
        - - - - ORPHANS REMOVED - - - -
        .
        Toolbar-Locked - (no file)
        .
        .
        .
        --------------------- LOCKED REGISTRY KEYS ---------------------
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
        @Denied: (A 2) (Everyone)
        @="FlashBroker"
        "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
        "Enabled"=dword:00000001
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
        @Denied: (A 2) (Everyone)
        @="Shockwave Flash Object"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
        "ThreadingModel"="Apartment"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
        @="0"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
        @="ShockwaveFlash.ShockwaveFlash.11"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
        @="1.0"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
        @="ShockwaveFlash.ShockwaveFlash"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
        @Denied: (A 2) (Everyone)
        @="Macromedia Flash Factory Object"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx"
        "ThreadingModel"="Apartment"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
        @="FlashFactory.FlashFactory.1"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
        @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
        @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
        @="1.0"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
        @="FlashFactory.FlashFactory"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
        @Denied: (A 2) (Everyone)
        @="IFlashBroker4"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
        @="{00020424-0000-0000-C000-000000000046}"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
        @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
        "Version"="1.0"
        .
        [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
        "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
           00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
        .
        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
        @Denied: (A) (Users)
        @Denied: (A) (Everyone)
        @Allowed: (B 1 2 3 4 5) (S-1-5-20)
        "BlindDial"=dword:00000000
        .
        [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
        @Denied: (Full) (Everyone)
        .
        Completion time: 2012-08-01  07:43:00
        ComboFix-quarantined-files.txt  2012-08-01 11:42
        ComboFix2.txt  2012-07-28 02:32
        .
        Pre-Run: 404,144,214,016 bytes free
        Post-Run: 404,556,099,584 bytes free
        .
        - - End Of File - - C0F249C12B57EC4B29C8C38FB1D63CAB




        SuperDave

        • Malware Removal Specialist


        • Genius
        • Thanked: 991
        • Certifications: List
        • Experience: Expert
        • OS: Windows 8
        Re: redirect when clicking on google results
        « Reply #5 on: August 01, 2012, 04:14:13 PM »
        Update your Adobe Reader. get.adobe.com/reader.

        Be sure to uncheck the Free McAfee Security Scan so it isn't installed.

        **********************************************************
        Please download Rooter and Save it to your desktop.
        • Double click it to start the tool.Vista and Windows7 run as administrator.
        • Click Scan.
        • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.
        Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

        Kileykb

          Topic Starter


          Greenhorn

          • Experience: Beginner
          • OS: Unknown
          Re: redirect when clicking on google results
          « Reply #6 on: August 01, 2012, 05:57:52 PM »
          I updated Adobe Reader to version 10.1.3

          Rooter.exe (v1.0.2) by Eric_71
          .
          SeDebugPrivilege granted successfully ...
          .
          Windows 7 . (6.1.7601) Service Pack 1
          [32_bits] - Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
          .
          [wscsvc] (Security Center) RUNNING (state:4)
          [MpsSvc] RUNNING (state:4)
          Windows Firewall -> Enabled
          Windows Defender -> Enabled
          User Account Control (UAC) -> Enabled
          .
          Internet Explorer 9.0.8112.16421
          Mozilla Firefox 14.0.1 (en-US)
          .
          C:\  [Fixed-NTFS] .. ( Total:581 Go - Free:376 Go )
          D:\  [CD_Rom]
          E:\  [CD_Rom]
          Q:\  [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
          .
          Scan : 19:55.59
          Path : C:\Users\Karen\Desktop\Rooter.exe
          User : Karen ( Administrator -> YES )
          .
          ----------------------\\ Processes
          .
          Locked [System Process] (0)
          Locked System (4)
          ______ ???/?????? (512)
          ______ ???/?????? (648)
          ______ ???/?????? (760)
          ______ ???/?????? (788)
          ______ ???/?????? (820)
          ______ ???/?????? (840)
          ______ ???/?????? (848)
          ______ ???/?????? (948)
          ______ ???/?????? (140)
          ______ ???/?????? (660)
          ______ ???/?????? (896)
          ______ ???/?????? (1044)
          ______ ???/?????? (1084)
          ______ ???/?????? (1132)
          ______ ???/?????? (1228)
          ______ ???/?????? (1368)
          ______ C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1464)
          ______ ???/?????? (1472)
          ______ ???/?????? (1500)
          ______ ???/?????? (1684)
          ______ ???/?????? (1712)
          ______ ???/?????? (1440)
          ______ ???/?????? (1560)
          ______ ???/?????? (2056)
          ______ ???/?????? (2076)
          ______ ???/?????? (2128)
          ______ ???/?????? (2216)
          ______ ???/?????? (2440)
          ______ C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (2552)
          ______ ???/?????? (2704)
          ______ C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (3064)
          ______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (1076)
          ______ C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (3052)
          ______ ???/?????? (3152)
          ______ ???/?????? (3184)
          ______ C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (3332)
          ______ ???/?????? (3640)
          ______ C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (3752)
          ______ ???/?????? (3780)
          ______ ???/?????? (3836)
          ______ C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3320)
          ______ ???/?????? (2632)
          ______ ???/?????? (2104)
          ______ ???/?????? (4296)
          ______ ???/?????? (4536)
          ______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (4392)
          ______ ???/?????? (3076)
          ______ C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (532)
          ______ ???/?????? (4156)
          ______ ???/?????? (4260)
          ______ ???/?????? (3224)
          ______ ???/?????? (4480)
          ______ ???/?????? (2116)
          ______ ???/?????? (2476)
          ______ ???/?????? (5000)
          ______ C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe (2560)
          ______ ???/?????? (3908)
          ______ ???/?????? (5104)
          ______ C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (2260)
          ______ ???/?????? (3800)
          ______ C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (3324)
          ______ C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (3808)
          ______ C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (3160)
          ______ C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE (4692)
          ______ C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (3168)
          ______ C:\Users\Karen\Local Settings\Apps\F.lux\flux.exe (1832)
          ______ ???/?????? (5060)
          ______ C:\Users\Karen\Downloads\DimScreen.exe (4960)
          ______ C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (2160)
          ______ C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (5124)
          ______ C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (5220)
          ______ C:\Program Files (x86)\CyberLink\Shared files\brs.exe (5364)
          ______ C:\Program Files\AVAST Software\Avast\AvastUI.exe (5372)
          ______ ???/?????? (5380)
          ______ C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe (5488)
          ______ C:\Program Files (x86)\iTunes\iTunesHelper.exe (5496)
          ______ C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (5568)
          ______ ???/?????? (6128)
          ______ ???/?????? (5788)
          ______ C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (4720)
          ______ ???/?????? (7144)
          ______ ???/?????? (6856)
          ______ ???/?????? (7620)
          ______ ???/?????? (6600)
          Locked audiodg.??4 (7864)
          ______ C:\Users\Karen\Desktop\Rooter.exe (8120)
          .
          ----------------------\\ Device\Harddisk0\
          .
          \Device\Harddisk0 [Sectors : 63 x 512 Bytes]
          .
          \Device\Harddisk0\Partition1 (Start_Offset:32256 | Length:106896384)
          \Device\Harddisk0\Partition2 --[ MBR ]-- (Start_Offset:106928640 | Length:15728640000)
          \Device\Harddisk0\Partition3 (Start_Offset:15835568640 | Length:624298411520)
          .
          ----------------------\\ Scheduled Tasks
          .
          C:\Windows\Tasks\Adobe Flash Player Updater.job
          C:\Windows\Tasks\GlaryInitialize.job
          C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
          C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
          C:\Windows\Tasks\SA.DAT
          C:\Windows\Tasks\SCHEDLGU.TXT
          C:\Windows\Tasks\SCHEDLGU[1].TXT
          .
          ----------------------\\ Registry
          .
          .
          ----------------------\\ Files & Folders
          .
          ----------------------\\ Scan completed at 19:56.05
          .
          C:\Rooter$\Rooter_1.txt - (01/08/2012 | 19:56.05)

          SuperDave

          • Malware Removal Specialist


          • Genius
          • Thanked: 991
          • Certifications: List
          • Experience: Expert
          • OS: Windows 8
          Re: redirect when clicking on google results
          « Reply #7 on: August 02, 2012, 04:32:51 PM »
          Is your computer working any better?

          I'd like to scan your machine with ESET OnlineScan

          •Hold down Control and click on the following link to open ESET OnlineScan in a new window.
          ESET OnlineScan
          •Click the button.
          •For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
          • Click on to download the ESET Smart Installer. Save it to your desktop.
          • Double click on the icon on your desktop.
          •Check
          •Click the button.
          •Accept any security warnings from your browser.
          •Check
          •Push the Start button.
          •ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
          •When the scan completes, push
          •Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
          •Push the button.
          •Push
          A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
          Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

          Kileykb

            Topic Starter


            Greenhorn

            • Experience: Beginner
            • OS: Unknown
            Re: redirect when clicking on google results
            « Reply #8 on: August 03, 2012, 06:00:26 AM »
            Yes. It is a little better. I haven't had any computer crashes or blue screen.

            However, my computer still redirects to different websites when I click on google results in Mozilla Firefox.

            C:\TDSSKiller_Quarantine\27.07.2012_22.05.51\mbr0000\tdlfs0000\tsk0000.dta   a variant of Win32/Olmarik.AYI trojan
            C:\TDSSKiller_Quarantine\27.07.2012_22.05.51\mbr0000\tdlfs0000\tsk0001.dta   Win64/Olmarik.AK trojan
            C:\TDSSKiller_Quarantine\27.07.2012_22.05.51\mbr0000\tdlfs0000\tsk0002.dta   a variant of Win32/Rootkit.Kryptik.NH trojan
            C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Default\aadjgbdidadfdcdadhgcdcdadeddgegf\background.html   Win32/BHO.OEI trojan
            C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\5lszqhnd.default\extensions\[email protected]   JS/Redirector.NCA trojan
            C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\w5wmbz09.default\extensions\[email protected]   JS/Redirector.NCA trojan
            C:\Users\Karen\Documents\LG PHONE 7.12.2012\z4root.1.3.0.apk   Android/Exploit.RageCage.A trojan
            C:\Users\Karen\Documents\LG PHONE 7.12.2012\TitaniumBackup\com.antonio.thermo2.activity-c373283d4d13831a415d543538e4496b.apk.gz   Android/Plankton.H trojan
            C:\Users\Karen\Downloads\z4root.1.3.0.apk   Android/Exploit.RageCage.A trojan

            SuperDave

            • Malware Removal Specialist


            • Genius
            • Thanked: 991
            • Certifications: List
            • Experience: Expert
            • OS: Windows 8
            Re: redirect when clicking on google results
            « Reply #9 on: August 03, 2012, 04:21:49 PM »
            Quote
            However, my computer still redirects to different websites when I click on google results in Mozilla Firefox.

            Please try un-installing and re-installing FF
            Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

            Kileykb

              Topic Starter


              Greenhorn

              • Experience: Beginner
              • OS: Unknown
              Re: redirect when clicking on google results
              « Reply #10 on: August 07, 2012, 08:14:09 AM »
              I tried your suggestions and Firefox does not seem to be redirecting google results any more ;D

              Thank you for your advice and help.

              SuperDave

              • Malware Removal Specialist


              • Genius
              • Thanked: 991
              • Certifications: List
              • Experience: Expert
              • OS: Windows 8
              Re: redirect when clicking on google results
              « Reply #11 on: August 07, 2012, 04:17:32 PM »
              Ok. We can do some cleanup.

              To uninstall ComboFix

              • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
              • In the field, type in ComboFix /uninstall


              (Note: Make sure there's a space between the word ComboFix and the forward-slash.)

              • Then, press Enter, or click OK.
              • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
              ************************************************
              Clean out your temporary internet files and temp files.

              Download TFC by OldTimer to your desktop.

              Double-click TFC.exe to run it.

              Note: If you are running on Vista, right-click on the file and choose Run As Administrator

              TFC will close all programs when run, so make sure you have saved all your work before you begin.

              * Click the Start button to begin the cleaning process.
              * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
              * Please let TFC run uninterrupted until it is finished.

              Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
              **************************************************
              Use the Secunia Software Inspector to check for out of date software.

              •Click Start Now

              •Check the box next to Enable thorough system inspection.

              •Click Start

              •Allow the scan to finish and scroll down to see if any updates are needed.
              •Update anything listed.
              .
              ----------

              Go to Microsoft Windows Update and get all critical updates.

              ----------

              I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

              SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
              * Using SpywareBlaster to protect your computer from Spyware and Malware
              * If you don't know what ActiveX controls are, see here

              Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

              Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

              Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
              Safe Surfing!
              Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender

              Kileykb

                Topic Starter


                Greenhorn

                • Experience: Beginner
                • OS: Unknown
                Re: redirect when clicking on google results
                « Reply #12 on: August 10, 2012, 05:29:53 PM »
                I removed Combofix. Then I downloaded the second program and ran it. It deleted temp files. Finally, I ran the online scanner and used it to update all the programs it showed that were out of date.

                SuperDave

                • Malware Removal Specialist


                • Genius
                • Thanked: 991
                • Certifications: List
                • Experience: Expert
                • OS: Windows 8
                Re: redirect when clicking on google results
                « Reply #13 on: August 10, 2012, 07:37:06 PM »
                That's good. I will lock this thread. If you need it re-opened, please send me a pm.
                Intel(R) Core (TM) i3-3220 CPU 3.30 GHz 8.0 Gb RAM Windows 8.1 with a dual boot to Windows XP  Home with SP3, Comodo  with Windows Firewall & Windows Defender