Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Student Infected w Spyware Please Help me [Solved]


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Thanks for the FF data it helps a lot

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    FF - prefs.js..extensions.enabledAddons: [email protected]:1.5
    [2012/07/01 10:23:37 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected]
    [2012/02/24 14:35:48 | 000,018,463 | ---- | M] () (No name found) -- C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected]
    [2012/06/19 08:18:38 | 000,056,403 | ---- | M] () (No name found) -- C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected]
    [2012/02/24 14:58:32 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

Advertisements


#17
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
OTL Fix Log

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: [email protected]:1.5 removed from extensions.enabledAddons
Folder C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected]\ not found.
File C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected] not found.
C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\[email protected] moved successfully.
File C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: omni
->Temp folder emptied: 930467 bytes
->Temporary Internet Files folder emptied: 22369923 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 239435391 bytes
->Flash cache emptied: 4265 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7888 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 251.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.61.0 log created on 09082012_115333

Files\Folders moved on Reboot...
C:\Users\omni\AppData\Local\Temp\{7768258B-7E84-4299-96DB-9E5C356BA565}\fpb.tmp moved successfully.
C:\Users\omni\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\omni\AppData\Local\Temp\~DF0131F2A3DFBD73AF.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DF2DC4027EBF2EDD2C.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DF3CF3DDEACAED6556.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DF69006C47335C0D34.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DF715015A559E380F1.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFA7F6B8109E925134.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFAC185CDDA36925A0.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFAF379F46C009A4B5.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFC0E12F19C09D35CF.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFC9EB066BC22C6EEA.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFF7E23C58E69612DD.TMP not found!
File\Folder C:\Users\omni\AppData\Local\Temp\~DFFEFE0A60D8AF2EBD.TMP not found!
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PHGCS2BQ\fastbutton[1].htm moved successfully.
File move failed. C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PHGCS2BQ\s=0;kvag=0;kvinc=0;kvmar=0;kvch=0;kvseg=0;kvugc=0;kvui=7f669faaf8f811e1844d6bfafba41875;kvmn=93319415;extmirroring=0;target=_blank;aduho=-240;grp=119516947[1].htm scheduled to be moved on reboot.
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PHGCS2BQ\tcode3[1].htm moved successfully.
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PHGCS2BQ\tcodewads_at[1].htm moved successfully.
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PHGCS2BQ\weatherRefresh[2].htm moved successfully.
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\61IBWLTX\119522797[1].htm moved successfully.
C:\Users\omni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-------------------------------------------------------------------------------------------------------------------------------------

OTL Quick Scan Log


OTL logfile created on: 9/8/2012 12:08:21 PM - Run 6
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Users\omni\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.61 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 66.80% Memory free
7.23 Gb Paging File | 5.88 Gb Available in Paging File | 81.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 919.63 Gb Total Space | 867.15 Gb Free Space | 94.29% Space Free | Partition Type: NTFS
Drive D: | 11.78 Gb Total Space | 1.44 Gb Free Space | 12.25% Space Free | Partition Type: NTFS

Computer Name: OMNI-HP | User Name: omni | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/06 20:33:41 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\omni\Downloads\OTL.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/12 18:32:22 | 001,239,952 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/07/12 18:32:18 | 018,832,264 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/10/21 05:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/05/26 15:43:50 | 000,129,648 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2011/05/05 19:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/23 12:16:38 | 000,136,488 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe
PRC - [2011/03/09 17:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/11/26 10:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/05/12 21:58:28 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/11 05:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/07 21:01:09 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/03 11:05:18 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/12 18:32:22 | 001,239,952 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/06/09 14:23:58 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/05/26 15:43:50 | 000,129,648 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2011/05/05 19:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/28 20:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/09 17:47:08 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/03/07 20:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/02 00:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 13:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/26 10:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/26 17:45:14 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/11/29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/12 22:41:22 | 009,358,336 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/12 21:20:30 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/04 20:44:00 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/04/22 06:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/21 20:46:54 | 001,360,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/03/23 12:17:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/03/04 18:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 18:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/12/15 23:36:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/09 10:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{024DF39B-5AF6-4447-98D2-4F8A70DD689C}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{024DF39B-5AF6-4447-98D2-4F8A70DD689C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{31624E1D-083D-E4EB-5DBF-6B845A528D89}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{024DF39B-5AF6-4447-98D2-4F8A70DD689C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{31624E1D-083D-E4EB-5DBF-6B845A528D89}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: [email protected]:2.1.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 21:01:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/05 13:18:26 | 000,000,000 | ---D | M]

[2011/12/01 11:07:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\omni\AppData\Roaming\Mozilla\Extensions
[2012/09/08 11:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\omni\AppData\Roaming\Mozilla\Firefox\Profiles\t3tagxxm.default\extensions
[2012/09/08 08:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\EXTENSIONS\[email protected]
[2012/09/07 21:01:10 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/07 21:01:07 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/07 21:01:07 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/09/08 11:53:33 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 72.45.32.147 72.45.32.148
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D95CF1D-5988-4736-ACEF-C61F88D83E15}: DhcpNameServer = 72.45.32.147 72.45.32.148
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90B844AD-AEE7-452C-8330-153D1DA9DBF5}: DhcpNameServer = 72.45.32.147 72.45.32.148
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{dd0d151c-3b86-11e1-a65f-e89a8fd61f52}\Shell - "" = AutoRun
O33 - MountPoints2\{dd0d151c-3b86-11e1-a65f-e89a8fd61f52}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe
O33 - MountPoints2\H\Shell\phone\command - "" = H:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/07 13:52:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/05 13:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/09/05 13:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/09/05 11:41:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012/09/04 17:59:48 | 000,000,000 | ---D | C] -- C:\Users\omni\AppData\Local\adaware
[2012/09/04 17:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/09/04 17:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/09/04 17:59:31 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012/09/04 17:59:30 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbredrv.sys
[2012/09/04 17:59:30 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2012/09/04 17:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/09/04 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/09/04 17:58:57 | 000,000,000 | ---D | C] -- C:\Users\omni\AppData\Local\Downloaded Installations
[2012/09/04 17:57:22 | 000,000,000 | ---D | C] -- C:\Users\omni\AppData\Roaming\Ad-Aware Antivirus
[2012/09/04 15:48:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/09/04 15:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/09/04 15:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/09/04 15:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2012/09/04 15:17:23 | 000,000,000 | ---D | C] -- C:\Users\omni\AppData\Roaming\SUPERAntiSpyware.com
[2012/09/04 15:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/09/04 15:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/09/04 15:16:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/09/03 19:49:10 | 000,000,000 | ---D | C] -- C:\Users\omni\AppData\Local\{93CA3949-A99F-4DE6-8A47-DF9F1C549D10}
[4 C:\Users\omni\Documents\*.tmp files -> C:\Users\omni\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/08 12:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/08 12:04:27 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 12:04:27 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 12:01:18 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/08 12:01:18 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/08 12:01:18 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/08 11:58:26 | 000,001,870 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/09/08 11:57:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/08 11:56:54 | 2910,302,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/08 11:53:33 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/09/07 10:29:44 | 000,001,411 | ---- | M] () -- C:\Users\omni\Desktop\Internet Explorer (64-bit).lnk
[2012/09/07 08:34:28 | 000,001,087 | ---- | M] () -- C:\Users\omni\Desktop\OTL - Shortcut.lnk
[2012/09/07 07:50:21 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForomni.job
[2012/09/05 13:18:26 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/04 15:48:17 | 000,001,260 | ---- | M] () -- C:\Users\omni\Desktop\Spybot - Search & Destroy.lnk
[2012/09/04 15:16:46 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/04 12:49:27 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/04 06:54:50 | 000,406,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/03 19:51:55 | 000,031,689 | ---- | M] () -- C:\Users\Public\Documents\Melito cosnti hijos mios (320x240).jpg
[2012/09/03 19:48:26 | 000,024,977 | ---- | M] () -- C:\Users\Public\Documents\Melito cosnti hijos mios.jpg
[4 C:\Users\omni\Documents\*.tmp files -> C:\Users\omni\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/07 10:29:44 | 000,001,411 | ---- | C] () -- C:\Users\omni\Desktop\Internet Explorer (64-bit).lnk
[2012/09/07 08:34:28 | 000,001,087 | ---- | C] () -- C:\Users\omni\Desktop\OTL - Shortcut.lnk
[2012/09/05 13:18:26 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/05 13:18:26 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/04 17:59:41 | 000,001,870 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012/09/04 16:27:16 | 000,010,163 | ---- | C] () -- C:\Users\omni\Documents\palma frutica.jpg
[2012/09/04 15:48:17 | 000,001,260 | ---- | C] () -- C:\Users\omni\Desktop\Spybot - Search & Destroy.lnk
[2012/09/04 15:16:46 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/03 19:51:55 | 000,031,689 | ---- | C] () -- C:\Users\Public\Documents\Melito cosnti hijos mios (320x240).jpg
[2012/09/03 19:48:26 | 000,024,977 | ---- | C] () -- C:\Users\Public\Documents\Melito cosnti hijos mios.jpg
[2011/12/15 20:34:02 | 000,003,584 | ---- | C] () -- C:\Users\omni\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/02 13:55:23 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/29 17:20:53 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/29 17:17:15 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/06/21 03:07:00 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/06/08 01:03:12 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/02/11 13:15:43 | 000,772,558 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/09/04 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\Ad-Aware Antivirus
[2012/02/10 19:34:24 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\Ashampoo
[2012/03/01 01:17:01 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\Azureus
[2012/02/10 17:04:27 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\Canneverbe Limited
[2012/05/16 10:51:08 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\mjusbsp
[2012/06/04 20:39:06 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\TeamViewer
[2012/04/26 18:08:49 | 000,000,000 | ---D | M] -- C:\Users\omni\AppData\Roaming\YouSendIt
[2012/09/07 13:56:41 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Still there ?
  • 0

#19
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Yes, I am still here ...
  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
:lol: Sorry I meant are the ads still there
  • 0

#21
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
:lol: Í havenīt seen them for 3 hours... but Iīm vigilant and will let you know.

What follows are MBAM and SUPERA AntiSpyware scan Logs: MBAM (0 ) SUPERA (285 threats) I deleted them.

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
omni :: OMNI-HP [administrator]

9/8/2012 2:09:53 PM
mbam-log-2012-09-08 (14-09-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196377
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

------------------------------------------------------------------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/08/2012 at 02:43 PM

Application Version : 5.5.1016

Core Rules Database Version : 9171
Trace Rules Database Version: 6983

Scan type : Quick Scan
Total Scan Time : 00:05:35

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 539
Memory threats detected : 0
Registry items scanned : 54443
Registry threats detected : 0
File items scanned : 10682
File threats detected : 285

Adware.Tracking Cookie
tags.toolbarsmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
counter.surfcounters.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.microsoftwindows.112.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api32.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api32.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api32.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.kaspersky.122.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\6AFN1CN2.txt [ Cookie:[email protected]/ ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\QM6MXYG9.txt [ Cookie:[email protected]/ ]
.trackalyzer.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
t2.trackalyzer.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\7KRWRRBK.txt [ Cookie:[email protected]/cgi-bin ]
.imrworldwide.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\AA50BYKR.txt [ Cookie:[email protected]/ ]
.ru4.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\9POPTBZR.txt [ Cookie:[email protected]/ ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\7F3HSPOK.txt [ Cookie:[email protected]/ ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q52KRWMS.txt [ Cookie:[email protected]/ ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1TUSP1W.txt [ Cookie:[email protected]/ ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5W4171X2.txt [ Cookie:[email protected]/ ]
.apmebf.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\CSD74E9B.txt [ Cookie:[email protected]/adserving ]
.api31.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQVD1K1I.txt [ Cookie:[email protected]/ ]
.api31.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api31.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\QB7E5J00.txt [ Cookie:[email protected]/ ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api30.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\B5D11YA6.txt [ Cookie:[email protected]/ ]
.insightexpressai.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\UOTVF2PG.txt [ Cookie:[email protected]/ ]
.burstnet.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\E4FWE175.txt [ Cookie:[email protected]/a ]
.pro-market.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api18.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api18.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api18.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api28.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api28.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api28.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api20.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api20.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api20.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\ADRZPDY7.txt [ Cookie:[email protected]/ ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\KFAIL4A3.txt [ Cookie:[email protected]/ ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api6.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api6.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api6.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api30.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api30.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api30.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api29.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api29.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api29.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api26.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
C:\USERS\OMNI\AppData\Roaming\Microsoft\Windows\Cookies\Low\UXSM3A2W.txt [ Cookie:[email protected]/ ]
.api26.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.api26.thetrafficstat.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.kanoodle.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tracking.leguide.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tracking.leguide.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tracking.leguide.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.prisacom.112.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.ar.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
matcher.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
network.realmedia.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.weborama.fr [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.bforbank.solution.weborama.fr [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.bforbank.solution.weborama.fr [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.bforbank.solution.weborama.fr [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.bforbank.solution.weborama.fr [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.eset.122.2o7.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\OMNI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T3TAGXXM.DEFAULT\COOKIES.SQLITE ]
  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If all is still well tomorrow, then let me know and I will remove my rubbish and tidy up
  • 0

#23
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
The ads have disappeared, thanks to your invaluable support !
I havenīt installed an Anti Virus in the longest time, they use lots of space and are Invasive. Would you recommend I install Microsoft Security Essentials ?

Thanks again!
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Antivirus is an essential nowadays and most are fairly light.. So install Security essentials

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#25
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thank you again!
I read the article (tips) on how to keep safe. It was written in 2009, are the recommended programs still current ? since IT advances fast. I will download ERUNT for the registry. For the Firewall, should I use Online Armor instead of Windows 7 firewall ?

File Back ups: my computer backs up my files automatically to D: Drive and the drive has very little free space, only 1.44 GB of 11.7 GB I donīt have that many personal or digital files so I assume it backed up my external drive without my knowing. would you be able to tell me how to open the D: Drive and delete the overload ? Thank you so much.
  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
If you are not doing incremental backups then you can remove them using the backup software, what do you use ?

Although the original date of the thread was 2009 it has been updated to include all the latest versions and thoughts

Myself I consider the windows 7 firewall to be good enough but Online Armour is a good one
  • 0

#27
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
As of yet, I have not used back up software... I save my files to an external drive that I know is dangerous because my other external drive crashed being brand new. What back up software would you suggest for incremental back ups ? and also to remove the file overload from D: Drive ?
  • 0

#28
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK you could use windows backup

There are full instructions here

Once you are ready to start then just format the D drive to remove all the old files
Then using windows backup select the D drive as where to stow them
  • 0

#29
chimi52

chimi52

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
It has been a highly valuable activity. I know more about IT geeks and tweaks than I ever expected. I will report back within 24 hours and, once again, thank you for your exceptional guidance.
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP