Solve : kanoodle.com redirect (also, possible google redirect)?

1.	Solve : kanoodle.com redirect (also, possible google redirect)?
Answer» Not sure what happened. Sorry! Let's try that again. Edit: Ah, too long. Here's the second half (with the first few LINES repeated from the END of the prior post.) 22:29:52.0014 6348 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\WINDOWS\system32\drivers\sffp_sd.sys 22:29:52.0016 6348 sffp_sd - ok 22:29:52.0036 6348 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 22:29:52.0038 6348 sfloppy - ok 22:29:52.0068 6348 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 22:29:52.0075 6348 SharedAccess - ok 22:29:52.0143 6348 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 22:29:52.0150 6348 ShellHWDetection - ok 22:29:52.0189 6348 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:29:52.0192 6348 SiSRaid2 - ok 22:29:52.0212 6348 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 22:29:52.0215 6348 SiSRaid4 - ok 22:29:52.0328 6348 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 22:29:52.0332 6348 SkypeUpdate - ok 22:29:52.0353 6348 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 22:29:52.0356 6348 Smb - ok 22:29:52.0378 6348 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 22:29:52.0381 6348 SNMPTRAP - ok 22:29:52.0390 6348 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 22:29:52.0391 6348 spldr - ok 22:29:52.0447 6348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 22:29:52.0457 6348 Spooler - ok 22:29:52.0570 6348 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 22:29:52.0662 6348 sppsvc - ok 22:29:52.0695 6348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 22:29:52.0699 6348 sppuinotify - ok 22:29:52.0756 6348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 22:29:52.0763 6348 srv - ok 22:29:52.0777 6348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 22:29:52.0783 6348 srv2 - ok 22:29:52.0796 6348 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 22:29:52.0799 6348 srvnet - ok 22:29:52.0818 6348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 22:29:52.0823 6348 SSDPSRV - ok 22:29:52.0830 6348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 22:29:52.0833 6348 SstpSvc - ok 22:29:52.0852 6348 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 22:29:52.0854 6348 stexstor - ok 22:29:52.0905 6348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 22:29:52.0916 6348 stisvc - ok 22:29:52.0944 6348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 22:29:52.0946 6348 swenum - ok 22:29:52.0985 6348 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 22:29:53.0010 6348 swprv - ok 22:29:53.0101 6348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 22:29:53.0135 6348 SysMain - ok 22:29:53.0187 6348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 22:29:53.0191 6348 TabletInputService - ok 22:29:53.0205 6348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 22:29:53.0211 6348 TapiSrv - ok 22:29:53.0219 6348 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 22:29:53.0224 6348 TBS - ok 22:29:53.0308 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 22:29:53.0343 6348 Tcpip - ok 22:29:53.0376 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 22:29:53.0393 6348 TCPIP6 - ok 22:29:53.0439 6348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 22:29:53.0442 6348 tcpipreg - ok 22:29:53.0459 6348 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 22:29:53.0461 6348 TDPIPE - ok 22:29:53.0490 6348 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 22:29:53.0492 6348 TDTCP - ok 22:29:53.0541 6348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 22:29:53.0544 6348 tdx - ok 22:29:53.0558 6348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 22:29:53.0561 6348 TermDD - ok 22:29:53.0622 6348 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 22:29:53.0633 6348 TermService - ok 22:29:53.0643 6348 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 22:29:53.0646 6348 Themes - ok 22:29:53.0674 6348 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 22:29:53.0676 6348 THREADORDER - ok 22:29:53.0690 6348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 22:29:53.0695 6348 TrkWks - ok 22:29:53.0762 6348 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 22:29:53.0765 6348 TrustedInstaller - ok 22:29:53.0821 6348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 22:29:53.0823 6348 tssecsrv - ok 22:29:53.0863 6348 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 22:29:53.0866 6348 TsUsbFlt - ok 22:29:53.0928 6348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 22:29:53.0932 6348 tunnel - ok 22:29:53.0950 6348 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 22:29:53.0953 6348 uagp35 - ok 22:29:53.0976 6348 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 22:29:53.0982 6348 udfs - ok 22:29:54.0003 6348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 22:29:54.0006 6348 UI0Detect - ok 22:29:54.0030 6348 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 22:29:54.0033 6348 uliagpkx - ok 22:29:54.0073 6348 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 22:29:54.0076 6348 umbus - ok 22:29:54.0097 6348 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 22:29:54.0099 6348 UmPass - ok 22:29:54.0179 6348 [ 02C298382359653BEC4C737C2AB7F9C5 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 22:29:54.0218 6348 UNS - ok 22:29:54.0267 6348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 22:29:54.0277 6348 upnphost - ok 22:29:54.0338 6348 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 22:29:54.0340 6348 USBAAPL64 - ok 22:29:54.0403 6348 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 22:29:54.0407 6348 usbaudio - ok 22:29:54.0413 6348 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 22:29:54.0417 6348 usbccgp - ok 22:29:54.0457 6348 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 22:29:54.0460 6348 usbcir - ok 22:29:54.0509 6348 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 22:29:54.0510 6348 usbehci - ok 22:29:54.0666 6348 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 22:29:54.0672 6348 usbhub - ok 22:29:54.0694 6348 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 22:29:54.0696 6348 usbohci - ok 22:29:54.0759 6348 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 22:29:54.0761 6348 usbprint - ok 22:29:54.0799 6348 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS 22:29:54.0802 6348 USBSTOR - ok 22:29:54.0835 6348 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 22:29:54.0837 6348 usbuhci - ok 22:29:54.0872 6348 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 22:29:54.0877 6348 usbvideo - ok 22:29:54.0899 6348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 22:29:54.0902 6348 UxSms - ok 22:29:54.0907 6348 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 22:29:54.0908 6348 VaultSvc - ok 22:29:54.0928 6348 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 22:29:54.0929 6348 vdrvroot - ok 22:29:54.0978 6348 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 22:29:54.0984 6348 vds - ok 22:29:55.0011 6348 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 22:29:55.0012 6348 vga - ok 22:29:55.0030 6348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 22:29:55.0031 6348 VgaSave - ok 22:29:55.0055 6348 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 22:29:55.0058 6348 vhdmp - ok 22:29:55.0108 6348 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 22:29:55.0110 6348 viaide - ok 22:29:55.0139 6348 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 22:29:55.0141 6348 volmgr - ok 22:29:55.0195 6348 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 22:29:55.0201 6348 volmgrx - ok 22:29:55.0222 6348 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 22:29:55.0227 6348 volsnap - ok 22:29:55.0258 6348 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 22:29:55.0262 6348 vsmraid - ok 22:29:55.0334 6348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 22:29:55.0369 6348 VSS - ok 22:29:55.0381 6348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 22:29:55.0382 6348 vwifibus - ok 22:29:55.0412 6348 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 22:29:55.0420 6348 W32Time - ok 22:29:55.0444 6348 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 22:29:55.0446 6348 WacomPen - ok 22:29:55.0463 6348 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 22:29:55.0465 6348 WANARP - ok 22:29:55.0468 6348 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 22:29:55.0469 6348 Wanarpv6 - ok 22:29:55.0537 6348 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 22:29:55.0561 6348 WatAdminSvc - ok 22:29:55.0639 6348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 22:29:55.0673 6348 wbengine - ok 22:29:55.0681 6348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 22:29:55.0687 6348 WbioSrvc - ok 22:29:55.0741 6348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 22:29:55.0749 6348 wcncsvc - ok 22:29:55.0759 6348 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 22:29:55.0763 6348 WcsPlugInService - ok 22:29:55.0780 6348 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 22:29:55.0782 6348 Wd - ok 22:29:55.0838 6348 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys 22:29:55.0840 6348 WDC_SAM - ok 22:29:55.0901 6348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 22:29:55.0913 6348 Wdf01000 - ok 22:29:55.0928 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 22:29:55.0931 6348 WdiServiceHost - ok 22:29:55.0934 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 22:29:55.0936 6348 WdiSystemHost - ok 22:29:55.0989 6348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 22:29:55.0995 6348 WebClient - ok 22:29:56.0014 6348 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 22:29:56.0020 6348 Wecsvc - ok 22:29:56.0029 6348 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 22:29:56.0033 6348 wercplsupport - ok 22:29:56.0046 6348 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 22:29:56.0050 6348 WerSvc - ok 22:29:56.0064 6348 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 22:29:56.0066 6348 WfpLwf - ok 22:29:56.0084 6348 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 22:29:56.0086 6348 WIMMount - ok 22:29:56.0115 6348 WinDefend - ok 22:29:56.0131 6348 WinHttpAutoProxySvc - ok 22:29:56.0181 6348 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 22:29:56.0185 6348 Winmgmt - ok 22:29:56.0231 6348 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 22:29:56.0267 6348 WinRM - ok 22:29:56.0372 6348 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 22:29:56.0374 6348 WinUsb - ok 22:29:56.0402 6348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 22:29:56.0415 6348 Wlansvc - ok 22:29:56.0529 6348 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 22:29:56.0572 6348 wlidsvc - ok 22:29:56.0622 6348 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 22:29:56.0624 6348 WmiAcpi - ok 22:29:56.0641 6348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 22:29:56.0645 6348 wmiApSrv - ok 22:29:56.0659 6348 WMPNetworkSvc - ok 22:29:56.0690 6348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 22:29:56.0693 6348 WPCSvc - ok 22:29:56.0704 6348 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 22:29:56.0708 6348 WPDBusEnum - ok 22:29:56.0716 6348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 22:29:56.0718 6348 ws2ifsl - ok 22:29:56.0733 6348 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll 22:29:56.0737 6348 wscsvc - ok 22:29:56.0798 6348 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 22:29:56.0800 6348 WSDPrintDevice - ok 22:29:56.0850 6348 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 22:29:56.0853 6348 WSDScan - ok 22:29:56.0857 6348 WSearch - ok 22:29:56.0950 6348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 22:29:57.0002 6348 wuauserv - ok 22:29:57.0060 6348 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 22:29:57.0062 6348 WudfPf - ok 22:29:57.0083 6348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 22:29:57.0087 6348 WUDFRd - ok 22:29:57.0117 6348 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 22:29:57.0121 6348 wudfsvc - ok 22:29:57.0158 6348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 22:29:57.0165 6348 WwanSvc - ok 22:29:57.0175 6348 ================ Scan global =============================== 22:29:57.0200 6348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 22:29:57.0256 6348 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 22:29:57.0268 6348 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 22:29:57.0276 6348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 22:29:57.0304 6348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 22:29:57.0311 6348 [Global] - ok 22:29:57.0312 6348 ================ Scan MBR ================================== 22:29:57.0328 6348 [ F800E81B26AD2992AA7B42313FBDFB44 ] \Device\Harddisk0\DR0 22:29:57.0576 6348 \Device\Harddisk0\DR0 - ok 22:29:57.0577 6348 ================ Scan VBR ================================== 22:29:57.0581 6348 [ B3C06E530B4070185F133614E7BD150D ] \Device\Harddisk0\DR0\Partition1 22:29:57.0583 6348 \Device\Harddisk0\DR0\Partition1 - ok 22:29:57.0597 6348 [ 2C3DC1F4349EDA096C820A5AF1537685 ] \Device\Harddisk0\DR0\Partition2 22:29:57.0600 6348 \Device\Harddisk0\DR0\Partition2 - ok 22:29:57.0633 6348 [ 9F525A3BF3305A9D85D8BDC4AEDE251F ] \Device\Harddisk0\DR0\Partition3 22:29:57.0636 6348 \Device\Harddisk0\DR0\Partition3 - ok 22:29:57.0636 6348 ============================================================ 22:29:57.0637 6348 Scan finished 22:29:57.0637 6348 ============================================================ 22:29:57.0651 6564 Detected object count: 0 22:29:57.0651 6564 Actual detected object count: 0 22:33:18.0945 9328 Deinitialize success How's your computer running now? Any other issues?Thanks again for your help. Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems.Quote from: darling on December 20, 2012, 07:09:51 PM Thanks again for your help. Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems. Could you please run TDSSKiller again and post the entire log?No problem - I attached the log as a txt file because it's too big to post. Thanks! [year+ old attachment deleted by admin]Quote Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems. Could you please post the link to that site?Thank you for bearing with me! When we visit (in Firefox): http://www.nbcnews.com/ (or when that site autorefreshes) it USED to be that occasionally (one out of every five? six? times) it would redirect to: http://context3.kanoodle.com/AF7F5454-06AA-11DF-BB59-79A43FF5047F (those numbers at the end seem to be the same every time) Now, what seems to happen is that nbcnews.com opens as planned and kanoodle loads in a new tab.Ok. Let's try this: Go to Tools, Options, Privacy, show cookies and remove the kanoodle.com cookie. You could also try blocking that site in FF. I tried that nbcnews about five times and it came up ok with no re-directs. Does it re-direct when using Internet Explorer?nbcnews.com doesn't seem to redirect in IE (although I will try a few more times just to be sure). It certainly doesn't redirect in Firefox on any other PC I use. I have kanoodle on AdBlock in FF - I'll see what else FF can do to block it. It's the weirdest thing. Thank you!!You're welcome. Let's do some cleanup before I forget. To uninstall ComboFix Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane. In the field, type in ComboFix /uninstall (Note: Make sure there's a space between the word ComboFix and the forward-slash.) Then, press Enter, or click OK. This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore. *********************************************** Click Start> Computer> right click the C Drive and choose Properties> enter Click Disk Cleanup from there. Click OK on the Disk Cleanup Screen. Click Yes on the Confirmation screen. This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive) ******************************************** Go to Microsoft Windows Update and get all critical updates. ---------- I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from ONLINE scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free. SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox. * Using SpywareBlaster to protect your computer from Spyware and Malware * If you don't know what ActiveX controls are, see here Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future. Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly. Safe Surfing and Season Greetings!Cool - I'm a little short on time over the past few days so I'll get to work on all of the above very soon.Quote from: darling on January 01, 2013, 10:10:44 AM Cool - I'm a little short on time over the past few days so I'll get to work on all of the above very soon. Good. Let me know when you're finished and I'll lock the thread.Alright... all those things done and dusted - thank you. I'm still getting this darn redirect. I just blacklisted kanoodle using the BlockSite Firefox extension, but if there's a way to stop the redirect entirely I'd love to know how to do it. Thanks again for all your help!Quote from: darling on January 12, 2013, 07:00:44 AM Alright... all those things done and dusted - thank you. I'm still getting this darn redirect. I just blacklisted kanoodle using the BlockSite Firefox extension, but if there's a way to stop the redirect entirely I'd love to know how to do it. Thanks again for all your help! If it's only redirecting in FF the only thing I can think of is to uninstall and re-install FF.

Answer»

Not sure what happened. Sorry! Let's try that again.

Edit: Ah, too long. Here's the second half (with the first few LINES repeated from the END of the prior post.)

22:29:52.0014 6348 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\WINDOWS\system32\drivers\sffp_sd.sys
22:29:52.0016 6348 sffp_sd - ok
22:29:52.0036 6348 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:29:52.0038 6348 sfloppy - ok
22:29:52.0068 6348 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:29:52.0075 6348 SharedAccess - ok
22:29:52.0143 6348 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:29:52.0150 6348 ShellHWDetection - ok
22:29:52.0189 6348 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:29:52.0192 6348 SiSRaid2 - ok
22:29:52.0212 6348 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:29:52.0215 6348 SiSRaid4 - ok
22:29:52.0328 6348 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:29:52.0332 6348 SkypeUpdate - ok
22:29:52.0353 6348 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:29:52.0356 6348 Smb - ok
22:29:52.0378 6348 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:29:52.0381 6348 SNMPTRAP - ok
22:29:52.0390 6348 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:29:52.0391 6348 spldr - ok
22:29:52.0447 6348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:29:52.0457 6348 Spooler - ok
22:29:52.0570 6348 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:29:52.0662 6348 sppsvc - ok
22:29:52.0695 6348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:29:52.0699 6348 sppuinotify - ok
22:29:52.0756 6348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:29:52.0763 6348 srv - ok
22:29:52.0777 6348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:29:52.0783 6348 srv2 - ok
22:29:52.0796 6348 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:29:52.0799 6348 srvnet - ok
22:29:52.0818 6348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:29:52.0823 6348 SSDPSRV - ok
22:29:52.0830 6348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:29:52.0833 6348 SstpSvc - ok
22:29:52.0852 6348 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:29:52.0854 6348 stexstor - ok
22:29:52.0905 6348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:29:52.0916 6348 stisvc - ok
22:29:52.0944 6348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:29:52.0946 6348 swenum - ok
22:29:52.0985 6348 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:29:53.0010 6348 swprv - ok
22:29:53.0101 6348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:29:53.0135 6348 SysMain - ok
22:29:53.0187 6348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:29:53.0191 6348 TabletInputService - ok
22:29:53.0205 6348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:29:53.0211 6348 TapiSrv - ok
22:29:53.0219 6348 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:29:53.0224 6348 TBS - ok
22:29:53.0308 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:29:53.0343 6348 Tcpip - ok
22:29:53.0376 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:29:53.0393 6348 TCPIP6 - ok
22:29:53.0439 6348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:29:53.0442 6348 tcpipreg - ok
22:29:53.0459 6348 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:29:53.0461 6348 TDPIPE - ok
22:29:53.0490 6348 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:29:53.0492 6348 TDTCP - ok
22:29:53.0541 6348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:29:53.0544 6348 tdx - ok
22:29:53.0558 6348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:29:53.0561 6348 TermDD - ok
22:29:53.0622 6348 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:29:53.0633 6348 TermService - ok
22:29:53.0643 6348 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:29:53.0646 6348 Themes - ok
22:29:53.0674 6348 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:29:53.0676 6348 THREADORDER - ok
22:29:53.0690 6348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:29:53.0695 6348 TrkWks - ok
22:29:53.0762 6348 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:29:53.0765 6348 TrustedInstaller - ok
22:29:53.0821 6348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:29:53.0823 6348 tssecsrv - ok
22:29:53.0863 6348 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:29:53.0866 6348 TsUsbFlt - ok
22:29:53.0928 6348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:29:53.0932 6348 tunnel - ok
22:29:53.0950 6348 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:29:53.0953 6348 uagp35 - ok
22:29:53.0976 6348 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:29:53.0982 6348 udfs - ok
22:29:54.0003 6348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:29:54.0006 6348 UI0Detect - ok
22:29:54.0030 6348 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:29:54.0033 6348 uliagpkx - ok
22:29:54.0073 6348 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:29:54.0076 6348 umbus - ok
22:29:54.0097 6348 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:29:54.0099 6348 UmPass - ok
22:29:54.0179 6348 [ 02C298382359653BEC4C737C2AB7F9C5 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:29:54.0218 6348 UNS - ok
22:29:54.0267 6348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:29:54.0277 6348 upnphost - ok
22:29:54.0338 6348 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:29:54.0340 6348 USBAAPL64 - ok
22:29:54.0403 6348 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:29:54.0407 6348 usbaudio - ok
22:29:54.0413 6348 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:29:54.0417 6348 usbccgp - ok
22:29:54.0457 6348 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:29:54.0460 6348 usbcir - ok
22:29:54.0509 6348 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:29:54.0510 6348 usbehci - ok
22:29:54.0666 6348 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:29:54.0672 6348 usbhub - ok
22:29:54.0694 6348 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:29:54.0696 6348 usbohci - ok
22:29:54.0759 6348 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:29:54.0761 6348 usbprint - ok
22:29:54.0799 6348 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
22:29:54.0802 6348 USBSTOR - ok
22:29:54.0835 6348 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:29:54.0837 6348 usbuhci - ok
22:29:54.0872 6348 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:29:54.0877 6348 usbvideo - ok
22:29:54.0899 6348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:29:54.0902 6348 UxSms - ok
22:29:54.0907 6348 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:29:54.0908 6348 VaultSvc - ok
22:29:54.0928 6348 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:29:54.0929 6348 vdrvroot - ok
22:29:54.0978 6348 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:29:54.0984 6348 vds - ok
22:29:55.0011 6348 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:29:55.0012 6348 vga - ok
22:29:55.0030 6348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:29:55.0031 6348 VgaSave - ok
22:29:55.0055 6348 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:29:55.0058 6348 vhdmp - ok
22:29:55.0108 6348 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:29:55.0110 6348 viaide - ok
22:29:55.0139 6348 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:29:55.0141 6348 volmgr - ok
22:29:55.0195 6348 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:29:55.0201 6348 volmgrx - ok
22:29:55.0222 6348 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:29:55.0227 6348 volsnap - ok
22:29:55.0258 6348 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:29:55.0262 6348 vsmraid - ok
22:29:55.0334 6348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:29:55.0369 6348 VSS - ok
22:29:55.0381 6348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:29:55.0382 6348 vwifibus - ok
22:29:55.0412 6348 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:29:55.0420 6348 W32Time - ok
22:29:55.0444 6348 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:29:55.0446 6348 WacomPen - ok
22:29:55.0463 6348 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:29:55.0465 6348 WANARP - ok
22:29:55.0468 6348 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:29:55.0469 6348 Wanarpv6 - ok
22:29:55.0537 6348 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:29:55.0561 6348 WatAdminSvc - ok
22:29:55.0639 6348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:29:55.0673 6348 wbengine - ok
22:29:55.0681 6348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:29:55.0687 6348 WbioSrvc - ok
22:29:55.0741 6348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:29:55.0749 6348 wcncsvc - ok
22:29:55.0759 6348 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:29:55.0763 6348 WcsPlugInService - ok
22:29:55.0780 6348 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:29:55.0782 6348 Wd - ok
22:29:55.0838 6348 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
22:29:55.0840 6348 WDC_SAM - ok
22:29:55.0901 6348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:29:55.0913 6348 Wdf01000 - ok
22:29:55.0928 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:29:55.0931 6348 WdiServiceHost - ok
22:29:55.0934 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:29:55.0936 6348 WdiSystemHost - ok
22:29:55.0989 6348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:29:55.0995 6348 WebClient - ok
22:29:56.0014 6348 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:29:56.0020 6348 Wecsvc - ok
22:29:56.0029 6348 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:29:56.0033 6348 wercplsupport - ok
22:29:56.0046 6348 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:29:56.0050 6348 WerSvc - ok
22:29:56.0064 6348 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:29:56.0066 6348 WfpLwf - ok
22:29:56.0084 6348 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:29:56.0086 6348 WIMMount - ok
22:29:56.0115 6348 WinDefend - ok
22:29:56.0131 6348 WinHttpAutoProxySvc - ok
22:29:56.0181 6348 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:29:56.0185 6348 Winmgmt - ok
22:29:56.0231 6348 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:29:56.0267 6348 WinRM - ok
22:29:56.0372 6348 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:29:56.0374 6348 WinUsb - ok
22:29:56.0402 6348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:29:56.0415 6348 Wlansvc - ok
22:29:56.0529 6348 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:29:56.0572 6348 wlidsvc - ok
22:29:56.0622 6348 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:29:56.0624 6348 WmiAcpi - ok
22:29:56.0641 6348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:29:56.0645 6348 wmiApSrv - ok
22:29:56.0659 6348 WMPNetworkSvc - ok
22:29:56.0690 6348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:29:56.0693 6348 WPCSvc - ok
22:29:56.0704 6348 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:29:56.0708 6348 WPDBusEnum - ok
22:29:56.0716 6348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:29:56.0718 6348 ws2ifsl - ok
22:29:56.0733 6348 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
22:29:56.0737 6348 wscsvc - ok
22:29:56.0798 6348 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
22:29:56.0800 6348 WSDPrintDevice - ok
22:29:56.0850 6348 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
22:29:56.0853 6348 WSDScan - ok
22:29:56.0857 6348 WSearch - ok
22:29:56.0950 6348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:29:57.0002 6348 wuauserv - ok
22:29:57.0060 6348 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:29:57.0062 6348 WudfPf - ok
22:29:57.0083 6348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:29:57.0087 6348 WUDFRd - ok
22:29:57.0117 6348 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:29:57.0121 6348 wudfsvc - ok
22:29:57.0158 6348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:29:57.0165 6348 WwanSvc - ok
22:29:57.0175 6348 ================ Scan global ===============================
22:29:57.0200 6348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:29:57.0256 6348 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:29:57.0268 6348 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
22:29:57.0276 6348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:29:57.0304 6348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:29:57.0311 6348 [Global] - ok
22:29:57.0312 6348 ================ Scan MBR ==================================
22:29:57.0328 6348 [ F800E81B26AD2992AA7B42313FBDFB44 ] \Device\Harddisk0\DR0
22:29:57.0576 6348 \Device\Harddisk0\DR0 - ok
22:29:57.0577 6348 ================ Scan VBR ==================================
22:29:57.0581 6348 [ B3C06E530B4070185F133614E7BD150D ] \Device\Harddisk0\DR0\Partition1
22:29:57.0583 6348 \Device\Harddisk0\DR0\Partition1 - ok
22:29:57.0597 6348 [ 2C3DC1F4349EDA096C820A5AF1537685 ] \Device\Harddisk0\DR0\Partition2
22:29:57.0600 6348 \Device\Harddisk0\DR0\Partition2 - ok
22:29:57.0633 6348 [ 9F525A3BF3305A9D85D8BDC4AEDE251F ] \Device\Harddisk0\DR0\Partition3
22:29:57.0636 6348 \Device\Harddisk0\DR0\Partition3 - ok
22:29:57.0636 6348 ============================================================
22:29:57.0637 6348 Scan finished
22:29:57.0637 6348 ============================================================
22:29:57.0651 6564 Detected object count: 0
22:29:57.0651 6564 Actual detected object count: 0
22:33:18.0945 9328 Deinitialize success
How's your computer running now? Any other issues?Thanks again for your help.

Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems.Quote from: darling on December 20, 2012, 07:09:51 PM

Thanks again for your help.

Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems.

Could you please run TDSSKiller again and post the entire log?No problem - I attached the log as a txt file because it's too big to post.

Thanks!

[year+ old attachment deleted by admin]Quote

Still having the same issue - an occasional new tab redirect that only seems to happen when we try to visit the one site. I haven't noticed any other problems.

Could you please post the link to that site?Thank you for bearing with me!

When we visit (in Firefox):
http://www.nbcnews.com/
(or when that site autorefreshes)

it USED to be that occasionally (one out of every five? six? times) it would redirect to:
http://context3.kanoodle.com/AF7F5454-06AA-11DF-BB59-79A43FF5047F
(those numbers at the end seem to be the same every time)

Now, what seems to happen is that nbcnews.com opens as planned and kanoodle loads in a new tab.Ok. Let's try this: Go to Tools, Options, Privacy, show cookies and remove the kanoodle.com cookie. You could also try blocking that site in FF. I tried that nbcnews about five times and it came up ok with no re-directs. Does it re-direct when using Internet Explorer?nbcnews.com doesn't seem to redirect in IE (although I will try a few more times just to be sure). It certainly doesn't redirect in Firefox on any other PC I use.

I have kanoodle on AdBlock in FF - I'll see what else FF can do to block it. It's the weirdest thing.

Thank you!!You're welcome. Let's do some cleanup before I forget.

To uninstall ComboFix

Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
In the field, type in ComboFix /uninstall

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

Then, press Enter, or click OK.
This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.

*************************************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.

Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.

This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
**********************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from ONLINE scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing and Season Greetings!Cool - I'm a little short on time over the past few days so I'll get to work on all of the above very soon.Quote from: darling on January 01, 2013, 10:10:44 AM

Cool - I'm a little short on time over the past few days so I'll get to work on all of the above very soon.

Good. Let me know when you're finished and I'll lock the thread.Alright... all those things done and dusted - thank you.

I'm still getting this darn redirect. I just blacklisted kanoodle using the BlockSite Firefox extension, but if there's a way to stop the redirect entirely I'd love to know how to do it.

Thanks again for all your help!Quote from: darling on January 12, 2013, 07:00:44 AM

Alright... all those things done and dusted - thank you.

I'm still getting this darn redirect. I just blacklisted kanoodle using the BlockSite Firefox extension, but if there's a way to stop the redirect entirely I'd love to know how to do it.

Thanks again for all your help!

If it's only redirecting in FF the only thing I can think of is to uninstall and re-install FF.

Solve : kanoodle.com redirect (also, possible google redirect)?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment