Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Popup Message From Webpage

(New)
(!)

flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
13-Nov-2011, 03:24 PM #16
Start HiJackThis, then click "Do a system scan only".

The scan is quick and should be finished in less than a minute.

After it's finished, put a checkmark in these log entries:

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: FCSB000062035 Class - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dl

O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)

O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - http://coupons.smartsource.com/download/cscmv5X.cab

O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/dow...in/actxcab.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

Close HiJackThis, then restart the computer.

-------------------------------------------------------

Start Malwarebytes Anti-Malware.

Click "Updates(tab) - Check for Updates".

When the definition files have updated, click "OK".

Click "Scanner(tab) - Perform quick scan - Scan".

If infections or problems are found during the scan, the number of them will be highlighted in red.

When the scan is finished, click "Show Results".

Make sure that EVERYTHING is selected, then click "Remove Selected".

If you're prompted to restart to finish the removal process, click "Yes".

Start Malwarebytes Anti-Malware again.

Click "Logs"(tab).

Highlight the scan log entry, then click "Open".

When the scan log appears in Notepad, copy-and-paste it here.

-------------------------------------------------------

Start SUPERAntiSpyware.

Click "Check for Updates".

When the definition files have updated, click "Close".

Select the Quick Scan option, then click "Scan your Computer".

If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

When the scan is finished and the scan summary window appears, click "Continue".

Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

Click "OK - Finish".

If you're prompted to restart to finish the removal process, do so.

Start SUPERAntiSpyware again.

Click "View Scan Logs".

Highlight the scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

-------------------------------------------------------
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
13-Nov-2011, 04:20 PM #17
Thx - I had a dickens of a time trying to figure out the hijack this log - but looks like I finally got it. I'll be around until around 5:00 p.m (6:00 your time) and then I'll leave to go back to church. I'll check back with you every so often - I know by the size of the file that this step may take a while. I should be back home around 7:30 - 8:00 p.m. (8:30 to 9:00 your time) so you may not want to mess with this that late. That is fine - I appreciate everything you are trying to do for me. If I don't catch you tonight, I'll check back with you tomorrow night. Thx again.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
13-Nov-2011, 04:43 PM #18
The quick scans won't take long at all.

Just make sure you don't accidentally select the full/complete scan because it'll take much longer.

Don't use your computer while each scan is in progress.

You may have time to get it all done before you go to church and before I sign off for the day.

---------------------------------------------------------
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
13-Nov-2011, 04:51 PM #19
ok - here goes.
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
13-Nov-2011, 05:39 PM #20
I tried to delete the files you asked from HiJackThis but I got an error message.
Also, do I have to complete this step before I do the malwarebytes Anti-Malware and the Super Anti Spyware and do I have to purchase these programs before I can use?
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
13-Nov-2011, 06:06 PM #21
Skip the section about fixing the log entries.

You do NOT need to purchase those 2 programs. If you're prompted to purchase the fully-functional version, decline to do so. The free version works fine for what you need it for.

I'm getting ready to go off-line for the night. Unless you ran into a problem, I'll check your scan logs in the morning.

------------------------------------------------------
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
13-Nov-2011, 09:48 PM #22
12:15:43 Anne Pease MESSAGE Protection started successfully
12:15:48 Anne Pease MESSAGE IP Protection started successfully
12:18:41 Anne Pease MESSAGE Scheduled update executed successfully
12:18:42 Anne Pease MESSAGE IP Protection stopped
12:18:47 Anne Pease MESSAGE Database updated successfully
12:18:50 Anne Pease MESSAGE IP Protection started successfully
12:56:41 Anne Pease MESSAGE Protection started successfully
12:56:46 Anne Pease MESSAGE IP Protection started successfully
12:58:46 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb QUARANTINE
12:58:47 Anne Pease ERROR Quarantine failed: DeleteFile failed with error code 5
13:04:59 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
13:05:02 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
13:05:08 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
13:17:38 Anne Pease MESSAGE Protection started successfully
13:17:46 Anne Pease MESSAGE IP Protection started successfully
13:20:13 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb QUARANTINE
13:20:15 Anne Pease ERROR Quarantine failed: DeleteFile failed with error code 5
13:20:17 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
13:20:20 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
13:46:26 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
14:10:45 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
14:31:29 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
14:54:44 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
14:54:47 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:08:44 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:08:47 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:08:48 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:30:42 Anne Pease MESSAGE Protection started successfully
15:30:48 Anne Pease MESSAGE IP Protection started successfully
15:34:56 Anne Pease MESSAGE Protection started successfully
15:35:02 Anne Pease MESSAGE IP Protection started successfully
15:39:23 Anne Pease MESSAGE Protection started successfully
15:39:30 Anne Pease MESSAGE IP Protection started successfully
15:48:02 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb QUARANTINE
15:48:03 Anne Pease ERROR Quarantine failed: DeleteFile failed with error code 5
15:48:16 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:50:09 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:50:10 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:50:12 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
15:55:20 Anne Pease MESSAGE Protection started successfully
16:08:48 Anne Pease MESSAGE Protection started successfully
16:08:55 Anne Pease MESSAGE IP Protection started successfully
16:13:08 Anne Pease MESSAGE Protection started successfully
16:13:15 Anne Pease MESSAGE IP Protection started successfully
16:22:17 Anne Pease MESSAGE Protection started successfully
16:22:23 Anne Pease MESSAGE IP Protection started successfully
16:28:38 Anne Pease MESSAGE Protection started successfully
16:28:45 Anne Pease MESSAGE IP Protection started successfully
16:32:36 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb QUARANTINE
16:32:37 Anne Pease ERROR Quarantine failed: DeleteFile failed with error code 5
16:32:42 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:32:46 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:36:55 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:36:55 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:36:59 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:36:59 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:37:03 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:37:04 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:42:09 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:42:11 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:42:13 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:45:48 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:45:50 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:45:52 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:46:36 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:47:32 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:52:22 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:52:24 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:52:26 Anne Pease DETECTION C:\PROGRAM FILES\ARCADEWEB\ARCADEWEB32.DLL Adware.ArcadeWeb DENY
16:55:55 Anne Pease MESSAGE IP Protection stopped
16:56:08 Anne Pease MESSAGE Database updated successfully
16:56:11 Anne Pease MESSAGE IP Protection started successfully
17:43:05 Anne Pease MESSAGE Protection started successfully
17:43:11 Anne Pease MESSAGE IP Protection started successfully
20:42:40 Anne Pease MESSAGE Protection started successfully
20:42:48 Anne Pease MESSAGE IP Protection started successfully
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
13-Nov-2011, 11:06 PM #23
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/13/2011 at 09:39 PM
Application Version : 5.0.1136
Core Rules Database Version : 7937
Trace Rules Database Version: 5749
Scan type : Quick Scan
Total Scan Time : 00:45:53
Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 1 (Build 6.00.6001)
UAC On - Limited User (Administrator User)
Memory items scanned : 602
Memory threats detected : 0
Registry items scanned : 37141
Registry threats detected : 3
File items scanned : 76889
File threats detected : 156
Trojan.DNSChanger-Codec
HKU\S-1-5-21-3861044452-3139563411-3663233647-1000\Software\uninstall
Adware.IWinGames
HKU\S-1-5-21-3861044452-3139563411-3663233647-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CA5ED52-F3FB-4414-A105-2E3491156990}
Adware.ShopAtHomeSelect
HKU\S-1-5-21-3861044452-3139563411-3663233647-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Adware.Tracking Cookie
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@ads.bridgetrack[1].txt [ /ads.bridgetrack ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@adxpose[1].txt [ /adxpose ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@atdmt[2].txt [ /atdmt ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@doubleclick[1].txt [ /doubleclick ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@doubleclick[3].txt [ /doubleclick ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@eyewonder[2].txt [ /eyewonder ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@hotels-and-discounts[1].txt [ /hotels-and-discounts ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@invitemedia[2].txt [ /invitemedia ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@mywebsearch[1].txt [ /mywebsearch ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@oracle.112.2o7[1].txt [ /oracle.112.2o7 ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@questionmarket[1].txt [ /questionmarket ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@specificclick[1].txt [ /specificclick ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@specificmedia[1].txt [ /specificmedia ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@specificmedia[3].txt [ /specificmedia ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@track.freenewgif ts[2].txt [ /track.freenewgifts ]
C:\Users\Anne Pease\AppData\Roaming\Microsoft\Windows\Cookies\anne_pease@track.yourreward inside[1].txt [ /track.yourrewardinside ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.ihireacc ounting[2].txt [ Cookie:anne pease@www.ihireaccounting.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@msnbc.112.2o 7[2].txt [ Cookie:anne pease@msnbc.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adbrite[1].txt [ Cookie:anne pease@adbrite.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@popularscree nsavers[1].txt [ Cookie:anne pease@popularscreensavers.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.findmyor der[2].txt [ Cookie:anne pease@www.findmyorder.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@serving-sys[1].txt [ Cookie:anne pease@serving-sys.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@counter.adco urier[1].txt [ Cookie:anne pease@counter.adcourier.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@cbsdigitalme dia.112.2o7[1].txt [ Cookie:anne pease@cbsdigitalmedia.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@a1.interclic k[2].txt [ Cookie:anne pease@a1.interclick.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@specificclic k[1].txt [ Cookie:anne pease@specificclick.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@nhl.112.2o7[1].txt [ Cookie:anne pease@nhl.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@liveperson[4].txt [ Cookie:anne pease@liveperson.net/hc/LPservicemagic ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@usatoday1.11 2.2o7[1].txt [ Cookie:anne pease@usatoday1.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@electronicar ts.112.2o7[1].txt [ Cookie:anne pease@electronicarts.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ads.pointrol l[1].txt [ Cookie:anne pease@ads.pointroll.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@at.atwola[2].txt [ Cookie:anne pease@at.atwola.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@tacoda.at.at wola[1].txt [ Cookie:anne pease@tacoda.at.atwola.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@xiti[1].txt [ Cookie:anne pease@xiti.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@media6degree s[3].txt [ Cookie:anne pease@media6degrees.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adecn[2].txt [ Cookie:anne pease@adecn.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adxpose[1].txt [ Cookie:anne pease@adxpose.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ihire.122.2o 7[1].txt [ Cookie:anne pease@ihire.122.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ad.yieldmana ger[1].txt [ Cookie:anne pease@ad.yieldmanager.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@statse.webtr endslive[1].txt [ Cookie:anne pease@statse.webtrendslive.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.accounte mps[2].txt [ Cookie:anne pease@www.accountemps.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@insightexpre ssai[2].txt [ Cookie:anne pease@insightexpressai.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@affiliate.ut atracker[2].txt [ Cookie:anne pease@affiliate.utatracker.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@a.intentmedi a[2].txt [ Cookie:anne pease@a.intentmedia.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@mywebsearch[5].txt [ Cookie:anne pease@mywebsearch.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@1zz.cqcounte r[1].txt [ Cookie:anne pease@1zz.cqcounter.com/cgi-bin/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adserver.rac ingone[1].txt [ Cookie:anne pease@adserver.racingone.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@track.yourre wardinside[1].txt [ Cookie:anne pease@track.yourrewardinside.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@revsci[1].txt [ Cookie:anne pease@revsci.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@medhelpinter national.112.2o7[1].txt [ Cookie:anne pease@medhelpinternational.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@hpi.rotator. hadj7.adjuggler[1].txt [ Cookie:anne pease@hpi.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@bs.serving-sys[1].txt [ Cookie:anne pease@bs.serving-sys.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@content.yiel dmanager[3].txt [ Cookie:anne pease@content.yieldmanager.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@content.yiel dmanager[4].txt [ Cookie:anne pease@content.yieldmanager.com/ak/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@collective-media[1].txt [ Cookie:anne pease@collective-media.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@usnuc[1].txt [ Cookie:anne pease@usnuc.com/servlet/ajrotator/track/pt628637 ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@invitemedia[2].txt [ Cookie:anne pease@invitemedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@mediabrandsw w[2].txt [ Cookie:anne pease@mediabrandsww.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@jump.tvitrac k[2].txt [ Cookie:anne pease@jump.tvitrack.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@advertising[1].txt [ Cookie:anne pease@advertising.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@trafficmp[2].txt [ Cookie:anne pease@trafficmp.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@liveperson[1].txt [ Cookie:anne pease@liveperson.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@2o7[1].txt [ Cookie:anne pease@2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@liveperson[3].txt [ Cookie:anne pease@liveperson.net/hc/19452074 ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@pointroll[2].txt [ Cookie:anne pease@pointroll.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ihireaccount ing[2].txt [ Cookie:anne pease@ihireaccounting.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@doubleclick[1].txt [ Cookie:anne pease@doubleclick.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.clickman age[2].txt [ Cookie:anne pease@www.clickmanage.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@user.lucidme dia[1].txt [ Cookie:anne pease@user.lucidmedia.com/clicksense/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@lucidmedia[2].txt [ Cookie:anne pease@lucidmedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ads2.phonear ena[1].txt [ Cookie:anne pease@ads2.phonearena.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@r1-ads.ace.advertising[2].txt [ Cookie:anne pease@r1-ads.ace.advertising.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@orbitzaway.1 22.2o7[1].txt [ Cookie:anne pease@orbitzaway.122.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@media.adfron tiers[1].txt [ Cookie:anne pease@media.adfrontiers.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@accountonlin e[2].txt [ Cookie:anne pease@accountonline.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@associatedco ntent.112.2o7[1].txt [ Cookie:anne pease@associatedcontent.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@traveladvert ising[1].txt [ Cookie:anne pease@traveladvertising.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.gmbtrack[1].txt [ Cookie:anne pease@www.gmbtrack.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@112.2o7[1].txt [ Cookie:anne pease@112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adsonar[1].txt [ Cookie:anne pease@adsonar.com/adserving ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@in.getclicky[1].txt [ Cookie:anne pease@in.getclicky.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@lfstmedia[1].txt [ Cookie:anne pease@lfstmedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@media.fans.p redators.nhl[1].txt [ Cookie:anne pease@media.fans.predators.nhl.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@mm.chitika[2].txt [ Cookie:anne pease@mm.chitika.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ar.atwola[1].txt [ Cookie:anne pease@ar.atwola.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@usnuc[2].txt [ Cookie:anne pease@usnuc.com/servlet/ajrotator/track/pt628650 ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@counter.surf counters[1].txt [ Cookie:anne pease@counter.surfcounters.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.findstuf f[1].txt [ Cookie:anne pease@www.findstuff.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@technoratime dia[2].txt [ Cookie:anne pease@technoratimedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adserver.inn ovativemetrics[1].txt [ Cookie:anne pease@adserver.innovativemetrics.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@lynxtrack[1].txt [ Cookie:anne pease@lynxtrack.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@healthgrades .112.2o7[1].txt [ Cookie:anne pease@healthgrades.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adfarm1.adit ion[2].txt [ Cookie:anne pease@adfarm1.adition.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@tracking.ser vedbyy[2].txt [ Cookie:anne pease@tracking.servedbyy.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@s.clickabili ty[1].txt [ Cookie:anne pease@s.clickability.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@rtst.122.2o7[1].txt [ Cookie:anne pease@rtst.122.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@media.mercol a[2].txt [ Cookie:anne pease@media.mercola.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ad.doublecli ck[1].txt [ Cookie:anne pease@ad.doubleclick.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adlegend[2].txt [ Cookie:anne pease@adlegend.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ad3.adfarm1. adition[2].txt [ Cookie:anne pease@ad3.adfarm1.adition.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@dc.tremormed ia[2].txt [ Cookie:anne pease@dc.tremormedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@testdata.cor emetrics[1].txt [ Cookie:anne pease@testdata.coremetrics.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adserver.ign itad[1].txt [ Cookie:anne pease@adserver.ignitad.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@eyewonder[2].txt [ Cookie:anne pease@eyewonder.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.kntrack[2].txt [ Cookie:anne pease@www.kntrack.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@f.blogads[1].txt [ Cookie:anne pease@f.blogads.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@questionmark et[2].txt [ Cookie:anne pease@questionmarket.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@forum.rotato r.hadj7.adjuggler[1].txt [ Cookie:anne pease@forum.rotator.hadj7.adjuggler.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@kontera[1].txt [ Cookie:anne pease@kontera.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@citygridmedi a[2].txt [ Cookie:anne pease@citygridmedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@uol.realmedi a[1].txt [ Cookie:anne pease@uol.realmedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@liveperson[5].txt [ Cookie:anne pease@liveperson.net/hc/56294818 ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@googleads.g. doubleclick[1].txt [ Cookie:anne pease@googleads.g.doubleclick.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@c5.zedo[1].txt [ Cookie:anne pease@c5.zedo.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@burstbeacon[1].txt [ Cookie:anne pease@burstbeacon.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@warnerbros.1 12.2o7[1].txt [ Cookie:anne pease@warnerbros.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@auto-price-finder[2].txt [ Cookie:anne pease@auto-price-finder.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@jmp.clickboo th[1].txt [ Cookie:anne pease@jmp.clickbooth.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@track.superc oolprizes[1].txt [ Cookie:anne pease@track.supercoolprizes.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@hotwire.db.a dvertising[1].txt [ Cookie:anne pease@hotwire.db.advertising.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@wstat.wibiya[1].txt [ Cookie:anne pease@wstat.wibiya.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@cdn.eyewonde r[3].txt [ Cookie:anne pease@cdn.eyewonder.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@farecastcom. 122.2o7[1].txt [ Cookie:anne pease@farecastcom.122.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@media2.legac y[1].txt [ Cookie:anne pease@media2.legacy.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@adtrackrs[2].txt [ Cookie:anne pease@adtrackrs.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@statsadv.dad apro[1].txt [ Cookie:anne pease@statsadv.dadapro.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@govtrack[1].txt [ Cookie:anne pease@govtrack.us/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@networldmedi a[2].txt [ Cookie:anne pease@networldmedia.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@intermundome dia[2].txt [ Cookie:anne pease@intermundomedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@findlaw[1].txt [ Cookie:anne pease@findlaw.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@akamai.inter clickproxy[2].txt [ Cookie:anne pease@akamai.interclickproxy.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.googlead services[7].txt [ Cookie:anne pease@www.googleadservices.com/pagea...on/1002798411/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@liveperson[6].txt [ Cookie:anne pease@liveperson.net/hc/53965383 ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.googlead services[5].txt [ Cookie:anne pease@www.googleadservices.com/pagea...on/1072605658/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@lm.logicalme dia[1].txt [ Cookie:anne pease@lm.logicalmedia.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@hotels-and-discounts[1].txt [ Cookie:anne pease@hotels-and-discounts.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@tracking.cal lmeasurement[1].txt [ Cookie:anne pease@tracking.callmeasurement.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.googlead services[1].txt [ Cookie:anne pease@www.googleadservices.com/pagea...on/1046803300/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@www.googlead services[3].txt [ Cookie:anne pease@www.googleadservices.com/pagea...ion/975728701/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@web-stat[2].txt [ Cookie:anne pease@web-stat.com/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@gmcnglobal.1 12.2o7[1].txt [ Cookie:anne pease@gmcnglobal.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@server.iad.l iveperson[1].txt [ Cookie:anne pease@server.iad.liveperson.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@gmgmacmortga ge.112.2o7[1].txt [ Cookie:anne pease@gmgmacmortgage.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@ussearch.122 .2o7[1].txt [ Cookie:anne pease@ussearch.122.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@reunioncom.1 12.2o7[1].txt [ Cookie:anne pease@reunioncom.112.2o7.net/ ]
C:\USERS\ANNE PEASE\AppData\Roaming\Microsoft\Windows\Cookies\Low\anne_pease@static.getcl icky[1].txt [ Cookie:anne pease@static.getclicky.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@specificclick[1].txt [ Cookie:anne pease@specificclick.net/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@hotels-and-discounts[1].txt [ Cookie:anne pease@hotels-and-discounts.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@adxpose[1].txt [ Cookie:anne pease@adxpose.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@mywebsearch[1].txt [ Cookie:anne pease@mywebsearch.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@track.yourrewardinside[1].txt [ Cookie:anne pease@track.yourrewardinside.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@invitemedia[2].txt [ Cookie:anne pease@invitemedia.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@atdmt[2].txt [ Cookie:anne pease@atdmt.com/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@oracle.112.2o7[1].txt [ Cookie:anne pease@oracle.112.2o7.net/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@doubleclick[3].txt [ Cookie:anne pease@doubleclick.net/ ]
C:\USERS\ANNE PEASE\Cookies\anne_pease@eyewonder[2].txt [ Cookie:anne pease@eyewonder.com/ ]
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
14-Nov-2011, 10:23 AM #24
I have no idea what you submitted in post #22.

That's NOT a Malwarebytes Anti-Malware scan log.

-------------------------------------------------------

Did you select and remove all 159 threats that the SUPERAntiSpyware scan found?

-------------------------------------------------------
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
14-Nov-2011, 07:42 PM #25
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8156
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048
11/13/2011 5:37:50 PM
mbam-log-2011-11-13 (17-37-50).txt
Scan type: Quick scan
Objects scanned: 208902
Time elapsed: 38 minute(s), 59 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 71
Registry Values Infected: 6
Registry Data Items Infected: 1
Folders Infected: 15
Files Infected: 18
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\program files\arcadeweb\arcadeweb32.dll (Adware.ArcadeWeb) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{0656A137-B161-CADD-9777-E37A75727E78} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0B682CC1-FB40-4006-A5DD-99EDD3C9095D} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0e1230f8-ea50-42a9-983c-d22abc2eeb4c} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{78919608-B066-4B5A-B248-38E12A783E05} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9F531FB1-7C1F-4e1a-8C0C-E8D6177130E2} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2A04A1D0-1969-400e-A53C-6A5433A4B658} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21C1577D-B190-4F9D-8034-F26DE5F9F3C2} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AWGames.Addon.1 (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AWGames.Addon (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{9F531FB1-7C1F-4E1A-8C0C-E8D6177130E2} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9 F531FB1-7C1F-4E1A-8C0C-E8D6177130E2} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F53 1FB1-7C1F-4E1A-8C0C-E8D6177130E2} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{A670E878-A272-443D-BD19-ED0A9BFD3FD8} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5F280841-8023-4BE6-9A4F-184D3E79A785} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerPlugin.Extension.1 (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerPlugin.Extension (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7 8919608-B066-4B5A-B248-38E12A783E05} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7891 9608-B066-4B5A-B248-38E12A783E05} (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9dd4258a-7138-49c4-8d34-587879a5c7a4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{9DD4258A-7138-49C4-8D34-587879A5C7A4} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b8c0220d-763d-49a4-95f4-61dfdec66ee6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{B8C0220D-763D-49A4-95F4-61DFDEC66EE6} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c3bcc488-1ae7-11d4-ab82-0010a4ec2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{C3BCC488-1AE7-11D4-AB82-0010A4EC2338} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{000000DA-0786-4633-87C6-1AA7A4429EF1} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 0A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6 FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 7B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B1 8EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0 7B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B1 8EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6 FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B1 8EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4D B7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApprove d\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B96 D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC2 01FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E72 0452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF0 5104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Arca deweb (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\applications\accessdiver.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\HOL5_VXIEWER.FULL.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\TYPELIB (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\dpcproxy (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fwbd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\HolLol (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MPMFC1 (Rogue.SearchAndDestroy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\mwc (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorertoolbar (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Golde n Palace Casino NEW (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Inet Delivery (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mslag ent (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\System\CurrentControlSet\Services\iTunesMusic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\System\CurrentControlSet\Services\rdriv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shared TaskScheduler\{0656A137-B161-CADD-9777-E37A75727E78} (Fake.Dropped.Malware) -> Value: {0656A137-B161-CADD-9777-E37A75727E78} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AW TrayIcon (Adware.ArcadeWeb) -> Value: AW TrayIcon -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TrayIcRun (Adware.ArcadeWeb) -> Value: TrayIcRun -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shared TaskScheduler\{0656A137-B161-CADD-9777-E37A75727E78} (Fake.Dropped.Malware) -> Value: {0656A137-B161-CADD-9777-E37A75727E78} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpywareSwee perProMFC (Rogue.SpywareSweeper) -> Value: SpywareSweeperProMFC -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObj ectDelayLoad\SystemCheck2 (Trojan.Agent) -> Value: SystemCheck2 -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanc ed\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Folders Infected:
c:\programdata\19113520 (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Windows\spyware sweeper pro (Rogue.SpywareSweeper) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\Chrome (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
Files Infected:
c:\program files\arcadeweb\arcadeweb32.dll (Adware.ArcadeWeb) -> Delete on reboot.
c:\$Recycle.Bin\s-1-5-21-3861044452-3139563411-3663233647-1000\$RME174Z\adobe_flash_player.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\$Recycle.Bin\s-1-5-21-3861044452-3139563411-3663233647-1000\$RME174Z\wpbt0.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\arcadeweb\awun.exe (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\Desktop\click to find and fix errors.lnk (Rogue.Link) -> Quarantined and deleted successfully.
c:\Windows\spyware sweeper pro setup log.txt (Rogue.SpywareSweeper) -> Quarantined and deleted successfully.
c:\Windows\spyware sweeper pro uninstall log.txt (Rogue.SpywareSweeper) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin\F3EZSETP.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Installr\1.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Windows\spyware sweeper pro\uninstall.exe (Rogue.SpywareSweeper) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\chrome.manifest (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\install.rdf (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\Chrome\awtextlinks.jar (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\arcadewebfirefox.dll (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\arcadewebfirefox.xpt (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
c:\Users\anne pease\AppData\Roaming\Mozilla\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components\awextension.js (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
14-Nov-2011, 07:47 PM #26
Sorry - I think I copied the protection log rather than the scan log. I re-posted in #25 - Let me know if that isn't what you are looking for.

And yes, I deleted all 159 threats that anit-spyware found.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
14-Nov-2011, 07:49 PM #27
Your computer was infested worse than I expected.

It looks like you selected and removed EVERYTHING.

Are you still receiving the pop-up messages?

-------------------------------------------------------

Start HiJackThis, then click "Do a system scan and save a log file".

Save the new log that appears, then submit it here.

-------------------------------------------------------
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
14-Nov-2011, 08:36 PM #28
I'm still receiving the pop up messages. I need to do this for you - but I had to leave work early today for a Dr.'s appointment and they are asking for a report that I need to get to them and I have a physical therapy appointment in the morning. I know you are trying diligently to help me, but I may have to work late tomorrow and I have church on Wednesday night. But, I will try to get back to you in between - I really do appreciate everything you are trying to do for me!
Agranny's Avatar
Agranny Agranny is offline
Member with 35 posts.
THREAD STARTER
 
Join Date: Nov 2011
14-Nov-2011, 09:01 PM #29
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:58:36 PM, on 11/14/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19048)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\Anne Pease\AppData\Roaming\Smilebox\SmileboxTray.exe
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Documents\Apease\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg.dll
O2 - BHO: FCSB000062035 Class - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\ShoppingBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin .dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [Trend Micro AntiVirus 2007] "C:\Program Files\Trend Micro\AntiVirus 2007\tavui.exe" -1 --delay 15
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [BrMfcWnd] "C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] "C:\Program Files\Brother\ControlCenter3\brctrcen.exe" /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
O4 - HKCU\..\Run: [SmileboxTray] "C:\Users\Anne Pease\AppData\Roaming\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} (ScrabbleCubes Control) - http://www.worldwinner.com/games/v47...abblecubes.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/...x/qtplugin.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47...amesLoader.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.3.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} - http://coupons.smartsource.com/download/cscmv5X.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46.../bejeweled.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) - https://clients.parking.com/eds/arview2.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) - http://www.worldwinner.com/games/lau...0/iewwload.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/dow...in/actxcab.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47...familyfeud.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {EBC1356E-7D5E-44EC-831D-847882F06FE5} (Gateway Client for MetaFrame) - https://portal.parking.com/cpc%20acc...n/CSGProxy.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: Google Update Service (gupdate1cac3f3697c9f91) (gupdate1cac3f3697c9f91) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12861 bytes

I couldn't get the report they need for work as I am still getting the same error message I was before - IT still don't have my "work" issue fixed - but that is their problem. Here is the new HiJACK This scan log.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 59,442 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
15-Nov-2011, 08:17 AM #30
Click Start - Run, then type in MSCONFIG and then click OK - "Startup" tab.

Write down only the names in the "Startup Item" column that have a checkmark.

If the column isn't wide enough to see the entire name of any of them, widen the column.

Submit those names here in a vertical list.

Make sure to spell them exactly as you see them there.

-------------------------------------------------------
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑

Content Relevant URLs by vBSEO 3.3.2