Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Windows Vista Windows Vista
Search Search
Search for:
Tech Support Guy > > >

MyStart Malware >:(


(!)

IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
14-Jul-2012, 04:43 PM #1
MyStart Malware >:(
I've seen a few others with this problem and you seemed to have helped. I've already tried removing it through the add/remove program thing and scoured the drive for anything that looks like it, but I couldn't. It's the MyStart thing, and I'm not so sure how it happened, but it needs to get gone. Your help would be greatly appreciated. If I don't respond after you, send me an email. It'll send a notification to my phone
Thanks
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
14-Jul-2012, 07:00 PM #2
MyStart Toolbar got installed in your computer because you allowed it to get installed during the install/update process of some program.

If you take the time to read each window carefully that appears during an install/update process, there will almost always be the option to uncheck and decline to install extras, such as toolbars and homepages and search pages and scanners.

If you blindly accept the install/update options, all this stuff will accumulate in your computer over time.

---------------------------------------------------------

Go here and click the green "Download latest version" link to download and save HiJackThis 2.0.4

After it's been downloaded and saved, close all open windows first, then double-click the saved file to install it.

Allow it to install in its default location - C:\Program Files.

After it's been installed, start it and allow its main window to load.

Uncheck "Do not show this window when I start HiJackThis".

Click "Do a system scan and save a log file".

When the scan is finished in 30 - 60 seconds, a log file will appear.

Save that log file.

Return here to your thread, then copy-and-paste the entire log file here.

---------------------------------------------------------
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
14-Jul-2012, 07:50 PM #3
Every time I do a scan and save log file, an error pops up saying For some reason your system denied write access to Hosts file. Then it tells me to exit out if on vista, right click and choose Run as administrator, but there is no option for that. It will scan and everything, but it just won't save the log file. And the list is too long for a simple screenshot.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
14-Jul-2012, 07:56 PM #4
Go to Control Panel - User Accounts.

Turn off or disable the User Account Control(UAC) feature, then apply the change.

Restart the computer.

HiJackThis should work okay now without displaying that warning message.

---------------------------------------------------------
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
14-Jul-2012, 08:16 PM #5
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:13:29 PM, on 7/14/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb165?a=6PQCO5wljZ&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 9517 bytes
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
15-Jul-2012, 08:03 AM #6
Do the following in the order that they're listed.

DON'T use the computer while each scan is in progress.

----------------------------------------------------------

Download and save and then install the free version of

Malwarebytes Anti-Malware 1.62.0.1300

SUPERAntiSpyware 5.5.0.1012

Make sure to update their definition files during the install process.

Make sure to uncheck and decline to install any extras, such as toolbars and homepages, they may offer.

After they're installed and updated, restart the computer.

---------------------------------------------------------

Start Malwarebytes Anti-Malware.

Click "Scanner(tab) - Perform quick scan - Scan".

If infections or problems are found during the scan, the number of them will be highlighted in red.

When the scan is finished, click "Show Results".

Make sure that EVERYTHING is selected, then click "Remove Selected".

If you're prompted to restart to finish the removal process, click "Yes".

Start Malwarebytes Anti-Malware again.

Click "Logs"(tab).

Highlight the scan log entry, then click "Open".

When the scan log appears in Notepad, copy-and-paste it here.

----------------------------------------------------------

Start SUPERAntiSpyware.

Select the "Quick Scan" option, then click "Scan your Computer".

If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

When the scan is finished and the scan summary window appears, click "Continue".

Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

Click "OK - Finish".

If you're prompted to restart to finish the removal process, do so.

Start SUPERAntiSpyware again.

Click "View Scan Logs".

Highlight the scan log entry, then click "View Selected Log".

When the scan log appears in Notepad, copy-and-paste it here.

----------------------------------------------------------

Start HiJackThis, then click "Do a system scan only".

Save the new log that appears, then copy-and-paste it here.

----------------------------------------------------------
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
15-Jul-2012, 03:35 PM #7
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.15.09

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Lori :: LORI-PC [administrator]

Protection: Enabled

7/15/2012 2:02:06 PM
mbam-log-2012-07-15 (14-02-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195615
Time elapsed: 6 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 33
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclm lieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 5
C:\Program Files\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Files Detected: 10
C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Users\Lori\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> Quarantined and deleted successfully.

(end)
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
15-Jul-2012, 04:08 PM #8
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/15/2012 at 03:01 PM

Application Version : 5.5.1012

Core Rules Database Version : 8902
Trace Rules Database Version: 6714

Scan type : Quick Scan
Total Scan Time : 00:06:43

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 680
Memory threats detected : 0
Registry items scanned : 27130
Registry threats detected : 0
File items scanned : 7726
File threats detected : 357

Adware.Tracking Cookie
C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\6N1X900C.txt [ /imrworldwide.com ]
C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\5UVQOMYC.txt [ /doubleclick.net ]
C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\NBI8EQIE.txt [ /revsci.net ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\2B23HPH4.txt [ Cookie:lori@clkads.com/adServe/banners ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\L9DO1Q2O.txt [ Cookie:lori@clkads.com/adServe ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@pointroll[3].txt [ Cookie:lori@pointroll.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@sales.live person[1].txt [ Cookie:lori@sales.liveperson.net/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\SAPL7XLW.txt [ Cookie:lori@h.atdmt.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@ads.pointr oll[2].txt [ Cookie:lori@ads.pointroll.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@questionma rket[2].txt [ Cookie:lori@questionmarket.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\12A7GHCR.txt [ Cookie:lori@ad.yieldmanager.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3I2SF0T.txt [ Cookie:lori@fastclick.net/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@msnportal. 112.2o7[2].txt [ Cookie:lori@msnportal.112.2o7.net/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@liveperson[3].txt [ Cookie:lori@liveperson.net/hc/37457093 ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LRT7U7KO.txt [ Cookie:lori@c.atdmt.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JMEVF13.txt [ Cookie:lori@advertising.com/ ]
C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZB7AUA5.txt [ Cookie:lori@doubleclick.net/ ]
C:\USERS\LORI\Cookies\2B23HPH4.txt [ Cookie:lori@clkads.com/adServe/banners ]
C:\USERS\LORI\Cookies\5UVQOMYC.txt [ Cookie:lori@doubleclick.net/ ]
C:\USERS\LORI\Cookies\NBI8EQIE.txt [ Cookie:lori@revsci.net/ ]
C:\USERS\LORI\Cookies\L9DO1Q2O.txt [ Cookie:lori@clkads.com/adServe ]
.bravenet.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.bizrate.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.leeenterprises.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.charter.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.marketlive.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.timeinc.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.chicagosuntimes.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.msnbc.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.cbs.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.msnportal.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.scrippsfoodnet.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.steveco.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.doubleclick.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.dmtracker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
magnet.traffic.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
www5.addfreestats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.bluffcountryartistsgallery.org [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.bluffcountryartistsgallery.org [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.trackalyzer.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.serving-sys.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.wpni.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.apmebf.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.apmebf.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.rtst.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.ehg.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.ehg-verizon.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.ehg-verizon.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.jibjab.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
in.getclicky.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.histats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.histats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
counters.gigya.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.s.clickability.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.cbsdigitalmedia.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.click-trker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.click-trker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
click.eyk.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.a.websponsors.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.avgtechnologies.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
fymc.directtrack.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.directtrack.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.c.gigcount.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
dc.tremormedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.ewscripps.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.microsoftinternetexplorer.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
link.mercent.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.amazonwebstore.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.amazonmerchants.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.solvemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.solvemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
a.visualrevenue.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
dyn.adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.dyn.adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.familybuilder.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.interchangecorporation.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.readersdigest.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
insight.torbit.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.microsoftwlcashback.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.sixapart.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.s.clickability.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.statcounter.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.counter.inkfrog.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COO KIES.SQLITE ]
.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.avgtechnologies.112.2o7.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.7.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.0.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.6.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.8.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.4.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.3.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.2.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.1.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.5.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn.9.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sexad.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.crakmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
click2trax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.freewebs.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.freewebs.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickbooth.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.t.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
15-Jul-2012, 04:11 PM #9
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:11:32 PM, on 7/15/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb165?a=6PQCO5wljZ&i=26
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 10497 bytes
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
15-Jul-2012, 04:14 PM #10
My eye caught a few sketchy things in there. Not my computer, by the way. Sort of a community laptop... yeah, that's it.
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
15-Jul-2012, 05:57 PM #11
Considering the massive number of issues that the Malwarebytes Anti-Malware and SUPERAntiSpyware scans found, I strongly advise that they be put to use at least once a week.

Make sure to update their definition files BEFORE running a quick scan, and make sure to select and remove EVERYTHING they find.

-------------------------------------------------------------------

That bloated startup needs to be trimmed down, but that can wait for now.

I'll get back to you as soon as I review the most current HiJackThis scan log.

-------------------------------------------------------------------
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
15-Jul-2012, 06:08 PM #12
Start HiJackThis, then click "Do a system scan only".

When the scan is finished in about 30 - 60 seconds, put a checkmark in these log entries:

R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll


After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

Close HiJackThis.

------------------------------------------------------------------

Click Start - Run, then type in

%temp% (% is on the number 5 key)

and then click OK.

Click Start - Run, then type in

c:\windows\temp

and then click OK.

Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

If a massive number of files are being deleted, the computer may appear to "hang". Be patient and wait for the deletion process to finish.

After it's done, restart the computer.

--------------------------------------------------------------------
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
15-Jul-2012, 06:37 PM #13
there is no Run command, but a start search bar at the bottom. I can get into the temp folder, but it has more than 2 folders and plenty of open files. If I type in %temp%, 2 folders come up, one as Temp, other as temp. Should I handle those two as you suggested?
flavallee's Avatar
flavallee   (Frank) flavallee is offline flavallee is a Trusted Advisor with special permissions. flavallee has a Profile Picture
Computer Specs
Trusted Advisor with 58,540 posts.
 
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
16-Jul-2012, 06:45 AM #14
Right-click the Start button, then click Properties.

You can then customize the start menu to add the "Run" command to it.

These are the temp folders that you want to delete the contents of:

C:\Windows\Temp

C:\Users\(Username)\AppData\Local\Temp


-------------------------------------------------------------------

Start HiJackThis.

Click on the "Open The Misc Tools Section" button.

Click on the "Open Uninstall Manager" button.

Click on the "Save List" button.

Save the "uninstall_list.txt" file somewhere.

It'll then open in Notepad.

Return here to your thread, then copy-and-paste the entire file here.

--------------------------------------------------------------------
IncredibarAbused's Avatar
IncredibarAbused IncredibarAbused is offline
Computer Specs
Member with 9 posts.
THREAD STARTER
 
Join Date: Jul 2012
Experience: Intermediate
16-Jul-2012, 02:51 PM #15
Adobe AIR
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2012
AVG 2012
AVG 2012
Bonjour
butterflygardens_3138431 Screen Saver
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon MP280 series User Registration
Canon My Printer
Canon Solution Menu EX
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
coralreef_3133975 Screen Saver
Dell Resource CD
Dell Wireless WLAN Card Utility
Furcadia
GIMP 2.6.11
Google Chrome
Google Earth
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Integrated Webcam Driver (1.02.01.0320)
Intel(R) Graphics Media Accelerator Driver
iTunes
Java(TM) 6 Update 32
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 4.0
MotoHelper 2.0.51 Driver 5.1.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.1.0
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
QuickTime
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Steam
SUPERAntiSpyware
Terraria
tropicallights_3115925 Screen Saver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
WinRAR 4.01 (32-bit)
YouTube Downloader Toolbar v6.0
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑