[rose1954]

I am having trouble after getting into a web site. I can log onto the web site, but I cannot go to my account information. I have been told by several people that there is a firewall blocking this from happening, but cannot locate the firewall. We disabled our internet security but this did not help.

[blues_harp28]

Hi and welcome.
Is this the only website that you have a problem with?
If you can access the website but not your account - there should be a link to send a message to the Administrators.
Your account may have been deactivated for some reason.

Don't forget to keep your internet security switched on - you do not want to add to your problem.

[rose1954]

Thank you for the reply and the welcome. It is a cable company web site and I usually pay my bill on the web site. It will let me log in, but not access my account information. The cable company tried to get into the account and it worked for them so they said there must be a firewall blocking somewhere. I don't know where to look for it though. Thanks again.

[blues_harp28]

Post a Hjt log - to see what is running on your system.

Hijack this 2.04

• Save HJTInstall.exe to your desktop.
• Doubleclick on the HJTInstall.exe icon on your desktop.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

[rose1954]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:51:52 PM, on 6/28/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\National Consumer Panel\NCP Internet Transporter\HSTrans.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
C:\PROGRA~1\COMMON~1\AOL\120898~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\120898~1\EE\AOLServiceHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_cu...spx?TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0080423
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - {37153479-1976-43c3-a1ee-557513977b64} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: (no name) - {c9d421f2-bf25-4224-95ed-2b491106634d} - (no file)
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll
O2 - BHO: Updater For Xfinity.com Toolbar 3.5 - {e6d0b79e-ecac-411b-8bf6-7a574981af30} - C:\Program Files\xfinitytb\auxi\xfinityAu.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O3 - Toolbar: Xfinity.com Toolbar - {dcc70a83-e184-40a3-906b-779af5e941c4} - C:\Program Files\xfinitytb\xfinitydx.dll
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1208987670\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [MegaPanel] C:\Program Files\National Consumer Panel\NCP Internet Transporter\HSTrans.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ErrorTeck] C:\Program Files\ErrorTeck\ErrorTeck.exe /scan
O4 - HKLM\..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\RunOnce: [AvgRemover] C:\Documents and Settings\Kenneth Strean\Local Settings\Temporary Internet Files\Content.IE5\RSAYF9FA\avg_remover_stf_x86_2012_2125[1].exe /run_number=2 /avgdir="C:\Program Files\AVG\AVG2012\" /avgdatadir="C:\Documents and Settings\All Users\Application Data\AVG2012\" /ndis_nextstep=1
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
O4 - HKCU\..\Run: [KGShareApp] C:\Program Files\Kodak\KODAK Share Button App\KGShare_App.exe
O4 - HKUS\S-1-5-19\..\Run: [fojonimoru] Rundll32.exe "C:\WINDOWS\system32\nifisofo.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [fojonimoru] Rundll32.exe "C:\WINDOWS\system32\nifisofo.dll",s (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Kenneth Strean')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [PersonalSec] C:\Program Files\PersonalSec\psecurity.exe (User 'Kenneth Strean')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /startmonitor (User 'Kenneth Strean')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s (User 'Kenneth Strean')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Kenneth Strean')
O4 - HKUS\S-1-5-21-1314697744-1693218791-833567686-1006\..\Run: [ComcastAntispyClient] "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide (User 'Kenneth Strean')
O4 - Global Startup: WhiteSmoke Translator.lnk = C:\Documents and Settings\Elaine Strean\Local Settings\Temporary Internet Files\Content.IE5\GKAOUDCI\WhiteSmokeWriterGeo5002_en[1].exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...Q&n=2010032019
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://www.imgag.com/kiw/toolbar/dow...lerControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1229304603892
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Comcast AntiSpyware (AntiSpywareService) - Unknown owner - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Pest Patrol Realtime Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 13302 bytes

[rose1954]

I think I sent you what you asked for, hopefully it is correct. Thank you very much.

[blues_harp28]

Post the uninstall log from Hjt log
Start HiJackThis.
Click > Open The Misc Tools Section button.
Click > Open Uninstall Manager.
Click > Save List.
Save the uninstall list file on your desktop.
It will then open in Notepad.
Copy-and-Paste the uninstall list in the reply box.

----


Download.
MalwareBytes and SuperAntiSpyware to your desktop.
Download the Free versions of both programs.

MalwareBytes

SuperAntiSpyware

Once they are downloaded to your desktop.
Close all open browser windows.

MalwareBytes
Click on the Install icon - allow it to update during the install process.

Start Malwarebytes Anti-Malware.
Click on Scanner > then quick scan > then Scan.
Any infections or problems will be highlighted in red.
After the scan is finished - Click - Show Results.
Check that all entries are selected.
Click - Remove Selected.
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start Malwarebytes again.
Click on the Logs Tab.
Highlight the scan log entry.
Click - Open.
The scan log will appear in Notepad.
Copy and paste it in your next post.

SuperAntiSpyware
Click on the install icon - allow it to update during the install process.
Select the Quick Scan option.
Click Scan your Computer.
Any infections or problems will be highlighted in red.
After the scan is finished.
Click Continue.
Check that everything is listed.
Click Remove Threats.
Click OK - then click Finish
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start SuperAntiSpyware again.
Click View Scan Logs.
Highlight the scan log entry.
Click - View Selected Log.
The scan log will appear in Notepad.
Copy and paste in your next post.

[rose1954]

I have the uninstall on my desktop, but it will not let me copy the file. The copy icon is not highlighted?

[blues_harp28]

Click Edit > Select all - Edit > Copy then paste the log here.

[rose1954]

Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
America Online (Choose which version to remove)
AOL Connectivity Services
ArcSoft Software Suite
AVG 2012
CA Pest Patrol Realtime Protection
Comcast Desktop Software (v1.2.0.9)
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows
Dell Resource CD
Documentation & Support Launcher
EarthLink Setup Files
Google Update Helper
Heavy Weather Pro 3610
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB945060-v3)
InstallMgr
Internet Transporter - NCP Link
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Word Viewer 2003
Microsoft Search Enhancement Pack
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modem Diagnostic Tool
MSN
MSN Toolbar
MSN Toolbar
MSXML 6.0 Parser (KB933579)
NCP Internet Transporter
NetWaiting
NVIDIA Drivers
RealPlayer Basic
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Trend Micro Titanium Maximum Security
Trend Micro™ Titanium™ Maximum Security
Viewpoint Media Player
Weather Services
Windows Communication Foundation
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Service Pack 3
Xfinity.com Toolbar 3.5
Yahoo! Music Jukebox
Yahoo! Search Protection

[blues_harp28]

While I check the above list - Download MalwareBytes and SuperAntiSpyware - scan your Pc and post the logs.
Info in post # 7

[blues_harp28]

You have Trend Micro Titanium Maximum Security installed.
Uninstall Avg 2012 from Add-Remove programs
Restart your Pc after the uninstall.

Also run McAfee uninstall tool - to remove all remaining files.
http://majorgeeks.com/McAfee_Consume...ool_d5420.html

[rose1954]

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.29.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Elaine Strean :: DB85P4G1 [administrator]

6/29/2012 2:42:29 PM
mbam-log-2012-06-29 (14-42-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224578
Time elapsed: 13 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 34
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\ErrorFix (Rogue.ErrorFix) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> Quarantined and deleted successfully.
HKLM\System\CurrentControlSet\Servises (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler \{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} (Trojan.BHO) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler |{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} (Trojan.BHO) -> Data: STS -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbar...Q&n=2010032019 -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls|wxfw.dll (Adware.Hotbar) -> Data: C:\Program Files\The Weather Channel FW\Framework\wxfw.cpl -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad| SSODL (Trojan.Agent) -> Data: {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 19
C:\Documents and Settings\All Users\Application Data\63926834 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\85622124 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\db (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\dwld (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\report (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\res1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\PersonalSecUninstall (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\A360 (Rogue.A360AntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\PersonalSec (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.

Files Detected: 14
C:\Documents and Settings\Kenneth Strean\Application Data\Microsoft\Internet Explorer\Quick Launch\PersonalSec.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\MSVolume.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\63926834\63926834.bat (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\Config.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\db\Aliases.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\db\Sites.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\dwld\Phishinglist.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\dwld\WhiteList.xip (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\report\aggr_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\report\send_storage.xml (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Elaine Strean\Application Data\Smart-Shopper\cs\res1\WhiteList.dbs (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\PersonalSecUninstall\Uninstall.lnk (Rogue.PersonalSecurity) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

(end)

[rose1954]

I tried to uninstall AVG12, but it said that it is not installed - and uninstallation request ignored

[rose1954]

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/29/2012 at 03:32 PM

Application Version : 5.5.1006

Core Rules Database Version : 8823
Trace Rules Database Version: 6635

Scan type : Quick Scan
Total Scan Time : 00:12:12

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 455
Memory threats detected : 0
Registry items scanned : 28685
Registry threats detected : 52
File items scanned : 10667
File threats detected : 112

PUP.MyWebSearch/FunWebProducts
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\SOFTWARE\FunWebProducts
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version

Trojan.Agent/Gen-FakeAlert
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6551001F-A07B-40B1-8F55-B44BF35A42A6}

Adware.Zugo
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}

Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Rogue.Component/Trace
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Aff
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Lang
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#AdvancedScanType
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Transaction
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#RegEmail
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#FirstRunUrl
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#AfterRegisterUrl
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#LabelUrl
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#TermsUrl
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#HelpURL
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#BillingURL
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#BillingUrlApproved
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#TransactionKey
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#BillingRegURL
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#BillingURL2
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#BillingUrlApproved2
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#LastRun
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#InstallDate
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#pName
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#sc
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#zs
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Aupd
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Gsec
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Spy
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Vir
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Priv
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#tc
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#LastUpdate
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#SecurityVector
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#Scans
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612\Options#LastScan
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\Software\31789003401825761121836100713612

Trojan.Fake-Alert/Trace
HKU\S-1-5-21-1314697744-1693218791-833567686-1007\SOFTWARE\Microsoft\fias4013

Rogue.AntiVirusElite
C:\Program Files\ANTI-VIRUS ELITE\noadware4_112009.na
C:\Program Files\ANTI-VIRUS ELITE

Adware.Tracking Cookie
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@accountonline[1].txt [ /accountonline ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad2.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adfarm1.adition.com [ C:\DOCUMENTS AND SETTINGS\ELAINE STREAN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@adbrite[1].txt [ /adbrite ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@ads.pointroll[2].txt [ /ads.pointroll ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@ads.undertone[2].txt [ /ads.undertone ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@adserver.adtechus[2].txt [ /adserver.adtechus ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@advertising[2].txt [ /advertising ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@adxpose[1].txt [ /adxpose ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@apmebf[1].txt [ /apmebf ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@at.atwola[1].txt [ /at.atwola ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@atdmt[1].txt [ /atdmt ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@avgtechnologies.112.2o7[1].txt [ /avgtechnologies.112.2o7 ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@burstnet[1].txt [ /burstnet ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@casalemedia[2].txt [ /casalemedia ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@collective-media[2].txt [ /collective-media ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@doubleclick[2].txt [ /doubleclick ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@fastclick[2].txt [ /fastclick ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@hospitalityebusiness.112.2o7[1].txt [ /hospitalityebusiness.112.2o7 ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@imrworldwide[2].txt [ /imrworldwide ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@insightexpressai[2].txt [ /insightexpressai ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@interclick[1].txt [ /interclick ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@invitemedia[2].txt [ /invitemedia ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@legolas-media[2].txt [ /legolas-media ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@liveperson[1].txt [ /liveperson ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@liveperson[2].txt [ /liveperson ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@lucidmedia[1].txt [ /lucidmedia ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@media6degrees[1].txt [ /media6degrees ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@mediaplex[1].txt [ /mediaplex ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@pointroll[2].txt [ /pointroll ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@questionmarket[1].txt [ /questionmarket ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@revsci[2].txt [ /revsci ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@server.iad.liveperson[2].txt [ /server.iad.liveperson ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@specificclick[1].txt [ /specificclick ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@statse.webtrendslive[1].txt [ /statse.webtrendslive ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@testdata.coremetrics[1].txt [ /testdata.coremetrics ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@trafficmp[2].txt [ /trafficmp ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@uac.advertising[1].txt [ /uac.advertising ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@www.googleadservices[1].txt [ /www.googleadservices ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@www.googleadservices[2].txt [ /www.googleadservices ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@www.googleadservices[3].txt [ /www.googleadservices ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@www.googleadservices[4].txt [ /www.googleadservices ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@www.googleadservices[5].txt [ /www.googleadservices ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@yieldmanager[1].txt [ /yieldmanager ]
C:\Documents and Settings\Elaine Strean\Cookies\elaine_strean@zedo[2].txt [ /zedo ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@mediaplex[2].txt [ Cookie:kenneth strean@mediaplex.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[9].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1063435225/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@gsicace.112.2o7[1].txt [ Cookie:kenneth strean@gsicace.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@clickbooth[1].txt [ Cookie:kenneth strean@clickbooth.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@avgtechnologies.112.2o7[1].txt [ Cookie:kenneth strean@avgtechnologies.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[4].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1063437205/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@click.mgmresorts[1].txt [ Cookie:kenneth strean@click.mgmresorts.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@dmtracker[1].txt [ Cookie:kenneth strean@dmtracker.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@atdmt[2].txt [ Cookie:kenneth strean@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[3].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1071207814/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@statse.webtrendslive[1].txt [ Cookie:kenneth strean@statse.webtrendslive.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@questionmarket[2].txt [ Cookie:kenneth strean@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@adserver.adtechus[2].txt [ Cookie:kenneth strean@adserver.adtechus.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@specificclick[1].txt [ Cookie:kenneth strean@specificclick.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@kanoodle[1].txt [ Cookie:kenneth strean@kanoodle.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@microsoftinternetexplorer.112.2o7[1].txt [ Cookie:kenneth strean@microsoftinternetexplorer.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@adbrite[2].txt [ Cookie:kenneth strean@adbrite.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@liveperson[1].txt [ Cookie:kenneth strean@liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@zedo[2].txt [ Cookie:kenneth strean@zedo.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@c1.atdmt[1].txt [ Cookie:kenneth strean@c1.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@intelligentbeauty.122.2o7[1].txt [ Cookie:kenneth strean@intelligentbeauty.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@bs.serving-sys[1].txt [ Cookie:kenneth strean@bs.serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@account.live[1].txt [ Cookie:kenneth strean@account.live.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@yieldmanager[1].txt [ Cookie:kenneth strean@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@ad.yieldmanager[2].txt [ Cookie:kenneth strean@ad.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@c.atdmt[2].txt [ Cookie:kenneth strean@c.atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@at.atwola[1].txt [ Cookie:kenneth strean@at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@yahoogroups.112.2o7[1].txt [ Cookie:kenneth strean@yahoogroups.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@apmebf[1].txt [ Cookie:kenneth strean@apmebf.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@fastclick[2].txt [ Cookie:kenneth strean@fastclick.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@realmedia[2].txt [ Cookie:kenneth strean@realmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@collective-media[1].txt [ Cookie:kenneth strean@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[1].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1063573742/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@kontera[1].txt [ Cookie:kenneth strean@kontera.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@sales.liveperson[2].txt [ Cookie:kenneth strean@sales.liveperson.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@doubleclick[1].txt [ Cookie:kenneth strean@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[2].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1037994180/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@media6degrees[1].txt [ Cookie:kenneth strean@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@mediaservices-d.openxenterprise[1].txt [ Cookie:kenneth strean@mediaservices-d.openxenterprise.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.burstnet[1].txt [ Cookie:kenneth strean@www.burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@imrworldwide[2].txt [ Cookie:kenneth strean@imrworldwide.com/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@revsci[2].txt [ Cookie:kenneth strean@revsci.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[8].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/1048921873/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@www.googleadservices[10].txt [ Cookie:kenneth strean@www.googleadservices.com/pagead/conversion/979457944/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@a1.interclick[1].txt [ Cookie:kenneth strean@a1.interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@clickfuse[1].txt [ Cookie:kenneth strean@clickfuse.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@triseptsolutions.122.2o7[1].txt [ Cookie:kenneth strean@triseptsolutions.122.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@burstnet[2].txt [ Cookie:kenneth strean@burstnet.com/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@accounts.youtube[1].txt [ Cookie:kenneth strean@accounts.youtube.com/accounts ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@support.google[8].txt [ Cookie:kenneth strean@support.google.com/accounts/ ]
C:\DOCUMENTS AND SETTINGS\KENNETH STREAN\Cookies\kenneth_strean@interclick[1].txt [ Cookie:kenneth strean@interclick.com/ ]

Adware.CouponBar
C:\WINDOWS\SYSTEM32\CPNPRT2.CID