1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijack This Log

Discussion in 'Virus & Other Malware Removal' started by N47, Nov 5, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    Please Help! Can you tell me if there are any real problems?

    I have Mailwarebytes' Anti-Mailware. Everytime I run it I get these same results.:
    Objects infected 1: Broken,OpenC...HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: The log file says its been quarantined and deleted successfully. I will remove it, restart and it will be right back there on the next full scan: Objects infected 1. Broken, OpenC...

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz, Intel64 Family 6 Model 23 Stepping 10
    Processor Count: 2
    RAM: 4056 Mb
    Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1804 Mb
    Hard Drives: C: Total - 466524 MB, Free - 416898 MB;
    Motherboard: Dell Inc., 0F642T
    Antivirus: avast! Antivirus, Updated and Enabled

    I also keep getting this web page message:

    Internet Explorer has closed this webpage to help protect your computer

    A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.

    What you can do:

    Go to your home page

    Try to return to antivirus.com

    More information



    Hijack this log:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:17:54 PM, on 11/5/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
    C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: GoToAssist - Invalid registry found
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 14504 bytes


    Thanks for any help!

    [​IMG]Internet Explorer has closed this webpage to help protect your computer


    A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.

    What you can do:

    [​IMG]Go to your home page

    [​IMG]Try to return to antivirus.com

    [​IMG]More information



    [​IMG]Internet Explorer has closed this webpage to help protect your computer


    A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.

    What you can do:

    [​IMG]Go to your home page

    [​IMG]Try to return to antivirus.com

    [​IMG]More information


    [​IMG]Internet Explorer has closed this webpage to help protect your computer


    A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.

    What you can do:

    [​IMG]Go to your home page

    [​IMG]Try to return to antivirus.com

    [​IMG]More information


    [​IMG]Internet Explorer has closed this webpage to help protect your computer


    A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.

    What you can do:

    [​IMG]Go to your home page

    [​IMG]Try to return to antivirus.com

    [​IMG]More information
     
  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    Start HiJackThis, but don't run a scan.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    ------------------------------------------------------

    I strongly advise you to stop using RegWork and any other registry cleaner/booster/optimizer/tuneup type utilities before you wind up trashing your computer.

    They do nothing to improve speed or performance, but what they can do is damage Windows and programs.

    The end result is unexpected warning/error messages and problems with Windows and certain programs.

    ------------------------------------------------------
     
  3. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    Thanks! Here is the file:

    Adobe AIR
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Flash Player 11 ActiveX
    Adobe Reader X (10.1.1)
    Advanced Audio FX Engine
    Apple Application Support
    Apple Software Update
    avast! Free Antivirus
    Banctec Service Agreement
    Cloaker Shadow
    Color Correction Wizard 1.1
    ConTEXT v0.98.6
    Dell Webcam Central
    DirectXInstallService
    Easy Click Commissions version 1.0.2
    EMC 10 Content
    eWriter pro
    eWriter pro
    Fast Content Producer
    FileZilla Client 3.3.5.1
    Free Ad Traffic 1.0 1.0.0.0
    FreeMind
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToAssist 8.0.0.514
    HiJackThis
    HP Product Detection
    HP Update
    HPDiagnosticAlert
    Java(TM) 6 Update 22
    Java(TM) 6 Update 29
    Jpeg Enhancer 1.8
    Keyword Tool v2.01
    Light Artist 1.5
    Live! Cam Avatar Creator
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Microsoft UI Engine
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 7.0.1 (x86 en-US)
    MPM
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    OpenOffice.org 3.3
    PDFCreator
    pdfforge Toolbar v4.7
    Picasa 3
    PowerDVD DX
    PrimoPDF -- brought to you by Nitro PDF Software
    QuickTime
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Red Eye Remover 2.0
    Red Eye Remover Pro 1.2
    Roxio Activation Module
    Roxio BackOnTrack
    Roxio Central Audio
    Roxio Central Copy
    Roxio Central Core
    Roxio Central Data
    Roxio Central Tools
    Roxio Easy CD and DVD Burning
    Roxio Easy CD and DVD Burning
    Roxio Express Labeler 3
    Roxio Update Manager
    Search Syndicate version 1.0
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Skype Toolbars
    Skype¬ô 5.3
    Sonic CinePlayer Decoder Pack
    Spybot - Search & Destroy
    SpywareBlaster 4.4
    Traffic Automation
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    VCW VicMan's Photo Editor 8.1
    Web Site Fire
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    Start HiJackThis, then click "Do a system scan only".

    When the scan is finished in about 30 seconds or less, put a checkmark in these log entries:

    R3 - URLSearchHook: (no name) - - (no file)

    R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

    O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

    O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll

    O4 - HKLM\..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe

    O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

    O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


    After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

    Close HiJackThis, then restart the computer.

    ----------------------------------------------------------

    Go to Control Panel - Programs And Features.

    Uninstall the following:

    Java(TM) 6 Update 22

    pdfforge Toolbar 4.7

    Spybot - Search & Destroy


    After you're done, restart the computer.

    ----------------------------------------------------------

    Download and install the free version of:

    SUPERAntiSpyware 5.0.0.1134

    After you're done, restart the computer.

    ----------------------------------------------------------

    Start SUPERAntiSpyware.

    Click "Check for Updates".

    When the definition files have updated, click "Close".

    Select the "Quick Scan" option, then click "Scan your Computer".

    If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

    When the scan is finished and the scan summary window appears, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

    Click "OK - Finish".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "View Scan Logs".

    Highlight the scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    ----------------------------------------------------------
     
  5. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    When I fix checked in the HiJack This.
    I get an error message:
    An unexpected error has occured at procedure:
    modBackup_MakeBackup(sItem=O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class)
    Error#75 - Path/File access error


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    Generated 11/07/2011 at 05:23 PM
    Application Version : 5.0.1134
    Core Rules Database Version : 7909
    Trace Rules Database Version: 5721
    Scan type : Quick Scan
    Total Scan Time : 00:05:30
    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User
    Memory items scanned : 597
    Memory threats detected : 0
    Registry items scanned : 59871
    Registry threats detected : 0
    File items scanned : 13022
    File threats detected : 248
    Adware.Tracking Cookie
    .clickbank.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    wstat.wibiya.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .qksrv.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .qksrv.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.qksrv.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .cj.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /atdmt ]
    .cj.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .qksrv.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][3].txt [ /atdmt ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /doubleclick ]
    .specificclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected]****ersucker[1].txt [ /****ersucker ]
    .specificclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /gimmemyporn ]
    .realmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .specificmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /intersexxx ]
    .columnfivemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .columnfivemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /justlittleteens ]
    .serving-sys.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    segment-pixel.invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    adservr21.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /newbestpornxxx ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /trackeraudio ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /ts.protraffic ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /tsprotraffic ]
    C:\Users\Neils\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /www.pornshare4u ]
    .imrworldwide.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .regwork.122.2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .progrexion.122.2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .hypertracker.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ Cookie:[email protected]/accounts ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ Cookie:[email protected]/accounts/ ]
    .at.atwola.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    statsadv.dadapro.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    statsadv.dadapro.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .giftscom.122.2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected] [ Cookie:[email protected]/adsense/support/as/ ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\J6I6JCFI.txt [ Cookie:[email protected]/site/trackerfaqs ]
    .collective-media.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\GD9LYDUE.txt [ Cookie:[email protected]/ ]
    .utahcountyfamilyphotography.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .utahcountyfamilyphotography.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected] [ Cookie:[email protected]/adsense/ ]
    .easyclickcommissions.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .easyclickcommissions.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .easyclickcommissionsmembers.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\N4OVFC2Z.txt [ Cookie:[email protected]/accounts ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DP24BCXH.txt [ Cookie:[email protected]/ ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected] [ Cookie:[email protected]/ads/affiliatenetwork/ ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected] [ Cookie:[email protected]/adsense/ ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][5].txt [ Cookie:[email protected]/ ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\SL4K05V9.txt [ Cookie:[email protected]/accounts/ ]
    .ru4.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\N26IV0OB.txt [ Cookie:[email protected]/ ]
    affiliatetracking.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .keywordcountry.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .keywordcountry.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt [ Cookie:[email protected]/ ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOD91FNM.txt [ Cookie:[email protected]/ ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediafire.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\Cookies\[email protected][2].txt [ Cookie:[email protected]/accounts ]
    .mediabrandsww.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\NEILS\Cookies\[email protected][2].txt [ Cookie:[email protected]/accounts/ ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    stats.adotube.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .www.burstnet.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .content.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.burstnet.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ads.bridgetrack.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .martiniadnetwork.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .martiniadnetwork.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .martiniadnetwork.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .martiniadnetwork.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .logoworks.112.2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findownersearch.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findownersearch.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findownersearch.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findbrandname.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findbrandname.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .findbrandname.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .web-stat.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .web-stat.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .web-stat.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    mycounter.tinycounter.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    bridge2.admarketplace.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .admarketplace.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    counter.hitslink.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    links.worldbannerexchange.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    links.worldbannerexchange.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    server.iad.liveperson.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .educationsuccess.122.2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .overture.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .yieldmanager.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .overture.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .statcounter.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .clickbank.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    tracking.hostgator.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mm.chitika.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .r1-ads.ace.advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediavideoconverter.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediavideoconverter.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
    .mediavideoconverter.com [ C:\USERS\NEILS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\43JLXVUR.DEFAULT\COOKIES.SQLITE ]
     
  6. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    If the rest of the log entries got fixed and only the O16 entry didn't get fixed, that's fine.

    Did you uninstall the 3 programs that I listed?

    When the SUPERAntiSpyware scan was finished, did you select and remove ALL of the 248 file threats it found?

    --------------------------------------------------------
     
  7. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    Yes, I uninstalled the 3 programs and removed all 248 threats.
     
  8. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    OK, good. (y)

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then submit it here.

    -------------------------------------------------------

    A full/complete scan with MBAM and SAS once a month is sufficient.

    A quick scan once a week is sufficient.

    Make sure to update their definition files before running a scan.

    -------------------------------------------------------
     
  9. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:04:09 AM, on 11/9/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: GoToAssist - Invalid registry found
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 12440 bytes



    Thanks So Much!
     
  10. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    How is the computer running?

    The startup load can use some trimming down, but I'm not really concerned about it affecting speed and performance, considering your computer has an Intel Core 2 Duo P7450 2.13GHz processor and 4 GB of RAM.

    --------------------------------------------------------

    You did uninstall RegWork?

    -------------------------------------------------------
     
  11. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    I doen't know where to find it.I doen't see it in install/uninstall programs. Is there another name for it?
     
  12. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    Start HiJackThis, then click "Do a system scan only".

    The scan is quick and should be done in 30 seconds or less.

    After it's done, put a checkmark in these log entries:

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

    O4 - HKLM\..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab


    After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

    Close HiJackThis.

    --------------------------------------------------------

    Click Start - Run, then type in MSCONFIG and then click OK - "Startup" tab.

    Remove the checkmark in these entries in the "Startup Item" column:

    HPWuSchd2

    AdobeARM

    realsched

    QTTask

    SUPERAntiSpyware

    quickstart


    After you're done, click Apply - OK/Close - Exit Without Restart.

    Click Start - Run, then type in SERVICES.MSC and then click OK.

    Double-click on each of these entries, one at a time, to open their properties window:

    Adobe Acrobat Update Service (AdobeARMservice)

    Google Update Service (gupdate) (gupdate)

    Google Update Service (gupdatem) (gupdatem)

    Google Software Updater (gusvc)

    RoxMediaDB10

    stllssvr


    If "Startup Type" is set on Automatic, change it to Manual, then click Apply - OK.

    After you're done, close the window and then restart the computer.

    -------------------------------------------------------

    Start HiJackThis, then click "Do a system scan and save a log file".

    Save the new log that appears, then submit it here.

    -------------------------------------------------------
     
  13. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    When I fix checked in the HiJack I still get
    an error message:
    An unexpected error has occured at procedure:
    modBackup_MakeBackup(sItem=O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class)
    Error#75 - Path/File access error

    Also my Internet Explorer Browser is freezing up, I had to switch to Firefox.


    When I go in MSCONFIG
    The only program that shows up under the exact title is the Super Anti Spyware.
    These others don't show exactly,


    HPWuSchd2

    AdobeARM

    realsched

    QTTask

    SUPERAntiSpyware

    quickstart


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 1:17:16 PM, on 11/14/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: GoToAssist - Invalid registry found
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12220 bytes
     
  14. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,907
    First Name:
    Frank
    Go back into the "Startup" tab.

    Write down the names in the "Startup Item" column that are checked.

    If the column isn't wide enough to see the entire name of any of them, widen the column.

    Submit those names here in a vertical list.

    Make sure to spell them EXACTLY as you see them there.

    I'll then advise you which ones to uncheck.

    -------------------------------------------------------
     
  15. N47

    N47 Thread Starter

    Joined:
    Oct 31, 2011
    Messages:
    12
    Synaptics Pro
    IDT PC audio
    Intel(R) Com...
    Intel(R) Com...
    Intel(R) Com...
    Java(TM) Pl...
    QuickSet
    Raid Event...
    Skype
    Dell Webcam...
    Cyberlink Po...
    hpwuSchd A...
    avast! Antivi...
    Adobe Read...
    RealPlayer (...
    QuickTime
    OpenOffice...
    Bluetoothe So...
    HP Digital Im...

    My printer won't print documents all of the sudden. Do you think I may have done something to cause this? Thanks so much for your time!
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1025635

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice