1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MyStart Malware >:(

Discussion in 'Windows Vista' started by IncredibarAbused, Jul 14, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    I've seen a few others with this problem and you seemed to have helped. I've already tried removing it through the add/remove program thing and scoured the drive for anything that looks like it, but I couldn't. It's the MyStart thing, and I'm not so sure how it happened, but it needs to get gone. Your help would be greatly appreciated. If I don't respond after you, send me an email. It'll send a notification to my phone
    Thanks
     
  2. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    MyStart Toolbar got installed in your computer because you allowed it to get installed during the install/update process of some program.

    If you take the time to read each window carefully that appears during an install/update process, there will almost always be the option to uncheck and decline to install extras, such as toolbars and homepages and search pages and scanners.

    If you blindly accept the install/update options, all this stuff will accumulate in your computer over time.

    ---------------------------------------------------------

    Go here and click the green "Download latest version" link to download and save HiJackThis 2.0.4

    After it's been downloaded and saved, close all open windows first, then double-click the saved file to install it.

    Allow it to install in its default location - C:\Program Files.

    After it's been installed, start it and allow its main window to load.

    Uncheck "Do not show this window when I start HiJackThis".

    Click "Do a system scan and save a log file".

    When the scan is finished in 30 - 60 seconds, a log file will appear.

    Save that log file.

    Return here to your thread, then copy-and-paste the entire log file here.

    ---------------------------------------------------------
     
  3. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    Every time I do a scan and save log file, an error pops up saying For some reason your system denied write access to Hosts file. Then it tells me to exit out if on vista, right click and choose Run as administrator, but there is no option for that. It will scan and everything, but it just won't save the log file. And the list is too long for a simple screenshot.
     
  4. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Go to Control Panel - User Accounts.

    Turn off or disable the User Account Control(UAC) feature, then apply the change.

    Restart the computer.

    HiJackThis should work okay now without displaying that warning message.

    ---------------------------------------------------------
     
  5. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:13:29 PM, on 7/14/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files\Steam\Steam.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb165?a=6PQCO5wljZ&i=26
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files\I Want This\I Want This.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
    O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

    --
    End of file - 9517 bytes
     
  6. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Do the following in the order that they're listed.

    DON'T use the computer while each scan is in progress.

    ----------------------------------------------------------

    Download and save and then install the free version of

    Malwarebytes Anti-Malware 1.62.0.1300

    SUPERAntiSpyware 5.5.0.1012

    Make sure to update their definition files during the install process.

    Make sure to uncheck and decline to install any extras, such as toolbars and homepages, they may offer.

    After they're installed and updated, restart the computer.

    ---------------------------------------------------------

    Start Malwarebytes Anti-Malware.

    Click "Scanner(tab) - Perform quick scan - Scan".

    If infections or problems are found during the scan, the number of them will be highlighted in red.

    When the scan is finished, click "Show Results".

    Make sure that EVERYTHING is selected, then click "Remove Selected".

    If you're prompted to restart to finish the removal process, click "Yes".

    Start Malwarebytes Anti-Malware again.

    Click "Logs"(tab).

    Highlight the scan log entry, then click "Open".

    When the scan log appears in Notepad, copy-and-paste it here.

    ----------------------------------------------------------

    Start SUPERAntiSpyware.

    Select the "Quick Scan" option, then click "Scan your Computer".

    If infections or problems are found during the scan, a list will appear and the number of them will be highlighted in red.

    When the scan is finished and the scan summary window appears, click "Continue".

    Make sure that EVERYTHING in the list is selected, then click "Remove Threats".

    Click "OK - Finish".

    If you're prompted to restart to finish the removal process, do so.

    Start SUPERAntiSpyware again.

    Click "View Scan Logs".

    Highlight the scan log entry, then click "View Selected Log".

    When the scan log appears in Notepad, copy-and-paste it here.

    ----------------------------------------------------------

    Start HiJackThis, then click "Do a system scan only".

    Save the new log that appears, then copy-and-paste it here.

    ----------------------------------------------------------
     
  7. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    Malwarebytes Anti-Malware (Trial) 1.62.0.1300
    www.malwarebytes.org

    Database version: v2012.07.15.09

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Lori :: LORI-PC [administrator]

    Protection: Enabled

    7/15/2012 2:02:06 PM
    mbam-log-2012-07-15 (14-02-06).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 195615
    Time elapsed: 6 minute(s), 4 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 33
    HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
    HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 5
    C:\Program Files\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\AppData\Local\I Want This (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Quarantined and deleted successfully.

    Files Detected: 10
    C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Users\Lori\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> Quarantined and deleted successfully.

    (end)
     
  8. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/15/2012 at 03:01 PM

    Application Version : 5.5.1012

    Core Rules Database Version : 8902
    Trace Rules Database Version: 6714

    Scan type : Quick Scan
    Total Scan Time : 00:06:43

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC Off - Administrator

    Memory items scanned : 680
    Memory threats detected : 0
    Registry items scanned : 27130
    Registry threats detected : 0
    File items scanned : 7726
    File threats detected : 357

    Adware.Tracking Cookie
    C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\6N1X900C.txt [ /imrworldwide.com ]
    C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\5UVQOMYC.txt [ /doubleclick.net ]
    C:\Users\Lori\AppData\Roaming\Microsoft\Windows\Cookies\NBI8EQIE.txt [ /revsci.net ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\2B23HPH4.txt [ Cookie:[email protected]/adServe/banners ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\L9DO1Q2O.txt [ Cookie:[email protected]/adServe ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@pointroll[3].txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\SAPL7XLW.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@questionmarket[2].txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\12A7GHCR.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\N3I2SF0T.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\lori@liveperson[3].txt [ Cookie:[email protected]/hc/37457093 ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\LRT7U7KO.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JMEVF13.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZB7AUA5.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\Cookies\2B23HPH4.txt [ Cookie:[email protected]/adServe/banners ]
    C:\USERS\LORI\Cookies\5UVQOMYC.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\Cookies\NBI8EQIE.txt [ Cookie:[email protected]/ ]
    C:\USERS\LORI\Cookies\L9DO1Q2O.txt [ Cookie:[email protected]/adServe ]
    .bravenet.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .microsoftsto.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .leeenterprises.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .charter.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .marketlive.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .timeinc.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .chicagosuntimes.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .msnbc.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .cbs.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .msnportal.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .scrippsfoodnet.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .steveco.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .dmtracker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    magnet.traffic.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    www5.addfreestats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .bluffcountryartistsgallery.org [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .bluffcountryartistsgallery.org [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .trackalyzer.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .wpni.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .rtst.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    wstat.wibiya.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .ehg.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .ehg-verizon.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .ehg-verizon.hitbox.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .jibjab.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    counters.gigya.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .s.clickability.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .paypal.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .cbsdigitalmedia.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .click-trker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .click-trker.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    click.eyk.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .a.websponsors.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .avgtechnologies.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    fymc.directtrack.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .directtrack.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .c.gigcount.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    dc.tremormedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .linksynergy.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .ewscripps.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .microsoftinternetexplorer.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    link.mercent.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .amazonwebstore.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .amazonmerchants.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .solvemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .solvemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    a.visualrevenue.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    dyn.adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .dyn.adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .adknowledge.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.familybuilder.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .interchangecorporation.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .readersdigest.122.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    insight.torbit.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .microsoftwlcashback.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .sixapart.112.2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .s.clickability.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .statcounter.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    tags.toolbarsmedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    stats.townnews.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .counter.inkfrog.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QY7ZDZQI.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lfstmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lfstmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .static.getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revenue.wi.gov [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .avgtechnologies.112.2o7.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.7.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.0.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.6.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.8.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.4.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.3.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.2.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.1.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.5.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdn.9.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.petsex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .sexad.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    gallys.hornybirds.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .geobanner.sexfinder.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ads.crakmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .h.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    click2trax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lucidmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.freewebs.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.freewebs.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adserver.adtechus.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .steelhousemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cdmedia.rotator.hadj7.adjuggler.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .interclick.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adinterax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickbooth.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adxpose.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .questionmarket.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .t.pointroll.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adinterax.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    mediaservices-d.openxenterprise.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .fastclick.net [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lucidmedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad2.adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adfarm1.adition.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .c.atdmt.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .zedo.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\LORI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
     
  9. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:11:32 PM, on 7/15/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16447)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb165?a=6PQCO5wljZ&i=26
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
    O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
    O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

    --
    End of file - 10497 bytes
     
  10. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    My eye caught a few sketchy things in there. Not my computer, by the way. Sort of a community laptop... yeah, that's it.
     
  11. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Considering the massive number of issues that the Malwarebytes Anti-Malware and SUPERAntiSpyware scans found, I strongly advise that they be put to use at least once a week.

    Make sure to update their definition files BEFORE running a quick scan, and make sure to select and remove EVERYTHING they find.

    -------------------------------------------------------------------

    That bloated startup needs to be trimmed down, but that can wait for now.

    I'll get back to you as soon as I review the most current HiJackThis scan log.

    -------------------------------------------------------------------
     
  12. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Start HiJackThis, then click "Do a system scan only".

    When the scan is finished in about 30 - 60 seconds, put a checkmark in these log entries:

    R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

    O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll

    O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\6.0\youtubedownloaderToolbarIE.dll


    After you confirm that you selected the correct log entries, click "Fix Checked - Yes".

    Close HiJackThis.

    ------------------------------------------------------------------

    Click Start - Run, then type in

    %temp% (% is on the number 5 key)

    and then click OK.

    Click Start - Run, then type in

    c:\windows\temp

    and then click OK.

    Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

    If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

    If a massive number of files are being deleted, the computer may appear to "hang". Be patient and wait for the deletion process to finish.

    After it's done, restart the computer.

    --------------------------------------------------------------------
     
  13. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    there is no Run command, but a start search bar at the bottom. I can get into the temp folder, but it has more than 2 folders and plenty of open files. If I type in %temp%, 2 folders come up, one as Temp, other as temp. Should I handle those two as you suggested?
     
  14. flavallee

    flavallee Frank Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    63,686
    Right-click the Start button, then click Properties.

    You can then customize the start menu to add the "Run" command to it.

    These are the temp folders that you want to delete the contents of:

    C:\Windows\Temp

    C:\Users\(Username)\AppData\Local\Temp


    -------------------------------------------------------------------

    Start HiJackThis.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    --------------------------------------------------------------------
     
  15. IncredibarAbused

    IncredibarAbused Thread Starter

    Joined:
    Jul 14, 2012
    Messages:
    9
    Adobe AIR
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.3)
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG 2012
    AVG 2012
    AVG 2012
    Bonjour
    butterflygardens_3138431 Screen Saver
    Canon Easy-PhotoPrint EX
    Canon Easy-WebPrint EX
    Canon MP Navigator EX 4.0
    Canon MP280 series MP Drivers
    Canon MP280 series User Registration
    Canon My Printer
    Canon Solution Menu EX
    CCleaner
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    coralreef_3133975 Screen Saver
    Dell Resource CD
    Dell Wireless WLAN Card Utility
    Furcadia
    GIMP 2.6.11
    Google Chrome
    Google Earth
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Integrated Webcam Driver (1.02.01.0320)
    Intel(R) Graphics Media Accelerator Driver
    iTunes
    Java(TM) 6 Update 32
    Malwarebytes Anti-Malware version 1.62.0.1300
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft .NET Framework 4 Extended
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft XNA Framework Redistributable 4.0
    MotoHelper 2.0.51 Driver 5.1.0
    MotoHelper MergeModules
    Motorola Mobile Drivers Installation 5.1.0
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    QuickTime
    Realtek USB 2.0 Card Reader
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Steam
    SUPERAntiSpyware
    Terraria
    tropicallights_3115925 Screen Saver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    WinRAR 4.01 (32-bit)
    YouTube Downloader Toolbar v6.0
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1061029