Announcement

Announcement Module
Collapse
No announcement yet.

Im Being HIJACKED!!!

Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Im Being HIJACKED!!!

    Logfile of IObit HijackScan v1.0.2.0
    Scan saved at 15:38:43, on 2010-8-14

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\Program Files\mcafee.com\agent\mctskshd.exe
    c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
    C:\Program Files\MonsterCommerce\DataBase\MSSQL$DATAPORT\Binn\sqlservr.exe
    c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\WINDOWS\System32\alg.exe
    C:\UPS\WSTD\UPSNA1Msgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\UPS\WSTD\WSTDMessaging.exe
    C:\Program Files\LIVECHAT\LIVECHAT Operator\LIVECHAT.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\IObit\IObit Security 360\is360.exe
    C:\Program Files\IObit\IObit Security 360\IS360tray.exe
    C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe

    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\SPYBOT~1\SDHelper.dll
    O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
    O3 - Toolbar: PrivacyProtect - {CB7DC2DA-D8C9-4004-8548-1E24AA7D46DE} - C:\Program Files\SFT\GuardedID\GIDTB.dll
    O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe
    O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: Real.com Explorer Bar - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}SdcUser.TgConfCtl.2 - http://ra.intuit.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}Office.awsdc.1 - http://office.microsoft.com/templates/ieawsdc.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/downlo...eckControl.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}YInstHelper.YInstStarter.1 - http://us.dl1.yimg.com/download.yaho...st20040510.cab
    O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7}OneCC.OneCCCtl.1 - https://as00.estara.com/UI/proxyhttp...52171OneCC.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}npdivx.DivXBrowserPlugin.1 - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003}Persits.XUpload.2 - https://2687352132.monstercommercesi...er/XUpload.ocx
    O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\Program Files\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: PrismXL (PrismXL) - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

  • #2
    Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

    1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
    2. The fixes are specific to your problem and should only be used for this issue on this machine.
    3. If you don't know or understand something, please don't hesitate to ask.
    4. Please DO NOT run any other tools or scans while I am helping you.
    5. It is important that you reply to this thread. Do not start a new topic.
    6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
    7. Absence of symptoms does not mean that everything is clear.

    What exactly are the problems you're having with your computer?

    SUPERAntiSpyware

    If you already have SUPERAntiSpyware be sure to check for updates before scanning!

    Download SuperAntispyware Free Edition (SAS)
    * Double-click the icon on your desktop to run the installer.
    * When asked to Update the program definitions, click Yes
    * If you encounter any problems while downloading the updates, manually download and unzip them from here
    * Next click the Preferences button.

    •Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
    * Click the Scanning Control tab.
    * Under Scanner Options make sure only the following are checked:

    •Close browsers before scanning
    •Scan for tracking cookies
    •Terminate memory threats before quarantining
    Please leave the others unchecked

    •Click the Close button to leave the control center screen.

    * On the main screen click Scan your computer
    * On the left check the box for the drive you are scanning.
    * On the right choose Perform Complete Scan
    * Click Next to start the scan. Please be patient while it scans your computer.
    * After the scan is complete a summary box will appear. Click OK
    * Make sure everything in the white box has a check next to it, then click Next
    * It will quarantine what it found and if it asks if you want to reboot, click Yes

    •To retrieve the removal information please do the following:
    •After reboot, double-click the SUPERAntiSpyware icon on your desktop.
    •Click Preferences. Click the Statistics/Logs tab.

    •Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

    •It will open in your default text editor (preferably Notepad).
    •Save the notepad file to your desktop by clicking (in notepad) File > Save As...

    * Save the log somewhere you can easily find it. (normally the desktop)
    * Click close and close again to exit the program.
    *Copy and Paste the log in your post.
    ******************************************

    Please download Malwarebytes Anti-Malware from here.

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the entire report in your next reply.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
    *******************************************

    Please download: HiJackThis to your Desktop.
    • Double Click the HijackThis icon, located on your Desktop.
    • By Default, it will install to: C:\Program Files\Trend Micro\HijackThis
    • Accept the license agreement.
    • Click the Open the Misc Tools section button.
    • Place a checkmark beside Calculate MD5 of files if possible. Then, click Back.
    • Click Do a System Scan and Save a Logfile. Or, if you see a white screen, click Scan.
    • Please post the log in your next reply.

    Comment


    • #3
      Hi americangamingsupply,

      One thread is enough, please do not post multiple threads and posts about the same subject.
      I have deleted your other thread and other post.

      A Malware Fighter will deal with you when he is available.

      Cheers.

      EDIT:
      Sorry Superdave I didn't know that you have posted.
      BTW, have you seen A note for Malware Fighters. thread in Private for Malware Fighters section?
      Last edited by enoskype; Aug. 14th, 2010, 23:29. Reason: EDIT:
      enoskype

      - Beauty lies in the eye of the beholder and belongs to the man who can appreciate it. -

      Comment


      • #4
        One of the problems I am having that when I goto google and I do a search and I click on an add or or a link it takes me to a different destination then the URL

        Comment


        • #5
          Ok. Please run the scans and post the logs.

          Comment


          • #6
            Logfile of IObit HijackScan v1.0.2.0
            Scan saved at 18:46:10, on 2010-8-14

            Running processes:
            C:\WINDOWS\System32\smss.exe
            C:\WINDOWS\system32\csrss.exe
            C:\WINDOWS\system32\winlogon.exe
            C:\WINDOWS\system32\services.exe
            C:\WINDOWS\system32\lsass.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\System32\svchost.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\Explorer.EXE
            C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
            C:\WINDOWS\system32\spoolsv.exe
            C:\Program Files\Google\Update\GoogleUpdate.exe
            C:\Program Files\IObit\IObit Security 360\IS360srv.exe
            C:\Program Files\Java\jre6\bin\jqs.exe
            c:\program files\mcafee.com\agent\mcdetect.exe
            c:\Program Files\mcafee.com\agent\mctskshd.exe
            c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
            C:\Program Files\MonsterCommerce\DataBase\MSSQL$DATAPORT\Binn\sqlservr.exe
            c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
            C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
            c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
            c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
            C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
            C:\WINDOWS\System32\alg.exe
            C:\UPS\WSTD\UPSNA1Msgr.exe
            C:\WINDOWS\system32\ctfmon.exe
            C:\Program Files\Messenger\msmsgs.exe
            C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
            C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
            C:\UPS\WSTD\WSTDMessaging.exe
            C:\Program Files\LIVECHAT\LIVECHAT Operator\LIVECHAT.exe
            C:\WINDOWS\system32\svchost.exe
            C:\Program Files\IObit\IObit Security 360\IS360tray.exe
            C:\Program Files\IObit\IObit Security 360\a_hijackscan.exe
            C:\Program Files\IObit\IObit Security 360\is360.exe
            C:\Program Files\Mozilla Firefox\plugin-container.exe

            O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
            O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
            O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\SPYBOT~1\SDHelper.dll
            O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
            O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
            O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
            O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
            O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
            O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll
            O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
            O3 - Toolbar: PrivacyProtect - {CB7DC2DA-D8C9-4004-8548-1E24AA7D46DE} - C:\Program Files\SFT\GuardedID\GIDTB.dll
            O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
            O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
            O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
            O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
            O4 - HKCU|\Software\Microsoft\Windows\CurrentVersion\Run\: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
            O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
            O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
            O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe
            O4 - HKLM|\Software\Microsoft\Windows\CurrentVersion\Run\: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
            O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
            O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
            O9 - Extra button: Real.com Explorer Bar - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
            O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
            O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}SdcUser.TgConfCtl.2 - http://ra.intuit.com/sdccommon/download/tgctlcm.cab
            O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}Office.awsdc.1 - http://office.microsoft.com/templates/ieawsdc.cab
            O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}LegitCheckControl.LegitCheck.1 - http://download.microsoft.com/downlo...eckControl.cab
            O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}YInstHelper.YInstStarter.1 - http://us.dl1.yimg.com/download.yaho...st20040510.cab
            O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7}OneCC.OneCCCtl.1 - https://as00.estara.com/UI/proxyhttp...52171OneCC.cab
            O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}npdivx.DivXBrowserPlugin.1 - http://download.divx.com/player/DivXBrowserPlugin.cab
            O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
            O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}Java Plug-in 1.6.0_20 - http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
            O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003}Persits.XUpload.2 - https://2687352132.monstercommercesi...er/XUpload.ocx
            O23 - Service: Apple Mobile Device (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
            O23 - Service: Bonjour Service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
            O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
            O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
            O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
            O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
            O23 - Service: iPod Service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
            O23 - Service: IS360service (IS360service) - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
            O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
            O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
            O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
            O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\Program Files\mcafee.com\agent\mctskshd.exe
            O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program Files\McAfee.com\Agent\mcupdmgr.exe
            O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
            O23 - Service: PrismXL (PrismXL) - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
            O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
            O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

            Comment


            • #7
              That's not the HJT that I want. Please follow the link I gave you and download that one.

              Comment


              • #8
                Logfile of Trend Micro HijackThis v2.0.2
                Scan saved at 11:14:43 AM, on 8/16/2010
                Platform: Windows XP SP3 (WinNT 5.01.2600)
                MSIE: Internet Explorer v8.00 (8.00.6001.18702)
                Boot mode: Normal

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\csrss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\Explorer.EXE
                C:\WINDOWS\system32\ZoneLabs\vsmon.exe
                C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
                C:\WINDOWS\system32\spoolsv.exe
                C:\Program Files\IObit\IObit Security 360\IS360srv.exe
                C:\Program Files\Java\jre6\bin\jqs.exe
                c:\program files\mcafee.com\agent\mcdetect.exe
                c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
                c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
                C:\Program Files\MonsterCommerce\DataBase\MSSQL$DATAPORT\Binn\sqlservr.exe
                c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
                c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
                c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
                C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
                C:\WINDOWS\System32\alg.exe
                C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
                C:\UPS\WSTD\UPSNA1Msgr.exe
                C:\Program Files\IObit\IObit Security 360\IS360tray.exe
                C:\WINDOWS\system32\ctfmon.exe
                C:\Program Files\Messenger\msmsgs.exe
                C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                C:\UPS\WSTD\WSTDMessaging.exe
                C:\Program Files\LIVECHAT\LIVECHAT Operator\LIVECHAT.exe
                C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
                C:\WINDOWS\system32\svchost.exe
                C:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe
                C:\Program Files\IObit\IObit Security 360\is360.exe
                C:\Program Files\Mozilla Firefox\firefox.exe
                C:\Program Files\Mozilla Firefox\plugin-container.exe
                C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
                R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
                R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll
                O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (filesize 1172280 bytes, MD5 9EF3596AC4C98552C07A61D1BC3709B7)
                O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (filesize 75200 bytes, MD5 6D9042F1443A601DA8DC24D991EDDD0A)
                O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (filesize 1879896 bytes, MD5 022C2F6DCCDFA0AD73024D254E62AFAC)
                O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (filesize 591216 bytes, MD5 273FFDC2F4D5AB2504DDADDD8DC946A7)
                O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (filesize 278192 bytes, MD5 389947CAD1A9C504DF6285AA1E7BE6F1)
                O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (filesize 814648 bytes, MD5 42CB4EE0B0FC259C8AD20B460FA7D72A)
                O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (filesize 41760 bytes, MD5 385BD69743EA92E76CDF07B3345A25D5)
                O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (filesize 79648 bytes, MD5 4E2BB6D2677B42AD04BE18A6E9817B68)
                O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (filesize 158008 bytes, MD5 0F97F69D3CABBFFCFBAB193D77F62150)
                O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (filesize 1172280 bytes, MD5 9EF3596AC4C98552C07A61D1BC3709B7)
                O3 - Toolbar: PrivacyProtect - {CB7DC2DA-D8C9-4004-8548-1E24AA7D46DE} - C:\Program Files\SFT\GuardedID\GIDTB.dll (filesize 524288 bytes, MD5 D1C6771E87BD1F840C7F4CEC7BE0C3C8)
                O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (filesize 591216 bytes, MD5 273FFDC2F4D5AB2504DDADDD8DC946A7)
                O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (filesize 278192 bytes, MD5 389947CAD1A9C504DF6285AA1E7BE6F1)
                O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" (filesize 1038728 bytes, MD5 B157A1FA39F98B997E5D030E74F6499B)
                O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exeC:\PROGRA~1\mcafee.com\agent\mcupdate.exe
                O4 - HKLM\..\Run: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exeC:\UPS\WSTD\UPSNA1Msgr.exe
                O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart (filesize 1280344 bytes, MD5 4126904E21735EF4C7FFFE01ED795872)
                O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\ctfmon.exe
                O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
                O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (filesize 68856 bytes, MD5 E616A6A6E91B0A86F2F6217CDE835FFE)
                O4 - Startup: LIVECHAT Operator.lnk = C:\Program Files\LIVECHAT\LIVECHAT Operator\LIVECHAT.exe (filesize 13628752 bytes, MD5 3561367B66DC920A4FC22151FA00AFA3)
                O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (filesize 83360 bytes, MD5 5BC65464354A9FD3BEAA28E18839734A)
                O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (filesize 81920 bytes, MD5 F45BFC03A06C9DCFA6731E551029B474)
                O4 - Global Startup: UPS WorldShip Messaging Utility.lnk = C:\UPS\WSTD\WSTDMessaging.exe (filesize 61440 bytes, MD5 C9D20BED48F5209CFC83B98B87F658E1)
                O4 - Global Startup: UPS WorldShip PLD Reminder Utility.lnk = C:\UPS\WSTD\wstdPldReminder.exe (filesize 40960 bytes, MD5 7903087FEF4AD51C2AB27E5A137E9122)
                O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
                O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
                O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll (filesize 1499136 bytes, MD5 26CB10FA893F940AB09713FF46DCDADE)
                O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
                O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (filesize 558080 bytes, MD5 AAC1D4EE39DF138C5D30AC5883E3B59F)
                O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
                O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
                O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://ra.intuit.com/sdccommon/download/tgctlcm.cab
                O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
                O16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - https://as00.estara.com/UI/proxyhttp...52171OneCC.cab
                O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - https://2687352132.monstercommercesi...er/XUpload.ocx
                O16 - DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} - http://www.networksolutionsemailpopw...ueSwitchEC.exe
                O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (filesize 2135336 bytes, MD5 028FF74DAFDC7BB45C956A5EC8926CEE)
                O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exeC:\Program Files\IObit\IObit Security 360\IS360srv.exe
                O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
                O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Java\jre6\bin\jqs.exe
                O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exec:\program files\mcafee.com\agent\mcdetect.exe
                O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exe
                O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exeC:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
                O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exeC:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
                O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exe
                O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exeC:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

                --
                End of file - 11394 bytes

                Comment


                • #9
                  Anything else you can do to make my computer faster..I would appreciate that.

                  Comment


                  • #10
                    Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

                    Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

                    Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

                    Exit out of MessengerDisable then delete the two files that were put on the desktop.

                    ***************************************

                    Open HijackThis and select Do a system scan only

                    Place a check mark next to the following entries: (if there)

                    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
                    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:5555
                    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
                    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)
                    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1695232 bytes, MD5 3E930C641079443D4DE036167A69CAA2)

                    Important: Close all open windows except for HijackThis and then click Fix checked.

                    Once completed, exit HijackThis.

                    *******************************************

                    SUPERAntiSpyware

                    If you already have SUPERAntiSpyware be sure to check for updates before scanning!

                    Download SuperAntispyware Free Edition (SAS)
                    * Double-click the icon on your desktop to run the installer.
                    * When asked to Update the program definitions, click Yes
                    * If you encounter any problems while downloading the updates, manually download and unzip them from here
                    * Next click the Preferences button.

                    •Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
                    * Click the Scanning Control tab.
                    * Under Scanner Options make sure only the following are checked:

                    •Close browsers before scanning
                    •Scan for tracking cookies
                    •Terminate memory threats before quarantining
                    Please leave the others unchecked

                    •Click the Close button to leave the control center screen.

                    * On the main screen click Scan your computer
                    * On the left check the box for the drive you are scanning.
                    * On the right choose Perform Complete Scan
                    * Click Next to start the scan. Please be patient while it scans your computer.
                    * After the scan is complete a summary box will appear. Click OK
                    * Make sure everything in the white box has a check next to it, then click Next
                    * It will quarantine what it found and if it asks if you want to reboot, click Yes

                    •To retrieve the removal information please do the following:
                    •After reboot, double-click the SUPERAntiSpyware icon on your desktop.
                    •Click Preferences. Click the Statistics/Logs tab.

                    •Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

                    •It will open in your default text editor (preferably Notepad).
                    •Save the notepad file to your desktop by clicking (in notepad) File > Save As...

                    * Save the log somewhere you can easily find it. (normally the desktop)
                    * Click close and close again to exit the program.
                    *Copy and Paste the log in your post.
                    *****************************************
                    Please download Malwarebytes Anti-Malware from here.

                    Double Click mbam-setup.exe to install the application.
                    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
                    • If an update is found, it will download and install the latest version.
                    • Once the program has loaded, select "Perform Full Scan", then click Scan.
                    • The scan may take some time to finish,so please be patient.
                    • When the scan is complete, click OK, then Show Results to view the results.
                    • Make sure that everything is checked, and click Remove Selected.
                    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
                    • Please save the log to a location you will remember.
                    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
                    • Copy and paste the entire report in your next reply.
                    Extra Note:

                    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
                    ******************************************

                    Download Security Check by screen317 from one of the following links and save it to your desktop.

                    Link 1
                    Link 2

                    * Unzip SecurityCheck.zip and a folder named Security Check should appear.
                    * Open the Security Check folder and double-click Security Check.bat
                    * Follow the on-screen instructions inside of the black box.
                    * A Notepad document should open automatically called checkup.txt
                    * Post the contents of that document in your next reply.

                    Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

                    Comment


                    • #11
                      SUPERAntiSpyware Scan Log
                      http://www.superantispyware.com

                      Generated 08/16/2010 at 06:35 PM

                      Application Version : 4.41.1000

                      Core Rules Database Version : 5364
                      Trace Rules Database Version: 3176

                      Scan type : Complete Scan
                      Total Scan Time : 03:49:03

                      Memory items scanned : 507
                      Memory threats detected : 0
                      Registry items scanned : 8192
                      Registry threats detected : 1
                      File items scanned : 85887
                      File threats detected : 344

                      System.BrokenFileAssociation
                      HKCR\.exe

                      Adware.Tracking Cookie
                      C:\Documents and Settings\Owner\Cookies\owner@discountcasinogear[2].txt
                      C:\Documents and Settings\LocalService\Cookies\system@findwhat[2].txt
                      2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      adknowledge.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      ads1.msn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      alotporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      bannerfarm.ace.advertising.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      bc.youporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      cdn4.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      core.insightexpressai.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      ds.serving-sys.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      ec.atdmt.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      files.streamsex.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      files.youporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      googleads.g.doubleclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      hs.interpolls.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      interclick.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      keywordelite.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      m1.2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.cnbc.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.domainpromocodes.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.entertonement.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.nbclosangeles.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.scanscout.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.sparkart.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media.tattomedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media1.break.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      media10.washingtonpost.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      msnbcmedia.msn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      objects.tremormedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      oddcast.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      porn.gonzo-movies.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      pornotube.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      s0.2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      sas-origin.onstreammedia.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      secure-us.imrworldwide.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      service.twistage.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      static.2mdn.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      static.sexsearch.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      static.youporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      track.cirtex.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      udn.specificclick.net [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      web.adknowledge.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.crackle.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.freshteen.biz [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.naiadsystems.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.pornhub.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.pornotube.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      www.pornrabbit.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      wwwstatic.megaporn.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      zedo.com [ C:\Documents and Settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\WT8GR7XA ]
                      C:\Documents and Settings\Owner\Cookies\owner@247realmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@4.adbrite[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@a1.interclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@accountonline[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.m5prod[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.wsod[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.wsod[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[10].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[11].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[6].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[7].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[8].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[9].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ad2.doublepimp[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adbrite[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adbrite[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adcentriconline[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adinterax[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adlegend[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@admarketplace[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adopt.euroclick[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adopt.specificclick[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adrevolver[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads-dev.youporn[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.addynamix[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.associatedcontent[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.audxch[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.bluelithium[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.bridgetrack[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.contactmusic[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.financialcontent[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.foodbuzz[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.itoot[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.kinetiq[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.lasvegas[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.lucidmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.namx[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.nba[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.panamainfo[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.pokeracademy.co[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.r0.d2roi[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.shutterfly[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ads.whaleads[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adserver.adreactor[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adserver.adtechus[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adtech[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@adultfriendfinder[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@advertising[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@advertising[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@advertising[5].txt
                      C:\Documents and Settings\Owner\Cookies\owner@affiliateelite[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@amazonmerchants.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@apmebf[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@at.atwola[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@atdmt[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@azjmp[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@b5media[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@banner.playunited[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bannerads.zwire[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bannerads.zwire[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bannerbrause.photocase[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bizrate.co[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bizrate[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bluestreak[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bravenet[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bridge2.admarketplace[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@burstbeacon[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@burstnet[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@c1.istats[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@c5.zedo[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@casalemedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@casinodiscountsupplies[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@cdn4.specificclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@chitika[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@click.optimaltrade3m[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@clickaider[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@clickbank[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@clickbank[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@clicktorrent[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@cms.trafficmp[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@collective-media[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@commission-junction[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.clickbank[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[5].txt
                      C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[7].txt
                      C:\Documents and Settings\Owner\Cookies\owner@count.winner24[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@counter.hitslink[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@criticalmass.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@data.coremetrics[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@dc.tremormedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@dealtime[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@discountpokershop[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@dmtracker[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@dynamic.media.adrevolver[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wdkoolcjwlp.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfkyahazgdp.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wfliojdjaap.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wgkocod5ico.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjkycmczsdo.stats.esomniture[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjl4wid5skp.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjlycjc5kkq.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjlycmdzsgq.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjlyeod5kap.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@e-2dj6wjnygjdjkep.stats.esomniture[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@eb.adbureau[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ecnext.advertserve[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@edge.ru4[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-codecomputerlove.hitbox[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-dearborn.hitbox[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-deerbornakaplan.hitbox[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-mgmmirageoperations.hitbox[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-stationcasinos.hitbox[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-venetian.hitbox[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ehg-zoom.hitbox[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@electronicarts.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@etrade.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@eyewonder[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@eyewonder[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@farecastcom.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@fastblogfinder[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@findstuff[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@findw[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@foxinteractivemedia.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ge.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@hitbox[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@homestore.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@hotels.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@iacas.adbureau[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@imrworldwide[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@insightexpressai[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@interclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@intermundomedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@invitemedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@invitemedia[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@keywordelite[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@kontera[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@lfstmedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@lucidmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@media.expedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@media6degrees[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@mediaplex[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@meetupcom.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@merchntaccount[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@microsoftoffice.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@microsoftwindows.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@msnbc.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@naiadsystems[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@naiadsystems[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@network.realmedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@networksolutions.112.2o7[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@newamericamedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@newmedia.tiscali[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@news.newamericamedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@nextag[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@nextag[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@nike.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@oasn04.247realmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@openxxx.viragemedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@overture[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@partypoker[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@paypal.112.2o7[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@perf.overture[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@phg.hitbox[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@pitacount[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@pokertablesexpress[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@pokertablesexpress[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@pornhub[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@pro-market[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@qksrv[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@questionmarket[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@realmedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@realmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@rediffcom.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@revenue[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@reviewporn[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@revsci[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@richmedia.yahoo[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@richmedia.yahoo[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@roiservice[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sales.liveperson[5].txt
                      C:\Documents and Settings\Owner\Cookies\owner@seoelite[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[10].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[11].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[5].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[7].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[8].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[9].txt
                      C:\Documents and Settings\Owner\Cookies\owner@server1.discountclick[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@serving-sys[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@serving-sys[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@serving-sys[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sexuality.about[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@shopping.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@sitesupertracker.videobloggingtips[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@socialmedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@specificclick[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@specificclick[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@specificmedia[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@specificmedia[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stat.dealtime[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@statcounter[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats.adbrite[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats.paypal[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats.paypal[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats.paypal[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats2.clicktracks[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@stats4.clicktracks[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@statse.webtrendslive[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@superstats[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@surveymonkey.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@t.lynxtrack[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tacoda[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tacoda[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ticketnetwork.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ticketsnow.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@ticketsnow[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@toplist[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@track.ireel[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tracker.freerun[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tracking.keywordmax[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tracking.realtor[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tradedoubler[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@trafficmp[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@traveladvertising[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@traveldealsdiscounts[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@triangledirectmedia[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@trvlnet.adbureau[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@viacomedycentralrl.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@videoegg.adbureau[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@vitacost.122.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@warnerbros.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@web4.realtracker[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@wotifcom.112.2o7[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.3dstats[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.accountonline[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.adultadvertising[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.burstbeacon[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.burstnet[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.discountpokershop[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.fastblogfinder[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[3].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[4].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[5].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.googleadservices[6].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.pokertablesexpress[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.pokertablesexpress[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.pornhub[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.quickhitcounters[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.ticketsnow[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.traveldealsdiscounts[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.w3counter[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www.winecountry[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@www5.addfreestats[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@xxxstash[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@yieldmanager[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@youporn[2].txt
                      C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt
                      C:\Documents and Settings\Owner\Cookies\owner@zedo[2].txt

                      Adware.k8l
                      C:\PROGRAM FILES\COMMON FILES\VIKOK.HTML

                      Comment


                      • #12
                        Where are the MBAM and Security Check logs?

                        Comment


                        • #13
                          Malwarebytes' Anti-Malware 1.46
                          www.malwarebytes.org

                          Database version: 4438

                          Windows 5.1.2600 Service Pack 3
                          Internet Explorer 8.0.6001.18702

                          8/16/2010 9:31:30 PM
                          mbam-log-2010-08-16 (21-31-30).txt

                          Scan type: Full scan (C:\|D:\|)
                          Objects scanned: 240189
                          Time elapsed: 2 hour(s), 22 minute(s), 39 second(s)

                          Memory Processes Infected: 0
                          Memory Modules Infected: 0
                          Registry Keys Infected: 0
                          Registry Values Infected: 0
                          Registry Data Items Infected: 0
                          Folders Infected: 0
                          Files Infected: 0

                          Memory Processes Infected:
                          (No malicious items detected)

                          Memory Modules Infected:
                          (No malicious items detected)

                          Registry Keys Infected:
                          (No malicious items detected)

                          Registry Values Infected:
                          (No malicious items detected)

                          Registry Data Items Infected:
                          (No malicious items detected)

                          Folders Infected:
                          (No malicious items detected)

                          Files Infected:
                          (No malicious items detected)

                          Comment


                          • #14
                            Please provide me with the Security Check log as well as this one.

                            Download ComboFix by sUBs from one of the below links.

                            Important! You MUST save ComboFix to your desktop

                            link # 1
                            Link # 2

                            Temporarily disable your Anti-virus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

                            Double click on ComboFix.exe & follow the prompts.

                            Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)

                            Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

                            When the scan completes it will open a text window.

                            Post the contents of that log in your next reply.

                            Remember to re-enable your Anti-virus and Antispyware protection when ComboFix is complete.

                            Comment


                            • #15
                              Results of screen317's Security Check version 0.99.5
                              Windows XP Service Pack 3
                              Internet Explorer 8
                              ``````````````````````````````
                              Antivirus/Firewall Check:

                              Windows Firewall Enabled!
                              McAfee SecurityCenter
                              ZoneAlarm Security Suite
                              ZoneAlarm Toolbar
                              ```````````````````````````````
                              Anti-malware/Other Utilities Check:

                              Malwarebytes' Anti-Malware
                              HijackThis 2.0.2
                              Java(TM) 6 Update 20
                              Java(TM) 6 Update 2
                              Java(TM) 6 Update 3
                              Java(TM) 6 Update 5
                              Java(TM) 6 Update 7
                              Java 2 Runtime Environment, SE v1.4.2
                              Out of date Java installed!
                              Adobe Flash Player 10.0.45.2
                              Adobe Reader 9.3.4
                              Adobe Reader Chinese Traditional Fonts
                              Mozilla Firefox (3.6.6) Firefox Out of Date!
                              ````````````````````````````````
                              Process Check:
                              objlist.exe by Laurent

                              ````````````````````````````````
                              DNS Vulnerability Check:

                              GREAT! (Not vulnerable to DNS cache poisoning)

                              ``````````End of Log````````````

                              Comment

                              Working...
                              X