TechSpot

No icons on desktop and PC acting weird

By Lore
Jan 25, 2011
  1. This is the first time I have a problem with win7.\
    Here is the log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:33:57 PM, on 25-Jan-11
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16700)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
    C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE
    C:\Users\Mario\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Trend Micro\HiJackThis\Crusty.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [CNAP2 Launcher] C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: xxop81 - xxop81.dll (file missing)
    O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

    --
    End of file - 7148 bytes
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll be glad to help with the malware after I get more information.

    We don't 'screen' for malware with HijackThis though so please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

    Please describe what PC acting weird means in addition to missing icons.

    Please disable or uninstall uTorrent while I'm helping you. File sharing is one of the greatest sources of malware and I don't want it running while I'm trying to clean the system.
     
  3. Lore

    Lore TS Rookie Topic Starter

    Weird: closes an application at random, bleu screen (once), system slows down from time to time.

    Logs:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5610

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    26-Jan-11 6:01:49 PM
    mbam-log-2011-01-26 (18-01-49).txt

    Scan type: Quick scan
    Objects scanned: 137618
    Time elapsed: 4 minute(s), 16 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxop81 (Trojan.Goldun) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\Mario\downloads\smileycentralpfsetup2.3.76.6.znman000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.






    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-26 18:38:26
    Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK3252GSX rev.LV011C
    Running: gmer.exe; Driver: C:\Users\Mario\AppData\Local\Temp\ugldypod.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0x987D1780]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0x987D1830]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0x987D18D0]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0x987D1970]

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C7F599 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CA3F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!RtlSidHashLookup + 4E8 82CAB9F8 4 Bytes [80, 17, 7D, 98] {ADC BYTE [EDI], 0x7d; CWDE }
    .text ntkrnlpa.exe!RtlSidHashLookup + 7B8 82CABCC8 8 Bytes [30, 18, 7D, 98, D0, 18, 7D, ...] {XOR [EAX], BL; JGE 0xffffffffffffff9c; RCR BYTE [EAX], 0x1; JGE 0xffffffffffffffa0}
    .text ntkrnlpa.exe!RtlSidHashLookup + 82C 82CABD3C 4 Bytes [70, 19, 7D, 98] {JO 0x1b; JGE 0xffffffffffffff9c}
    .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9163B000, 0x2D5378, 0xE8000020]

    ---- User code sections - GMER 1.0.15 ----

    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtCreateFile + 6 770E4A36 4 Bytes [28, 00, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtCreateFile + B 770E4A3B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtMapViewOfSection + 6 770E5096 1 Byte [28]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtMapViewOfSection + 6 770E5096 4 Bytes [28, 03, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtMapViewOfSection + B 770E509B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenFile + 6 770E5146 4 Bytes [68, 00, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenFile + B 770E514B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenProcess + 6 770E51F6 4 Bytes [A8, 01, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenProcess + B 770E51FB 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenProcessToken + B 770E520B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenProcessTokenEx + 6 770E5216 4 Bytes [A8, 02, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenProcessTokenEx + B 770E521B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenThread + 6 770E5276 4 Bytes [68, 01, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenThread + B 770E527B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenThreadToken + 6 770E5286 4 Bytes [68, 02, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenThreadToken + B 770E528B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtOpenThreadTokenEx + B 770E529B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtQueryAttributesFile + 6 770E53A6 4 Bytes [A8, 00, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtQueryAttributesFile + B 770E53AB 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtQueryFullAttributesFile + B 770E545B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtSetInformationFile + 6 770E5AA6 4 Bytes [28, 01, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtSetInformationFile + B 770E5AAB 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtSetInformationThread + 6 770E5B06 4 Bytes [28, 02, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtSetInformationThread + B 770E5B0B 1 Byte [E2]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtUnmapViewOfSection + 6 770E5E26 1 Byte [68]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtUnmapViewOfSection + 6 770E5E26 4 Bytes [68, 03, 17, 00]
    .text C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe[5440] ntdll.dll!NtUnmapViewOfSection + B 770E5E2B 1 Byte [E2]

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

    Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186c238fa
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002186c238fa@001fdec9d929 0x98 0xB4 0xDC 0x35 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186c238fa (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002186c238fa@001fdec9d929 0x98 0xB4 0xDC 0x35 ...

    ---- EOF - GMER 1.0.15 ----
     
  4. Lore

    Lore TS Rookie Topic Starter

    logs2

    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Mario at 18:42:30.00 on 26-Jan-11
    Internet Explorer: 8.0.7600.16385
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3067.1714 [GMT 1:00]

    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ============== Running Processes ===============

    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\AEADISRV.EXE
    C:\Program Files\AVG\AVG10\avgwdsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Users\Mario\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
    C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Mario\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Mario\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
    mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [Google Update] "c:\users\mario\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized
    uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
    mRun: [CNAP2 Launcher] c:\windows\system32\spool\drivers\w32x86\3\CNAP2LAK.EXE
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    StartupFolder: c:\users\mario\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
    Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
    Hosts: 127.0.0.1 www.spywareinfo.com

    ============= SERVICES / DRIVERS ===============

    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 251728]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 299984]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-11-23 6128208]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
    R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2010-2-26 26168]
    R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-12-13 1153368]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-13 311296]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2010-11-25 517448]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-27 1343400]

    =============== Created Last 30 ================

    2011-01-26 16:55:36 -------- d-----w- c:\users\mario\appdata\roaming\Malwarebytes
    2011-01-26 16:55:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-01-26 16:55:29 -------- d-----w- c:\progra~2\Malwarebytes
    2011-01-26 16:55:24 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-01-26 16:55:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-01-25 21:07:56 388096 ----a-r- c:\users\mario\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-01-25 21:07:56 -------- d-----w- c:\program files\Trend Micro
    2011-01-25 13:34:45 -------- d-----w- C:\Games
    2011-01-23 15:31:11 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
    2011-01-23 15:31:11 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
    2011-01-23 15:31:11 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
    2011-01-23 15:31:11 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
    2011-01-21 15:14:49 -------- d-----w- c:\program files\LucasArts

    ==================== Find3M ====================

    2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-02 04:41:36 442880 ----a-w- c:\windows\system32\XpsPrint.dll
    2010-11-02 04:41:36 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
    2010-11-02 04:41:36 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
    2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 04:36:16 801792 ----a-w- c:\windows\system32\FntCache.dll
    2010-11-02 04:35:51 1074176 ----a-w- c:\windows\system32\DWrite.dll
    2010-11-02 04:35:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
    2010-11-02 04:35:34 739840 ----a-w- c:\windows\system32\d2d1.dll
    2010-11-02 04:35:34 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
    2010-11-02 04:35:34 161792 ----a-w- c:\windows\system32\d3d10_1.dll
    2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe
    2010-11-02 04:23:44 107520 ----a-w- c:\windows\system32\cdd.dll

    ============= FINISH: 18:43:35.12 ===============





    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows 7 Ultimate
    Boot Device: \Device\HarddiskVolume1
    Install Date: 15-Oct-09 10:06:15 PM
    System Uptime: 26-Jan-11 6:02:33 PM (0 hours ago)

    Motherboard: Hewlett-Packard | | 30E9
    Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz | Intel(R) Genuine processor | 1321/166mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 98 GiB total, 61.332 GiB free.
    D: is CDROM ()
    E: is CDROM ()
    F: is CDROM ()
    S: is FIXED (NTFS) - 200 GiB total, 15.215 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000110E-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Service:

    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Service:

    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Service:

    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Service:

    Class GUID:
    Description: Bluetooth Peripheral Device
    Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Manufacturer:
    Name: Bluetooth Peripheral Device
    PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000F\7&24BEA97F&0&001FDEC9D929_C00000000
    Service:

    ==== System Restore Points ===================

    RP198: 23-Jan-11 5:02:03 PM - Removed Morrowind
    RP200: 23-Jan-11 5:04:00 PM - Installed Morrowind
    RP202: 23-Jan-11 5:07:32 PM - Installed TES Construction Set
    RP204: 23-Jan-11 5:12:00 PM - Installed Bloodmoon
    RP206: 23-Jan-11 5:14:35 PM - Installed Tribunal
    RP208: 23-Jan-11 5:20:43 PM - Removed TES Construction Set
    RP210: 23-Jan-11 5:21:29 PM - Removed Morrowind
    RP211: 25-Jan-11 9:55:23 PM - Restore Operation
    RP212: 25-Jan-11 10:07:27 PM - Installed HiJackThis

    ==== Installed Programs ======================

    2007 Microsoft Office Suite Service Pack 2 (SP2)
    Adobe AIR
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.1
    Advertising Center
    AstroPop Deluxe 1.1
    AVG 2011
    Bandisoft MPEG-1 Decoder
    Bejeweled 2 Deluxe 1.1
    Canon LBP3010/LBP3018/LBP3050
    Comix Zone
    D3DX10
    DolbyFiles
    Facebook Plug-In
    GOM Player
    Google Chrome
    Google Talk Plugin
    Guild Wars
    Hammer Heads Deluxe 1.1
    HiJackThis
    ImagXpress
    Java Auto Updater
    Java(TM) 6 Update 23
    LightScribe System Software
    MagicDisc 2.7.106
    Malwarebytes' Anti-Malware
    Menu Templates - Starter Kit
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Morrowind
    Movie Templates - Starter Kit
    Mozilla Thunderbird (2.0.0.6)
    MPEG2 Codec(libmpeg2/mad)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Nero 9
    Nero BurnRights
    Nero ControlCenter
    Nero CoverDesigner
    Nero DiscSpeed
    Nero DriveSpeed
    Nero InfoTool
    Nero Installer
    Nero Live
    Nero PhotoSnap
    Nero Recode
    Nero Rescue Agent
    Nero ShowTime
    Nero StartSmart
    Nero Vision
    Nero WaveEditor
    NeroBurningROM
    NeroExpress
    NeroLiveGadget
    neroxml
    Nokia Connectivity Cable Driver
    OGA Notifier 2.0.0048.0
    Opera 11.00
    Pirelli USB Driver
    Real Alternative 2.0.2
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2289158)
    Security Update for 2007 Microsoft Office System (KB2344875)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for Microsoft Office Access 2007 (KB979440)
    Security Update for Microsoft Office Excel 2007 (KB2345035)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
    Security Update for Microsoft Office Publisher 2007 (KB2284697)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Seven Seas Deluxe 1.13
    Skype™ 4.2
    SoulSeek Client 156c
    SoundTrax
    Spybot - Search & Destroy
    Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
    Synaptics Pointing Device Driver
    Total Commander (Remove or Repair)
    Tradewinds Legends 1.0.3.0
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2412171)
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Outlook 2007 Junk Email Filter (KB2483110)
    Ventrilo Client
    Winamp
    Winamp Detector Plug-in
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Messenger
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinRAR archiver

    ==== Event Viewer Messages From Past Week ========

    26-Jan-11 6:02:58 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
    26-Jan-11 6:02:58 PM, Error: atikmdag [43029] - Display is not active
    23-Jan-11 4:38:26 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom2.
    21-Jan-11 4:18:10 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom6.
    21-Jan-11 4:17:54 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom4.
    20-Jan-11 9:49:55 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    20-Jan-11 9:49:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    20-Jan-11 9:49:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    20-Jan-11 9:49:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    20-Jan-11 9:49:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    20-Jan-11 9:49:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    20-Jan-11 9:49:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x988025fe, 0xa2337c00, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012011-19968-01.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:26 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    20-Jan-11 9:49:25 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    20-Jan-11 9:49:25 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
    20-Jan-11 9:49:25 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    20-Jan-11 9:49:25 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

    ==== End Of File ===========================
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    1. closes an application at random> if this happens frequently, note time on the computer clock, tell me name of app and I'll tell you where to look.
    2. bleu screen (once)> not significant.
    3. system slows down occasionally Maybe you need to reboot once on a while to free up memory. Maybe you need to do maintenance more frequently. Maybe there is more internet traffic at that time.
    ==================================================
    This is the last entry showing in the Mbam log- but it's not the end of the log:
    Files Infected:
    c:\Users\Mario\downloads\smileycentralpfsetup2.3.76.6.znman000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    ??????????
    There should be some more text at the end. I ask because there is an entry in the DDS log to 'runclenscript'
    This is a leftover from the Delete On Reboot script. There's a bug where it doesn't get removed after it gets used.This was suppose to have been fixed in this version.
    ==============================================
    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
    7. Click Scan
    8. Wait for the scan to finish
    9. Re-enable your Antivirus software.
    10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    ======================================
    Download Combofix to your desktop from one of these locations:
    Link 1
    Link 2
    • Double click combofix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Query- Recovery Console image
      [​IMG]
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes it will open a text window. Please paste that log in your next reply.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
     
  6. Lore

    Lore TS Rookie Topic Starter

    Log from ESET:

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK

    Log from Combofix:


    ComboFix 11-01-29.02 - Mario 30-Jan-11 12:53:12.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3067.2005 [GMT 1:00]
    Running from: c:\users\Mario\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((( Files Created from 2010-12-28 to 2011-01-30 )))))))))))))))))))))))))))))))
    .

    2011-01-30 11:58 . 2011-01-30 11:58 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-01-30 11:51 . 2011-01-30 11:51 -------- d-----w- C:\32788R22FWJFW
    2011-01-27 21:03 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{16E3CFAA-2479-40AC-9829-B38FA4DF4E3E}\mpengine.dll
    2011-01-27 11:51 . 2011-01-27 11:51 -------- d-----w- c:\program files\ESET
    2011-01-26 16:55 . 2011-01-26 16:55 -------- d-----w- c:\users\Mario\AppData\Roaming\Malwarebytes
    2011-01-26 16:55 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-01-26 16:55 . 2011-01-26 16:55 -------- d-----w- c:\programdata\Malwarebytes
    2011-01-26 16:55 . 2011-01-26 16:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-01-26 16:55 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-01-25 21:07 . 2011-01-25 21:07 388096 ----a-r- c:\users\Mario\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-01-25 21:07 . 2011-01-25 21:07 -------- d-----w- c:\program files\Trend Micro
    2011-01-25 13:34 . 2011-01-25 13:34 -------- d-----w- C:\Games
    2011-01-23 15:31 . 2001-09-05 04:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
    2011-01-23 15:31 . 2000-10-05 15:55 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
    2011-01-23 15:31 . 2000-10-05 15:50 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
    2011-01-23 15:31 . 2000-10-05 15:49 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
    2011-01-21 15:14 . 2011-01-21 15:14 -------- d-----w- c:\program files\LucasArts

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-12 17:53 . 2010-05-11 12:33 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2010-11-04 05:52 . 2010-12-15 13:22 978944 ----a-w- c:\windows\system32\wininet.dll
    2010-11-04 05:48 . 2010-12-15 13:22 44544 ----a-w- c:\windows\system32\licmgr10.dll
    2010-11-04 04:41 . 2010-12-15 13:22 386048 ----a-w- c:\windows\system32\html.iec
    2010-11-04 04:08 . 2010-12-15 13:22 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2010-11-02 04:41 . 2010-12-15 13:22 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2010-11-02 04:40 . 2010-12-15 13:22 496128 ----a-w- c:\windows\system32\taskschd.dll
    2010-11-02 04:40 . 2010-12-15 13:22 305152 ----a-w- c:\windows\system32\taskcomp.dll
    2010-11-02 04:39 . 2010-12-15 13:22 749056 ----a-w- c:\windows\system32\schedsvc.dll
    2010-11-02 04:34 . 2010-12-15 13:22 192000 ----a-w- c:\windows\system32\taskeng.exe
    2010-11-02 04:34 . 2010-12-15 13:22 179712 ----a-w- c:\windows\system32\schtasks.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-09-22 4240760]
    "Google Update"="c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-10-24 133104]
    "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-05-19 37888]
    "CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE" [2007-09-05 406944]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "AvgUninstallURL"="start http:" [X]

    c:\users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2010-9-23 576000]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1343400]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-02-26 26168]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-05-18 16:54 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder

    2011-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-804780805-3886671757-2489778224-1000Core.job
    - c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-24 11:19]

    2011-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-804780805-3886671757-2489778224-1000UA.job
    - c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-24 11:19]
    .
    .
    ------- Supplementary Scan -------
    .
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    .
    - - - - ORPHANS REMOVED - - - -

    URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    AddRemove-Guild Wars - s:\guild wars\Gw.exe


    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-01-30 13:00:54
    ComboFix-quarantined-files.txt 2011-01-30 12:00

    Pre-Run: 66,716,164,096 bytes free
    Post-Run: 66,897,031,168 bytes free

    - - End Of File - - 88C5183D7EDC3E653B5519729E569DA1
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Was anything found? This isn't the log.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I'm not seeing much so far.

    Please reopen HijackThis to 'do system scan only.'. Check each of the following, if present:

    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe> See Option 1
    O20 - Winlogon Notify: xxop81 - xxop81.dll (file missing)


    Close all Windows except HijackThis and click on "Fix Checked."
    ==============================================
    Option 1: MagicDisc.exe - Associated with MagicISO Virtual CD/DVD-ROMsoftware. Makes CD/DVD image files, convert formats, etc. magicdisc.exe uses excessive system and memory resources with no corresponding benefit. Applications such as these should be disabled to improve overall system performance. It does not need to start on boot and can be accessed when you need it by clicking on Start> All Programs: MagicDisc
    [​IMG]
    Start Menu: All Programs. Screenshot courtesy Winsupersite.
    =====================================
    Windows 7 like to keep the desktop clean and may have inadvertently moved the icons. Right click on any empty area of the desktop> Choose View. Make sure Show Desktop Icons is checked.

    Please let me know what additional problems remain.
     
  9. Lore

    Lore TS Rookie Topic Starter

    ESET found some trojan worms. And this was in the log where you said it would be.

    I'll do the HJT and If there are more problem let ya know.

    Thanks for all the help :))
     
  10. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Where is the log? Where are the Worms? Find it please and paste it in next reply:

    It is here: C:\Program Files\EsetOnlineScanner\log.txt.
     
  11. Lore

    Lore TS Rookie Topic Starter

    And I am saying that I have found the file You are talking about and it contains only this:


    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK

    I've done the scan twice!
     
  12. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay. I don't know where the Worms went though because the Eset instructions state not to check for removal. Online scanners show entries no matter where their location is- it could be an old infection but still in the restore points (I have you drop those at the end of cleaning) Ir they could be in the Qoobox which is where Combofix sends the files it deleted. If only either of these, the malware is no longer active in the system

    Please run a scan with AVG and paste in the log.

    Did you try what I left for restoring the desktop icons? Was there any improvement?
    ================================================
    Posted problems:
    1. closes an application at random> if this happens frequently, note time on the computer clock, tell me name of app and I'll tell you where to look.
    2. bleu screen (once)> not significant.
    3. system slows down occasionally Maybe you need to reboot once on a while to free up memory. Maybe you need to do maintenance more frequently. Maybe there is more internet traffic at that time.
     
  13. Lore

    Lore TS Rookie Topic Starter

    Scan "Scan whole computer" completed.
    Warnings;"115";"115";"0"
    Folders selected for scanning:;"Scan whole computer"
    Scan started:;"Tuesday, 01 February, 2011, 10:35:37 AM"
    Scan finished:;"Tuesday, 01 February, 2011, 10:47:53 AM (12 minute(s) 15 second(s))"
    Total object scanned:;"392966"
    User who launched the scan:;"Mario"

    Warnings
    File;"Infection";"Result"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\zedo.com.c1dd09f2;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\zedo.com.b59b1f48;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\zedo.com.6a4b36ab;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\zedo.com.27f1639b;"Found Tracking cookie.Zedo";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\yadro.ru.c77afad5;"Found Tracking cookie.Yadro";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.f2e337da;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.e2e71e33;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.c9b40e7c;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.ae53b8b;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.a00e30b4;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.6a120fb;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.67c02881;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.4f6f88fa;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.37644bdb;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.34123425;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\trafficmp.com.2878eb14;"Found Tracking cookie.Trafficmp";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\tradedoubler.com.eab0972e;"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\tradedoubler.com.dc3c9994;"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\tacoda.net.4366831a;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\tacoda.net.27341d57;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\statse.webtrendslive.com.b4ca7df0;"Found Tracking cookie.Webtrendslive";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\smartadserver.com.bf8b766;"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\smartadserver.com.5550c4ed;"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\smartadserver.com.321a5cf8;"Found Tracking cookie.Smartadserver";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.c9034af6;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ru4.com.f2adca26;"Found Tracking cookie.Ru4";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ru4.com.5a5e0633;"Found Tracking cookie.Ru4";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ru4.com.4a1a2114;"Found Tracking cookie.Ru4";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ru4.com.490c38be;"Found Tracking cookie.Ru4";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ru4.com.3d65bbfd;"Found Tracking cookie.Ru4";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\revsci.net.f0067737;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\revsci.net.50e13b1b;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\revsci.net.18a1d1b2;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\realmedia.com.ef906bac;"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\realmedia.com.855b46d;"Found Tracking cookie.Realmedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\questionmarket.com.4dd5e426;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\questionmarket.com.3eb5a9f1;"Found Tracking cookie.Questionmarket";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\pointroll.com.f2d5a6f6;"Found Tracking cookie.Pointroll";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\pointroll.com.72c0abc9;"Found Tracking cookie.Pointroll";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\overture.com.e626e6be;"Found Tracking cookie.Overture";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\overture.com.52ca467a;"Found Tracking cookie.Overture";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\mediaplex.com.f652b123;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\mediaplex.com.dc30fb3c;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\mediaplex.com.323e9a10;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\hitbox.com.2b95f8a3;"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\fastclick.net.8a6435e9;"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\fastclick.net.57e8da10;"Found Tracking cookie.Fastclick";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\casalemedia.com.ce59db3e;"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\casalemedia.com.80ad4799;"Found Tracking cookie.Casalemedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\burstnet.com.ce59db3e;"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\burstnet.com.a3218a37;"Found Tracking cookie.Burstnet";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\atdmt.com.f4b86dca;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\atdmt.com.7247c262;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adviva.net.39ec90c;"Found Tracking cookie.Adviva";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\advertising.com.b624fa46;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\advertising.com.525a5fb9;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\advertising.com.203aa218;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\advertising.com.1dfa2206;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adtech.de.a9245469;"Found Tracking cookie.Adtech";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adbrite.com.ff6c09ff;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adbrite.com.d5e309c2;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adbrite.com.71beeff9;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adbrite.com.44f92a69;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\adbrite.com.215df2f3;"Found Tracking cookie.Adbrite";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.e626e6be;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.b4be891c;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.830b6f08;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.557bf2b0;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\ad.yieldmanager.com.13a6979d;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.e802a7ab;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.e48ef60e;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.c03e4f6e;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.b271730a;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.b0922707;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.a698612e;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\2o7.net.7c6f0705;"Found Tracking cookie.2o7";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\247realmedia.com.e14be39e;"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\247realmedia.com.855b46d;"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat:\247realmedia.com.110162fb;"Found Tracking cookie.247realmedia";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Opera\Opera\cookies4.dat;"Found Tracking cookie.247realmedia";"Healed"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.ff92306;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.e626e6be;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.8a47878;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.830b6f08;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt:\ad.yieldmanager.com.539b0606;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt;"Found Tracking cookie.Yieldmanager";"Healed"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.ff92306;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.539b0606;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[2].txt;"Found Tracking cookie.Yieldmanager";"Healed"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@serving-sys[1].txt:\serving-sys.com.db46cecc;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@serving-sys[1].txt:\serving-sys.com.3c465e6e;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@serving-sys[1].txt:\serving-sys.com.176b0dad;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Healed"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@bs.serving-sys[1].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@bs.serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Healed"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.ff92306;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.e626e6be;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.8a47878;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.557bf2b0;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt:\ad.yieldmanager.com.539b0606;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt;"Found Tracking cookie.Yieldmanager";"Healed"


    Tryed the deskop thing and it worked.

    Regarding the "closes the applicastion at random" ... I havnt had the problem sicne You started helping.
     
  14. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    These entries are only the run of the mill Tracking Cookies. Run Superantispyware as below, and be sure to check the line to have it remove what it finds. Follow with resetting the Cookies:
    [​IMG]
    SuperAntiSpyware Home Edition Free Version
    • Please download SuperAntiSpyware from HERE
    • Launch SuperAntiSpyware and click on 'Check for updates'.
    • Wait for the updates to be installed
    • On the main screen click on 'Scan your computer'.
    • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
    • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
    • Make sure everything found has a checkmark next to it,then press 'Next'.
    • Click on 'Finish' when you've done.
    It's possible that the program will ask you to reboot in order to delete some files.

    Obtain the SuperAntiSpyware log as follows:
    • Click on 'Preferences'.
    • Click on the 'Statistics/Logs' tab.
    • Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
    It will then open in your default text editor,such as Notepad. Paste the notepad file here on your reply
    ==============================================
    Reset Cookies>> depending on which browser(S) are being used:

    For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

    For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List

    For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    (First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)
    ==================================
    The icons are back and all the problems have been resolved- yes?
     
  15. Lore

    Lore TS Rookie Topic Starter

    Problems do not occure.

    Here is the log:


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 02/01/2011 at 07:55 PM

    Application Version : 4.47.1000

    Core Rules Database Version : 6318
    Trace Rules Database Version: 4130

    Scan type : Complete Scan
    Total Scan Time : 00:40:19

    Memory items scanned : 732
    Memory threats detected : 0
    Registry items scanned : 9293
    Registry threats detected : 0
    File items scanned : 21881
    File threats detected : 396

    Adware.Tracking Cookie
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@mediabrandsww[1].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@content.yieldmanager[1].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@adecn[2].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[3].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@content.yieldmanager[4].txt
    .game-advertising-online.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .dmtracker.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .server.cpmstar.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .viacom.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .weborama.fr [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .videoegg.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lfstmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .rambler.ru [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    in.getclicky.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media.photobucket.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .s.clickability.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .network.realmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adinterax.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .xiti.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver.adreactor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lfstmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .chitika.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stats.enovine.rs [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .viacom.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eyewonder.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eyewonder.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpose.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cz11.clickzs.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cz11.clickzs.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    s04.flagcounter.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .viacom.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserv.brandaffinity.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .austrianairlines.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.etracker.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tripod.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.zanox.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .germanwings.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .avgtechnologies.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bs.serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .honeywell.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    webstats.aetna.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .liveperson.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .liveperson.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucent.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    data.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    data.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    data.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .liveperson.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .theporncomics.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .theporncomics.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .track.parse.ly [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .shared.rogersmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .analytics.rogersmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    fidelity.rotator.hadj7.adjuggler.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yieldmanager.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adlegend.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adlegend.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .freshtracks.co.uk [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .freshtracks.co.uk [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .andomedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .marketlive.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .condenast.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .gostats.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www9.addfreestats.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .azjmp.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .azjmp.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smileycentral.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smileycentral.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .socialmediatoday.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    wstat.wibiya.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    user.lucidmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .s.clickability.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .liveperson.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .www.novamedia.co.rs [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .novamedia.co.rs [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .novamedia.co.rs [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .technoratimedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.directmedia.biz [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bonniercorp.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adinterax.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .richmedia.yahoo.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.statssheet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.cracktwo.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adnethr.adocean.pl [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adtech.de [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .himedia.individuad.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.coolcrack.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .timeinc.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    static.freewebs.getclicky.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.dealtime.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .skyscanner.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kantarmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kantarmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .chicagosuntimes.122.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .myroitracking.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adecn.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediabrandsww.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .oddcast.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.neomedia.hr [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pro-market.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads2.monitor.hr [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads2.monitor.hr [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    z.blogads.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .countomat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .toplist.cz [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .harrenmedianetwork.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .liveperson.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lfstmedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    vipnetadserver.neuralab.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .apmebf.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media.contextweb.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media.contextweb.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    statse.webtrendslive.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.123stat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.123stat.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .hearstmagazines.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .www.burstnet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.burstnet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mtvn.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .viacom.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .viacom.adbureau.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .server.cpmstar.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .server.cpmstar.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .server.cpmstar.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver.mmoguru.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .associatedcontent.112.2o7.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .gdfp.g.doubleclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .gdfp.g.doubleclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atwola.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stats.complex.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stats.complex.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .stats.complex.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bs.serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    adserver1.w00tmedia.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .cracked.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads2.monitor.hr [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .etargetnet.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    media.mtvnservices.com [ C:\Users\Mario\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YURDZAVP ]
    secure-us.imrworldwide.com [ C:\Users\Mario\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YURDZAVP ]
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@ad.yieldmanager[2].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@bs.serving-sys[1].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@collective-media[1].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario@serving-sys[1].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@ad.yieldmanager[2].txt
    C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\mario@content.yieldmanager[3].txt
    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@ad.yieldmanager[2].txt
     
  16. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    It does not appear that you check the line for SAS to remove the Tracking Cookies:
    What are Tracking Cookies?
    Tracking cookies are only created to track a users movement. The movement can still only be tracked if the user visits a website that displays the advertisement scripts of the company that has a cookie stored on the system. Tracking cookies raise privacy issues, as they allow companies to partially track an Internet user’s movement on the Internet.

    The difference between First Party and Third Party Cookies:
    A first party cookie is placed by the website itself. For instance,TechSpot will leave a First Party Cookie. A third party cookie is placed by scripts from other services, mostly advertisements that are loaded on the page. So you might find 3rd party Cookies from any ads on the site.

    The AVG scan you did shows Tracking Cookies on these accounts and browsers:
    1.C:\Users\Mario\AppData\Roaming\Opera\"Moved to Virus Vault"
    2.C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\"Healed"
    3.C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies\Low\mario "Moved to Virus Vault"

    The SAS scan shows new Tracking Cookies on these accounts and browsers:
    1.C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Cookies
    2.C:\Users\Mario\AppData\Local\Google\Chrome
    3.C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\ Cookies

    I just listed the different accounts
    User>> All Mario
    Browser> Internet Explorer ,Chrome and Opera.
    Accounts> Roaming, Low privilege and Administrative.

    You have no protection at all, it appears. There is no reason at all to allow the Tracking Cookies. You can reset the browser as I instructed to prevent them and have SAS remove them.

    It looks like AVG put them all either in the Virus Vault or 'Healed' them.
    SAS found 396 new Tracking Cookies
    ==========================================
    Add this to Reset Cookies> For Opera:
    • Press Ctrl-F12 to open the Opera Preferences.
    • Choose the Advanced tab> select cookies from the left sidebar menu.
    • Uncheck Accept cookies
    • Check Accept cookies only from the site I visit.
    This will disable third party Cookies which are where tracking Cookies are found. to disable third party cookies in Opera.

    It may be that you aren't doing any cleanup maintenance on the system such as disc cleanup, defrag and error check. Not doing this can also cause your system to "act Weird."
    ======================================
    Since your original problems have been resolved, I just need for you to run HijackThis so I can make sure no bad entries remain. I'll check the log and after that, if there re no more removals, I'll have you remove the cleaning tools.

    Download HijackThis and save to your desktop.
    • Extract it to a directory on your hard drive called c:\HijackThis.
    • Then navigate to that directory and double-click on the hijackthis.exe file.
    • When started click on the Scan button and then the Save Log button to create a log of your information.
    • The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and paste (Ctrl+V) the log in your next reply.

    NOTE: Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...