Jump to content

pum.hijack virus - ready for instructions


Recommended Posts

I have tried multiple steps already. Malwarebytes scan in safe mode with networking

Combofix

Mcafee

trendmicro hijack

All scans come up clean, but I am still getting some redirecting.

Any help would be appreciated.

Gerhard

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 6:22:28 PM, on 11/6/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Documents and Settings\Gerhard & Diane\Desktop\HijackThis.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=5090123

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: D-Link Toolbar Search Class - {e917fc61-7f80-4f1f-a882-cdffffbe4c8d} - C:\Program Files\D-Link Toolbar\dlinktb.dll

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

R3 - URLSearchHook: (no name) - {c3d3840c-12ea-4461-a61d-190555fecc82} - C:\Program Files\Guffins\bar\1.bin\u4SrcAs.dll

R3 - URLSearchHook: NetAssistant - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: GoodShopToolbar - {0b4d6b1c-d1a6-4b21-9412-cc846ebfa818} - C:\Program Files\GoodSearch.com\GoodSearch Toolbar\adxloader.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110510030137.dll

O2 - BHO: Toolbar BHO - {a916eefe-6a17-4d7d-a131-2738b260bb55} - C:\PROGRA~1\Guffins\bar\1.bin\u4bar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Search Assistant BHO - {d6a34acb-76fa-4a14-88ea-5d54797a2028} - C:\Program Files\Guffins\bar\1.bin\u4SrcAs.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: D-Link Toolbar Loader - {f01858c7-2a68-4d93-9e22-502eae3917c2} - C:\Program Files\D-Link Toolbar\dlinktb.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: GoodSearchBar - {10834e9a-d475-4a24-ad01-f3f24f71b28e} - C:\Program Files\GoodSearch.com\GoodSearch Toolbar\adxloader.dll

O3 - Toolbar: Guffins - {de2fdf7c-2637-4ba3-b427-3fce2d331db5} - C:\Program Files\Guffins\bar\1.bin\u4bar.dll

O3 - Toolbar: D-Link Toolbar - {61874dfa-9adf-44e5-8e61-f3913707e7d7} - C:\Program Files\D-Link Toolbar\dlinktb.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [8169Diag] C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe /hw

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Guffins Browser Plugin Loader] C:\PROGRA~1\Guffins\bar\1.bin\u4brmon.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [V0400Mon.exe] C:\WINDOWS\V0400Mon.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\RunOnce: [iERESETATTRIB] %SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes

O4 - HKLM\..\RunOnce: [installing-ie8] C:\DOCUME~1\GERHAR~1\LOCALS~1\Temp\IE8-WindowsXP-x86-ENU.exe /passive

O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] C:\WINDOWS\system32\reg.exe DELETE "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" /v "NoIE4StubProcessing" /f

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [DirectPlayerCore] "C:\Program Files\NBC Direct\DirectPlayerCore.exe"

O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} (NeroVersionCheckerControl Control) - http://www.nero.com/doc/NeroVersionCheckerControl.cab

O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab

O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Guffins Service (GuffinsService) - Guffins - C:\PROGRA~1\Guffins\bar\1.bin\u4barsvc.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 15645 bytes

Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8154

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

11/13/2011 1:58:04 PM

mbam-log-2011-11-13 (13-58-04).txt

Scan type: Quick scan

Objects scanned: 232335

Time elapsed: 2 minute(s), 24 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

**************************

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Gerhard & Diane at 14:01:47 on 2011-11-13

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3037.2357 [GMT -5:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\program files\real\realplayer\update\realsched.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://att.my.yahoo.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

uURLSearchHooks: D-Link Toolbar Search Class: {e917fc61-7f80-4f1f-a882-cdffffbe4c8d} - c:\program files\d-link toolbar\dlinktb.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

mURLSearchHooks: D-Link Toolbar Search Class: {e917fc61-7f80-4f1f-a882-cdffffbe4c8d} - c:\program files\d-link toolbar\dlinktb.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: GoodShopToolbar: {0b4d6b1c-d1a6-4b21-9412-cc846ebfa818} - c:\program files\goodsearch.com\goodsearch toolbar\adxloader.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110510030137.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: D-Link Toolbar Loader: {f01858c7-2a68-4d93-9e22-502eae3917c2} - c:\program files\d-link toolbar\dlinktb.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: GoodSearchBar: {10834e9a-d475-4a24-ad01-f3f24f71b28e} - c:\program files\goodsearch.com\goodsearch toolbar\adxloader.dll

TB: D-Link Toolbar: {61874dfa-9adf-44e5-8e61-f3913707e7d7} - c:\program files\d-link toolbar\dlinktb.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

uRun: [Creative Live! Cam Manager] "c:\program files\creative\creative live! cam\live! cam manager\CTLCMgr.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript

dRunOnce: [RunNarrator] Narrator.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Trusted Zone: intuit.com\ttlc

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab

DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab

DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll

DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www2.snapfish.com/SnapfishActivia.cab

DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77} - hxxp://www.nero.com/doc/NeroVersionCheckerControl.cab

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{0893F4C1-79D1-4CB7-A371-22E346409A0C} : DhcpNameServer = 192.168.0.1

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-2-23 387480]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-2-23 84200]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]

R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]

R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [2009-1-22 8960]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-1-30 94880]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-2-23 271480]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-2-23 271480]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2011-2-23 271480]

R2 McShield;McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-2-23 171168]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2011-2-23 188136]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-2-23 141792]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-2-23 56064]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-1-22 110080]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-2-23 153280]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-2-23 52320]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-2-23 314088]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-2-23 88736]

S3 DCamUSBSTK017;STK017 Camera;c:\windows\system32\drivers\STK017W2.sys [2003-11-17 99476]

S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2009-1-22 11264]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-1-22 30192]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-2-23 88736]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-2-23 84488]

S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [2009-1-22 16640]

S3 VF0400Afx;VF0400 Audio FX;c:\windows\system32\drivers\V0400Afx.sys [2011-10-30 142656]

S3 VF0400Vfx;VF0400 Video FX;c:\windows\system32\drivers\V0400Vfx.sys [2011-10-30 7424]

S3 VF0400Vid;Live! Cam Notebook Pro (VF0400);c:\windows\system32\drivers\V0400Vid.sys [2011-10-30 192096]

S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]

S4 GuffinsService;Guffins Service;c:\progra~1\guffins\bar\1.bin\u4barsvc.exe --> c:\progra~1\guffins\bar\1.bin\u4barsvc.exe [?]

S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-20 135664]

S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-20 135664]

S4 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-9-24 68928]

.

=============== Created Last 30 ================

.

2011-11-13 18:55:36 54016 ----a-w- c:\windows\system32\drivers\tkfasmej.sys

2011-11-13 18:16:38 -------- d-----w- c:\program files\TotalRecipeSearch_14EI

2011-11-10 03:12:35 -------- d-----w- c:\documents and settings\gerhard & diane\application data\SUPERAntiSpyware.com

2011-11-10 03:11:41 -------- d-----w- c:\program files\SUPERAntiSpyware

2011-11-10 03:11:41 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2011-11-09 22:28:56 295762 ----a-w- c:\windows\system32\shimg.dll

2011-11-09 01:34:36 -------- d-----w- C:\ComboFix

2011-11-07 03:24:58 200976 ----a-w- c:\windows\system32\drivers\tmcomm.sys

2011-11-07 01:54:40 -------- d-----w- c:\windows\pss

2011-11-06 22:18:22 -------- dc----w- c:\windows\ie8

2011-11-03 20:30:29 -------- d-sha-r- C:\cmdcons

2011-11-03 20:22:52 98816 ----a-w- c:\windows\sed.exe

2011-11-03 20:22:52 518144 ----a-w- c:\windows\SWREG.exe

2011-11-03 20:22:52 256000 ----a-w- c:\windows\PEV.exe

2011-11-03 20:22:52 208896 ----a-w- c:\windows\MBR.exe

2011-11-03 01:34:21 -------- d-----w- c:\program files\ESET

2011-10-30 23:55:20 -------- d-----w- C:\Live! Cam

2011-10-30 22:58:13 7062 ----a-w- c:\windows\system32\audiopid.vxd

2011-10-30 22:57:36 53248 ------w- c:\windows\Ctregrun.exe

2011-10-30 22:55:21 -------- d-----w- c:\program files\muvee Technologies

2011-10-30 22:55:21 -------- d-----w- c:\program files\common files\muvee Technologies

2011-10-30 22:53:59 -------- d-----w- c:\program files\SightSpeed

2011-10-30 22:51:08 -------- d-----w- c:\program files\Creative

2011-10-30 22:50:26 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll

2011-10-30 22:50:26 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll

2011-10-30 22:50:26 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe

2011-10-30 22:50:26 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll

2011-10-30 22:50:26 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll

2011-10-30 22:50:24 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll

2011-10-30 22:50:24 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll

2011-10-21 02:32:41 -------- d-----w- c:\program files\Free Offers from Freeze.com

2011-10-21 02:32:35 -------- d-sh--w- c:\windows\system32\AI_RecycleBin

2011-10-21 02:32:33 -------- d-----w- c:\documents and settings\gerhard & diane\application data\W3i

2011-10-21 02:25:37 17728 ----a-w- c:\windows\system32\nitrolocalui.dll

2011-10-21 02:25:36 26432 ----a-w- c:\windows\system32\nitrolocalmon.dll

2011-10-21 02:24:04 -------- d-----w- c:\documents and settings\gerhard & diane\application data\Downloaded Installations

2011-10-14 23:37:13 -------- d-----w- c:\program files\iPod

2011-10-14 23:32:21 -------- d-----w- c:\program files\Bonjour

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-04 02:25:13 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-24 19:03:42 68928 ----a-w- c:\windows\system32\NLSSRV32.EXE

2011-09-20 01:37:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-06 13:25:11 1867904 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 22:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-31 03:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 03:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-08-31 03:05:04 178536 ----a-w- c:\windows\system32\dnssdX.dll

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-19 12:40:16 18816 ----a-w- c:\windows\system32\drivers\dvd43llh.sys

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

.

============= FINISH: 14:08:51.45 ===============

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Link to post
Share on other sites

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-03 03:13:52

# local_time=2011-11-02 11:13:52 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5121 16777190 100 75 14351924 32861176 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=168038

# found=6

# cleaned=6

# scan_time=5609

C:\Documents and Settings\All Users\Application Data\wLFPFmouqaYX.exe a variant of Win32/Kryptik.UUB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4datact.dll a variant of Win32/Toolbar.MyWebSearch.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4html.dll probably a variant of Win32/Toolbar.MyWebSearch.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4Plugin.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4skin.dll a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-11-09 01:20:47

# local_time=2011-11-08 08:20:47 (-0500, Eastern Standard Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777190 100 75 14865812 33375064 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=142805

# found=11

# cleaned=11

# scan_time=3335

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084452.dll a variant of Win32/Toolbar.MyWebSearch.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084453.dll probably a variant of Win32/Toolbar.MyWebSearch.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084454.dll probably a variant of Win32/Toolbar.MyWebSearch.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084455.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084456.dll a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP933\A0078095.DLL Win32/Toolbar.MyWebSearch.I application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP970\A0079326.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP970\A0079327.rbf probably a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP972\A0079373.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP986\A0081263.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP986\A0081276.rbf probably a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-23 04:28:26

# local_time=2011-11-23 11:28:26 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16123457 34632709 0 0

# compatibility_mode=8192 67108863 100 0 850316 850316 0 0

# scanned=151600

# found=2

# cleaned=2

# scan_time=9728

C:\Program Files\LP\BFEE\95.tmp Win32/PSW.Agent.NTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1018\A0089360.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-11-24 03:55:34

# local_time=2011-11-24 10:55:34 (-0500, Eastern Standard Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16209750 34719002 0 0

# compatibility_mode=8192 67108863 100 0 936609 936609 0 0

# scanned=150210

# found=0

# cleaned=0

# scan_time=7863

esets_scanner_update returned -1 esets_gle=53251

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-26 04:11:00

# local_time=2011-11-25 11:11:00 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16342897 34852149 0 0

# compatibility_mode=8192 67108863 100 0 1069756 1069756 0 0

# scanned=152415

# found=1

# cleaned=1

# scan_time=5242

C:\Documents and Settings\Gerhard & Diane\Local Settings\temp\NF7FKv4ORwuaPa.exe.tmp a variant of Win32/Kryptik.WAX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-03 03:13:52

# local_time=2011-11-02 11:13:52 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5121 16777190 100 75 14351924 32861176 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=168038

# found=6

# cleaned=6

# scan_time=5609

C:\Documents and Settings\All Users\Application Data\wLFPFmouqaYX.exe a variant of Win32/Kryptik.UUB trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4datact.dll a variant of Win32/Toolbar.MyWebSearch.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4html.dll probably a variant of Win32/Toolbar.MyWebSearch.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4Plugin.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Guffins\bar\1.bin\u4skin.dll a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-11-09 01:20:47

# local_time=2011-11-08 08:20:47 (-0500, Eastern Standard Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777190 100 75 14865812 33375064 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=142805

# found=11

# cleaned=11

# scan_time=3335

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084452.dll a variant of Win32/Toolbar.MyWebSearch.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084453.dll probably a variant of Win32/Toolbar.MyWebSearch.F application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084454.dll probably a variant of Win32/Toolbar.MyWebSearch.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084455.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1012\A0084456.dll a variant of Win32/Toolbar.MyWebSearch.P application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP933\A0078095.DLL Win32/Toolbar.MyWebSearch.I application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP970\A0079326.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP970\A0079327.rbf probably a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP972\A0079373.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP986\A0081263.rbf a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP986\A0081276.rbf probably a variant of Win32/Adware.Toolbar.Dealio application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-23 04:28:26

# local_time=2011-11-23 11:28:26 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16123457 34632709 0 0

# compatibility_mode=8192 67108863 100 0 850316 850316 0 0

# scanned=151600

# found=2

# cleaned=2

# scan_time=9728

C:\Program Files\LP\BFEE\95.tmp Win32/PSW.Agent.NTM trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{45B5E8B9-949A-471E-999D-F381DA56A2D3}\RP1018\A0089360.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-11-24 03:55:34

# local_time=2011-11-24 10:55:34 (-0500, Eastern Standard Time)

# country="United States"

# lang=9

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16209750 34719002 0 0

# compatibility_mode=8192 67108863 100 0 936609 936609 0 0

# scanned=150210

# found=0

# cleaned=0

# scan_time=7863

esets_scanner_update returned -1 esets_gle=53251

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=8ad1a51d0a5cf5459db50c1a22b539a6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-26 04:11:00

# local_time=2011-11-25 11:11:00 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=512 16777215 100 0 0 0 0 0

# compatibility_mode=5121 16777173 100 75 16342897 34852149 0 0

# compatibility_mode=8192 67108863 100 0 1069756 1069756 0 0

# scanned=152415

# found=1

# cleaned=1

# scan_time=5242

C:\Documents and Settings\Gerhard & Diane\Local Settings\temp\NF7FKv4ORwuaPa.exe.tmp a variant of Win32/Kryptik.WAX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

security check

Results of screen317's Security Check version 0.99.28

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET Online Scanner v3

McAfee SecurityCenter

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 20

Java 6 Update 7

Java version out of date!

Adobe Flash Player ( 10.2.152.26) Flash Player out of Date!

Adobe Reader 9 (Adobe Reader out of date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Link to post
Share on other sites

  • Staff

Hi,

Please update MBAM, run a Quick Scan, and post its log.

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program(s) (if present):

ESET Online Scanner v3

Java™ 6 Update 20

Java™ 6 Update 7

Java version out of date!

Adobe Flash Player ( 10.2.152.26) Flash Player out of Date!

Adobe Reader 9 (Adobe Reader out of date!

Restart your computer.

Get the latest version of Java, Adobe Reader, Adobe Flash Player, and Firefox.

Let me know what issues remain.

-screen317

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8288

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/1/2011 9:19:42 PM

mbam-log-2011-12-01 (21-19-41).txt

Scan type: Quick scan

Objects scanned: 248236

Time elapsed: 14 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

I will do the rest of the items you have requested and will post any problems I am still having.

Thanks!

Gerhard

Link to post
Share on other sites

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 12/01/2011 at 10:53 PM

Application Version : 5.0.1136

Core Rules Database Version : 7988

Trace Rules Database Version: 5800

Scan type : Complete Scan

Total Scan Time : 00:23:52

Operating System Information

Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)

Administrator

Memory items scanned : 592

Memory threats detected : 0

Registry items scanned : 38425

Registry threats detected : 0

File items scanned : 18222

File threats detected : 233

Adware.Tracking Cookie

C:\Documents and Settings\Gerhard & Diane\Cookies\FYS67GBN.txt [ /doubleclick.net ]

C:\Documents and Settings\Gerhard & Diane\Cookies\AI89NWSC.txt [ /atdmt.com ]

C:\Documents and Settings\Gerhard & Diane\Cookies\18AK8X7N.txt [ /c.atdmt.com ]

secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\GZVWZ48T ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adinterax.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adinterax.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.apmebf.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pro-market.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pro-market.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adtech.de [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.realmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.realmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.addynamix.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

mediaservices-d.openxenterprise.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.burstnet.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ads.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pro-market.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.eyewonder.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.fastclick.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.atdmt.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adbrite.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ru4.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.leapfrogonline.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

counter.rewardsnetwork.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.2o7.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.specificclick.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.burstnet.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.histats.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.histats.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.histats.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www9.addfreestats.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.adxpose.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.indieclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

optimize.indieclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

www.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.commonsensemedia.org [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.collective-media.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.viewablemedia.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.interclick.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.fastclick.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.bonton.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.andomedia.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.advertising.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

track.prd1.netshelter.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.revsci.net [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.zedo.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.atdmt.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\GERHARD & DIANE\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

It seems that the redirect virus is gone, and I no longer have the intermittent internet radio stations popping up but each time I run the superantispyware scan it comes up with large amounts of adware tracking cookies.

I am running the malwarebytes trial and plan on subscribing to its full time protection, just not sure how to decrease the malware.

What should I do?

Gerhard

Link to post
Share on other sites

  • Staff

Hi Gerhard,

Cookies are harmless. SuperAntiSpyware likes to list them.. MBAM lists active infections..

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

Link to post
Share on other sites

  • 2 weeks later...
  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.