Jump to content


Photo

PC Super Slow - please check my log


  • This topic is locked This topic is locked
22 replies to this topic

#1 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 06 May 2009 - 07:18 AM

Hello -

My PC is super slow. it seems like it's just happened within the last few weeks. It's so slow you can go do something in the kitchen while waiting for an internet page to load. Some websites are slower than others. Most notably, www.boston.com, which is the updated by the minute site for The Boston Globe newspaper is amazingly slow. There are a ton of ads and formatting on that site, but still.

I have noticed that several *.zedo.com ads are loading that I don't see on other sites.

I have:

- Windows Vista Home Premium 32-bit
- Done a defrag using the Vista program
- Cleaned out my system using Ad-Aware with all the latest updates
- Weekly run Norton for Internet 2008 with all the latest Live Update updates
- Done a Disk Cleaner to get rid of unnecessary files using the Vista program

Here is my Hijack This! log. Is there anything else I can do?

Are there any other malware applications I should be using in addition to Ad-Aware?

Thank you for all your help!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:52 AM, on 5/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\McciTrayApp.exe
H:\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1723399633-2990472025-3422528551-1004\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Erin')
O4 - HKUS\S-1-5-21-1723399633-2990472025-3422528551-1004\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Erin')
O4 - S-1-5-21-1723399633-2990472025-3422528551-1004 Startup: Proxomitron - Shortcut.lnk = C:\Program Files\Proxomitron Naoko-4\Proxomitron.exe (User 'Erin')
O4 - S-1-5-21-1723399633-2990472025-3422528551-1004 User Startup: Proxomitron - Shortcut.lnk = C:\Program Files\Proxomitron Naoko-4\Proxomitron.exe (User 'Erin')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

--
End of file - 9891 bytes

Edited by Amber1106, 06 May 2009 - 01:53 PM.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,533 posts

Posted 08 May 2009 - 07:42 PM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 10 May 2009 - 09:46 PM

Hello Amber1106. Welcome to SWI.

Nothing suspicious was found in your log.
So, letís run some scans to make sure there is nothing lurking that we canít see.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps.

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Please download Malwarebytes' Anti-Malware to your Desktop
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a location you will remember.
  • Copy and Paste that log into your next reply.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK for either of the prompts and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

In Internet Explorer, please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • In the drop down box labeled Files of type change the type to Text file.
  • Save the file to your Desktop.
  • Copy and Paste that information in your next post.
To optimize scanning time and produce a more sensible report for review:

  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

Please post:

Security Check log.
MBAM log.
Kaspersky report.
And let me know if the problem remains.


Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#4 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 11 May 2009 - 03:34 PM

Hi Rocket Grannie -

Thank you for your easy-to-follow instructions.

My Security Check Log:

Results of screen317's Security Check version 0.98.3
Windows Vista Service Pack 1
``````````````````````````````
Antivirus/Firewall Check:
``````````````````````````````

Windows Firewall Disabled!
AuthentiumAntiVirusSDK-2
NortonAntiVirus
NortonAntiVirusHelp
NortonInternetSecurity(SymantecCorporation)
NortonInternetSecurity
NortonConfidentialCore
NortonProtectionCenter
NortonInternetSecurity
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
``````````````````````````````

Ad-Aware
HijackThis 2.0.2
Java™ 6 Update 13
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````

Norton ccSvcHst.exe
Windows Defender MSASCui.exe
Windows Defender MsMpEng.exe is disabled!
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe is disabled!
``````````````````````````````
DNS Vulnerability Check:
``````````````````````````````


Scan took 594 seconds.
`````````End of Log```````````


At this point in my troubleshooting, my Norton AV came up with a dialog box that said High alert - Objlist was blocked from accessing your network resources - I have no idea what it means. I did a print screen and saved it to a Word file, but I am unable to paste the NAV printed screen object here.


I see that objlist.exe is listed in the Security Check log.


My MBAM log:

Malwarebytes' Anti-Malware 1.36
Database version: 2108
Windows 6.0.6001 Service Pack 1

5/11/2009 12:24:59 PM
mbam-log-2009-05-11 (12-24-59).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 291581
Time elapsed: 2 hour(s), 55 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Kapersky Report

KASPERSKY ONLINE SCANNER 7.0 REPORT
Monday, May 11, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Monday, May 11, 2009 19:13:09
Records in database: 2162472
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan statistics:
Files scanned: 216897
Threat name: 1
Infected objects: 2
Suspicious objects: 0
Duration of the scan: 03:42:04


File name / Threat name / Threats count
C:\Program Files\vol_toolbar\vol_toolbar.dll.old17 Infected: not-a-virus:AdWare.Win32.MegaSearch.p 1
C:\Users\Adminstrator\AppData\Local\Temp\vol_bt_all.exe Infected: not-a-virus:AdWare.Win32.MegaSearch.p 1

The selected area was scanned.

Please let me know what to do with the threats from the Kapersky log.


The overall computer slowness seems to be related to d2.zedo.com and other *.zedo.com and other ad URLs that flash by fairly quickly while loading inner pages at www.boston.com before pictures and formats from www.boston.com itself are able to load.


Questions:

1. I've been doing some reading online about zedo.com. Is it possible for me to manually add *.zedo.com to my hosts file? Would that help? If so, can you please give me VERY explicit instructions? :)

2. Can you suggest what malware detection programs to run on a regular basis? Right now I run the latest fully updated Ad-Aware and updated NAV, as well as automated Windows Vista updates.


Thanks for all your help and suggestions! I await my next tasks! :)

Edited by Amber1106, 11 May 2009 - 09:53 PM.


#5 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 12 May 2009 - 02:05 AM

Hello Amber1106

Norton AV came up with a dialog box that said High alert - Objlist was blocked from accessing your network resources - I have no idea what it means.


Thatís good. Norton is obviously doing its job.
Security programs such as Norton look for a particular type of file. They cannot tell if the file is good or bad.
That is why we usually ask for security programs to be disabled before we run our tools.
So they do not interfere with our tools.

add *.zedo.com to my hosts file?


Yes we can, but first, I would like to try this:
Spyware Blaster has zedo.com in its database, so it should automatically block it.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here

Can you suggest what malware detection programs to run on a regular basis?


I will give you some tips when the computer is clean.

Please let me know what to do with the threats from the Kapersky log.


Locate and delete these files using Windows Explorer.(if present.)

C:\Program Files\vol_toolbar\ vol_toolbar.dll<<<this file
C:\Users\Adminstrator\AppData\Local\Temp\ vol_bt_all.exe <<<<this file.

Please empty the Recycle Bin
Reboot the computer.

Please go HERE to run Panda ActiveScan 2.0
  • Click the big green Scan now button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • Once the scan is completed, please hit the Notepad icon next to the text Export to:
  • Save it to your Desktop
  • Post the contents of the ActiveScan.txt in your next reply along with a fresh HJT log.
Please set a new Restore Point to prevent infection from any previous Restore Points.
The easiest and safest way to do this is:
  • Go to Start > All Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the Restore Point a name then click "Create". The new Restore Point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Go to "Disk Cleanup" which can be found by going to Start > All Programs > Accessories > System Tools.
  • Click "OK" to select the partition or drive you desire.
  • Click the "More Options" Tab.
  • Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.
  • More details and screenshots for Disk Cleanup in Windows Vista can be found here

Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#6 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 12 May 2009 - 11:57 PM

Hi Rocket Grannie -

I deleted those 2 files. I installed SpywareBlaster. After installing SpywareBlaster I also ran the Hosts File tool as directed in the tutorial you linked me to.

Here is my Panda ActiveScan log

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2009-05-13 01:29:40
PROTECTIONS: 3
MALWARE: 65
SUSPECTS: 1
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Norton Internet Security 15.0.0.60 Yes Yes
Windows Defender 1.1.1505.0 No Yes
Norton Internet Security 15.0.0.60 No Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@trafficmp[2].txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@trafficmp[3].txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@trafficmp[3].txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@trafficmp[2].txt
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@trafficmp[1].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@casalemedia[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@casalemedia[3].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@doubleclick[3].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@doubleclick[4].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Adminstrator\AppData\Roaming\Microsoft\Windows\Cookies\Low\adminstrator@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@doubleclick[3].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\loren@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@atdmt[4].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\loren@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Adminstrator\AppData\Roaming\Microsoft\Windows\Cookies\Low\adminstrator@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atdmt[4].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@tradedoubler[3].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@tradedoubler[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@247realmedia[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@247realmedia[3].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@247realmedia[3].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@247realmedia[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@247realmedia[1].txt
00145453 Cookie/Bfast TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@bfast[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@fastclick[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@fastclick[3].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@fastclick[5].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@fastclick[4].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@tribalfusion[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@tribalfusion[3].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@mediaplex[3].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@mediaplex[4].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@linksynergy[1].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@linksynergy[1].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@linksynergy[2].txt
00145881 Cookie/NewMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@anm.co[1].txt
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@clickbank[1].txt
00148840 Cookie/Pollstar TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@pollstar[1].txt
00149064 Cookie/Maxserving TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@maxserving[1].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www.myaffiliateprogram[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@com[3].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\loren@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@com[4].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@com[3].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@yadro[1].txt
00167665 Cookie/Clicktracks TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@stats1.clicktracks[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@xiti[1].txt
00167724 Cookie/HotLog TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@hotlog[2].txt
00167730 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ehg.hitbox[2].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@azjmp[3].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@azjmp[1].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@toplist[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@statcounter[3].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@statcounter[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@statcounter[2].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@statcounter[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ad.yieldmanager[4].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ad.yieldmanager[5].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ad.yieldmanager[3].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@apmebf[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@apmebf[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@burstnet[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@burstnet[1].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@burstnet[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@serving-sys[4].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@serving-sys[3].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@serving-sys[3].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@bs.serving-sys[3].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@bs.serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@bs.serving-sys[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www.burstbeacon[2].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www.burstbeacon[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@www.burstbeacon[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@weborama[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adtech[4].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adtech[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adtech[3].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@server.iad.liveperson[3].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@server.iad.liveperson[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@server.iad.liveperson[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Adminstrator\AppData\Roaming\Microsoft\Windows\Cookies\Low\adminstrator@advertising[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@advertising[3].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@media.adrevolver[3].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@media.adrevolver[4].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@media.adrevolver[5].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@media.adrevolver[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@statse.webtrendslive[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@statse.webtrendslive[1].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@statse.webtrendslive[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ads.pointroll[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ads.pointroll[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ads.pointroll[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ads.pointroll[1].txt
00170549 Cookie/FortuneCity TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@fortunecity[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@overture[3].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@overture[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@realmedia[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@realmedia[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@realmedia[1].txt
00171633 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www5.addfreestats[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@questionmarket[3].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@zedo[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@zedo[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@zedo[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@zedo[4].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@zedo[3].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@bluestreak[3].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@bluestreak[2].txt
00173992 Cookie/Zedo TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@c5.zedo[1].txt
00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@phg.hitbox[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adrevolver[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@adrevolver[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@bravenet[2].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@adultfriendfinder[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@go[2].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@go[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@go[4].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@target[3].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@target[4].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@target[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@target[2].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@target[3].txt
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@did-it[2].txt
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@did-it[2].txt
00216065 Cookie/Screensavers TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@i.screensavers[1].txt
00249100 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www2.addfreestats[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Adminstrator\AppData\Roaming\Microsoft\Windows\Cookies\Low\adminstrator@atwola[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atwola[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Loren\AppData\Roaming\Microsoft\Windows\Cookies\Low\loren@atwola[2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@atwola[3].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@errorsafe[2].txt
00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www1.addfreestats[1].txt
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ehg-dig.hitbox[3].txt
00286739 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ehg-dig.hitbox[2].txt
00293517 Cookie/AdDynamix TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@ads.addynamix[1].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@www.drivecleaner[2].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@stats.drivecleaner[2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@drivecleaner[1].txt
00325830 Cookie/Bridgetrack TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@citi.bridgetrack[2].txt
02908816 Cookie/Starware TrackingCookie No 0 Yes No C:\Users\Erin\AppData\Roaming\Microsoft\Windows\Cookies\Low\erin@h.starware[1].txt
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location T�x��
�9
;===============================================================================
=================================================================================
===================
No C:\Program Files\Dell Games\Dell Game Console\Uninstall.exe T�x��
�9
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description T�x��
�9
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================


Here is my Hijack This! log.

Before the Hijack This scan, I got a dialog box that said For Some Reason your system denied write access to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this. This sentence was followed by instructions on how to edit the hosts file myself.

I've never had this happen when running Hijack This. Does it have to do with running the Hosts file tool with Spyware Blaster? Is there something I should undo in Spyware Blaster to allow Hijack This to scan my hosts file?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:10:52 AM, on 5/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Verizon\McciTrayApp.exe
H:\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ebay.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer

provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common

Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -

C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} -

C:\Program Files\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program

Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program

Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0

\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -

startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32

\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program

Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support

Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support

Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support

Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe

oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem

(User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1723399633-2990472025-3422528551-1004\..\Run: [Sidebar] C:\Program

Files\Windows Sidebar\sidebar.exe /autoRun (User 'Erin')
O4 - HKUS\S-1-5-21-1723399633-2990472025-3422528551-1004\..\Run: [WMPNSCFG] C:\Program

Files\Windows Media Player\WMPNSCFG.exe (User 'Erin')
O4 - S-1-5-21-1723399633-2990472025-3422528551-1004 Startup: Proxomitron - Shortcut.lnk =

C:\Program Files\Proxomitron Naoko-4\Proxomitron.exe (User 'Erin')
O4 - S-1-5-21-1723399633-2990472025-3422528551-1004 User Startup: Proxomitron -

Shortcut.lnk = C:\Program Files\Proxomitron Naoko-4\Proxomitron.exe (User 'Erin')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program

Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager -

file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program

Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program

Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3

\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1

\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) -

http://upload.facebo...toUploader3.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program

Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner -

C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common

Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common

Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccSvcHst.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio

Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program

Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Radialpoint Unicorn Update Service (RPSUpdaterR) - Radialpoint Inc. -

C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter)

- SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common

Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-

LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common

Files\Symantec Shared\Support Controls\ssrc.exe

--
End of file - 9891 bytes

I also successfully created a new restore point and deleted all previous restore points.

I like Spyware Blaster - it runs all the time without needing to scan (of course you need to keep up the definitions).

I am also looking forward to hearing from you which spyware programs to run all the time, not just for myself going forward but because I just bought my college-bound daughter a new Dell laptop that is the equivalent of a Rolls Royce :) specs-wise and once it gets delivered, I want to set it up so she has everything she'll need to keep it safe. In her case, I will probably buy the pay versions of spyware programs to be able to automatcially schedule updates/scans so she doesn't have to remember as much. :)

I look forward to my next tasks here to clean up my computer!!! :) Thanks for your help so far.

#7 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 13 May 2009 - 03:48 AM

Hello Amber1106

Well done! Your logs appear to be clean.

Does it have to do with running the Hosts file tool with Spyware Blaster?


No. All that did was make an encrypted back up copy of your Hosts file.

Is there something I should undo in Spyware Blaster to allow Hijack This to scan my hosts file?


No. It has nothing to do with Spyware Blaster.

Your system is denying HJT write access to the Hosts file. This is normal behavior in Vista.
I would not be concerned. All your scans are clear.
Did you right click HJT and choose run as Administrator?

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections.
Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems.
As happy as we at SWI are to help you, for your sake we would rather not have repeat customers.

Note: All of the programs I am suggesting are either free or have free versions.

All of the following are excellent free antiviruses. Be sure to only install one.

Avast.
AntiVir
PC Tools

Please make sure to run your antivirus software regularly, and to keep it up-to-date. Most programs have an automatic update feature.

Use a Firewall

Some good free firewalls are:
Be sure to only install one.
  • Kerio
  • Online Armor
  • Comodo
  • ZoneAlarm
    NOTE: If choosing Zone Alarm be aware that the free version also installs ZoneAlarm Spy Blocker. It is recommended however that you UNcheck this option.
A tutorial on understanding and using firewalls may be found here

Spybot - Search and Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software.

A tutorial on installing & using this product may be found here

If you use Internet Explorer, it is a good idea to use IE-Spyad for ZonedOut which provides protections against malicious websites. (Requires 2 downloads)

For help to install IE-Spyad, please go here

Please make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware from being installed.
Please set your anti-virus and anti-spyware programs to check for updates automatically. If the programs are not able to update automatically, then I suggest you manually check for updates every few days.

Windows needs to be kept up-to-date.

Windows Updates are available from here

IMPORTANT: Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates, or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

PLEASE NOTE:

A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster and IE-Spyad can be run with any of them.


Hopefully this should take care of your problems!

Safe Surfing:

Rocket Grannie.

Edited by Rocket Grannie, 13 May 2009 - 05:41 AM.

a2.gif


My help is free however if you wish to make a donation please see Here

#8 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 13 May 2009 - 06:59 AM

Your system is denying HJT write access to the Hosts file. This is normal behavior in Vista.
I would not be concerned. All your scans are clear.
Did you right click HJT and choose run as Administrator?



The reason I asked is because the first time I ran HJT for my original post, it didn't give me that dialog box. HJT ran as usual until after Spyware Blaster.

I did not Run As Administrator in either case.

As happy as we at SWI are to help you, for your sake we would rather not have repeat customers.


:) I'd rather not have to post again either. :)


Use a Firewall


I think I am using Windows Vista firewall. I'm not even sure. Can you tell from my various logs whether I'm using one or how do I check?


Spybot - Search and Destroy with its TeaTimer option.


I will read about this. I've had Spybot with TeaTimer before and it seemed intrusive to me - it was always popping up with a dialog box about a registry change I had to allow or deny. Maybe I just wasn't using it properly.


If you use Internet Explorer, it is a good idea to use IE-Spyad for ZonedOut which provides protections against malicious websites. (Requires 2 downloads)


Should I use both IE-Spyad and SpywareBlaster? Is one better than the other? I ask because I just installed Spyware Blaster for this exercise and I'm not sure if I should remove it in favor of IE Spyad.



PLEASE NOTE:

A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster and IE-Spyad can be run with any of them.


I am not completely sure what resident protention or a resident program means but I think I can guess from the context. Would you recommend I uninstall Ad-Aware in favor of Spybot? I had both before and it seemed like they each picked up different things but maybe they clashed with each other and that might be why I thought Spybot was intrusive.

Thank you for all your help! I really appreciate it. I am looking forward to going back to Boston.com and not seeing zedo.com in the system tray! :)

#9 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 13 May 2009 - 02:10 PM

Hello Amber1106

I am sorry for the confusion.
I included the information on the antivirus programs and the firewalls for your daughterís computer.

The problem with HJT has nothing to do with Spyware Blaster being installed.
To run HJT properly on a Vista system you right click HJT and choose run as Administrator.

Your computer

You are running:
Norton firewall. Windows Firewall is disabled.
Norton antivirus.
Ad-Aware.
Windows Defender.
Spyware Blaster.

Spyware Blaster is a passive scanner.
It can be run with real time scanners.

IE-Spyad is a passive scanner.
It can be run with real time scanners.

IE-Spyad and Spyware Blaster do two different things.
They can be run together.

Real-time means the program is monitoring the computer all the time.
You can have more than one real time program on the computer, but only one of them can be running real time protection.

Ad-Aware---Windows Defender---Spybot are all real time programs.
So real time scanning must be turned off in two of them.
You can keep them and use them for regular scanning.

To turn off:

Ad-Aware---turn off Ad Watch.

To disable AdWatch:
Open AdAware SE.
Go to AdWatch User Interface.
Go to Tools and Preferences. At the bottom of the screen you will see 2 options Active and Automatic.
Active: This will turn Ad-Watch On\Off without closing it
Automatic: Suspicious activity will be blocked automatically
Please uncheck both options.

Windows Defender
Go tools>>Options>>scroll down to Real-time protection options and untick the box.

Spybot---turn off TeaTimer.

1) Run Spybot-S&D
2) Go to the Mode menu, and make sure "Advanced Mode" is selected
3) On the left hand side, choose Tools -> Resident
4) Uncheck "Resident TeaTimer" and OK any prompts

Spybot will not allow any changes to be made to the Registry without permission.

it was always popping up with a dialog box about a registry change I had to allow or deny

This is normal.

Slow computer

Take a look at this page created by miekiemoes, one of the Global Moderators here, on slow systems, and some things you can try to do to try to improve it. Help! My computer is slow!

You may also find this helpful: Slow Computer?

Unnecessary processes running at startup can cause a system slowdown.

Please download Malwarebytes' StartUpLite and save it to your Desktop.
Double-click StartUpLite.exe to run the program.

This will display all unnecessary startup entries.
Select all options you would like executed, then select Continue.

I recommend you disable them all, and see if there is any improvement in the computer's speed.

I hope this helps.


Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#10 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 14 May 2009 - 06:46 AM

Hi Rocket Grannie -

My computer is noticeably faster - thank you!!!!!!!!!!!!!!

Especially at Boston.com, it is no longer looking for zedo.com thanks to SpywareBlaster.

I updated my Ad-Aware to the 2009 Anniversary Edition. I will also be downloading Spybot and now I understand about not having 2 real-time protections running.

I will also be downloading IE-Spyad since you said it can run together with SpywareBlaster and I want all the protection I can get! :)

Thank you again for all your help, your clear and succinct instructions and your timely responses. I appreciate it!!

Amber1106

#11 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 14 May 2009 - 06:27 PM

Hello Amber1106

Thank you again for all your help, your clear and succinct instructions and your timely responses. I appreciate it!!


You are welcome.
a2.gif


My help is free however if you wish to make a donation please see Here

#12 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 14 May 2009 - 06:27 PM

Since the issue appears to be resolved this Topic is closed.

[Reopened]
Everyone else please begin a New Topic.
a2.gif


My help is free however if you wish to make a donation please see Here

#13 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 17 May 2009 - 04:55 PM

Reopened at request of topic owner.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#14 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 17 May 2009 - 06:46 PM

Hello Amber1106

Zedo.com

Persistent little vegemite isnít it?

Letís try adding all of its links to the Hosts file.

For instructions how to modify the Hosts file, please go here

Copy/paste the list in the quote box into the Hosts file.

127.0.0.1 zedo.com
127.0.0.1 ads.zedo.com
127.0.0.1 c1.zedo.com
127.0.0.1 c2.zedo.com
127.0.0.1 c3.zedo.com
127.0.0.1 c4.zedo.com
127.0.0.1 c5.zedo.com
127.0.0.1 c6.zedo.com
127.0.0.1 c7.zedo.com
127.0.0.1 c8.zedo.com
127.0.0.1 g.zedo.com
127.0.0.1 l1.zedo.com
127.0.0.1 l5.zedo.com
127.0.0.1 simg.zedo.com
127.0.0.1 ss2.zedo.com
127.0.0.1 www.zedo.com
127.0.0.1 xads.zedo.com
127.0.0.1 y.zedo.com
127.0.0.1 z.zedo.com



For Firefox:

Please go here and install Adblock Plus.
You can use this add-on to block any unwanted ads.

Please let me know how you go.


Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#15 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 17 May 2009 - 07:28 PM

Hi Rocket Grannie -

I've heard that vegemite is nasty stuff! :)

Can you please give me more specific directions for getting to the hosts file?

I went into C:/Windows/System32/drivers/etc/ and found

Hosts
lmhosts.sam

When I doubleclick on Hosts, it asks me which program I want to use to open it. There are a ton of them. I chose Notepad and got this:

Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

This is the contents of the lmhosts file from Notepad - again, no list to add to.

# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample LMHOSTS file used by the Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to computernames
# (NetBIOS) names. Each entry should be kept on an individual line.
# The IP address should be placed in the first column followed by the
# corresponding computername. The address and the computername
# should be separated by at least one space or tab. The "#" character
# is generally used to denote the start of a comment (see the exceptions
# below).
#
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:<domain>
# #INCLUDE <filename>
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:<domain>" tag will associate the
# entry with the domain specified by <domain>. This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The <domain> is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE <filename>" will force the RFC NetBIOS (NBT)
# software to seek the specified <filename> and parse it as if it were
# local. <filename> is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.
#
# The following example illustrates all of these extensions:
#
# 102.54.94.97 rhino #PRE #DOM:networking #net group's DC
# 102.54.94.102 "appname \0x14" #special app server
# 102.54.94.123 popular #PRE #source server
# 102.54.94.117 localsrv #PRE #needed for the include
#
# #BEGIN_ALTERNATE
# #INCLUDE \\localsrv\public\lmhosts
# #INCLUDE \\rhino\public\lmhosts
# #END_ALTERNATE
#
# In the above example, the "appname" server contains a special
# character in its name, the "popular" and "localsrv" server names are
# preloaded, and the "rhino" server name is specified so it can be used
# to later #INCLUDE a centrally maintained lmhosts file if the "localsrv"
# system is unavailable.
#
# Note that the whole file is parsed including comments on each lookup,
# so keeping the number of comments to a minimum will improve performance.
# Therefore it is not advisable to simply add lmhosts file entries onto the
# end of this file.


I was expecting to get a list just like the one you typed for me in the quotes above, but instead they seem to be instructions and samples. Where do I paste those zedo addresses?

thank you and I'm sorry to be so clueless about this. I didn't get the error message that was discussed in the link you sent me.

Thanks

Amber1106

#16 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 17 May 2009 - 08:49 PM

Hello Amber1106

I've heard that vegemite is nasty stuff!


I think it is a uniquely Australian thing.
Itís great on toast first thing in the morning.

Before going any further please open Spyware Blaster>>>Tools>>>Hosts Safe and make sure you have a backup copy of the Hosts File.
If you donít, then please create one.

Okay, letís try it this way:

Please go here
You are given three choices to update. Select the one you feel most comfortable with.
Personally, I would select the send to option, then you will have that link available to add more sites in the future.

At the bottom of the page are utilities you can use to update the Hosts file. If you would prefer to use one of these.
I recommend using HostsXpert.

Hope this helps.


Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#17 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 18 May 2009 - 07:27 AM

I made a backup copy of the Hosts file using SpywareBlaster. It's encrypted, though, I think, so I'm not sure how I'd be able to use the backup if I needed to.

I was reading the directions of the SendTo method from your link and I just want to clarify before I do this. The Update Hosts new folder that I make is a copy of my existing Hosts file that I then have the opportunity to cut and paste new addresses to?

And - should I download that hosts.zip file they mention?

In the future when you wish to update the HOSTS file, download the "hosts.zip", extract the included files and right-click on the included updated HOSTS file and select: SendTo > Update Hosts


This instance *is* the future when I want to update the Hosts file, right? :)

Then once I Copy and Replace, it says to open the Hosts file and paste custom entries. Would I be opening the original Hosts file I had or the new Update Hosts folder I just created?

Thanks - sorry for all the questions but I do know of someone that really messed up her computer by replacing her existing Hosts file with something she found online (but probably not with expert help like you are giving me!). I just want to be sure that I don't replace something I'm not supposed to. I was really confused when I opened my Hosts file - I was expecting to see a list of addresses like the zedo ones you want me to paste in but all there was in my Hosts file were instructions.

#18 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 18 May 2009 - 09:48 PM

Hello Amber1106

What you found is your Hosts file.

Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost


As it states--- This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
All the lines that start with # are for information only, and could be deleted.
The actual Hosts file starts here:
127.0.0.1 localhost
::1 localhost
This must be the first line in every Hosts file.

Please follow the instructions here to modify it.

In Step 8) copy/paste the zedo list underneath ::1 localhost.
Your new Hosts file will look like this:

Copyright © 1993-2006 Microsoft Corp.
#
[b]# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.[/b]
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost
127.0.0.1 zedo.com 
127.0.0.1 ads.zedo.com 
127.0.0.1 c1.zedo.com 
127.0.0.1 c2.zedo.com 
127.0.0.1 c3.zedo.com 
127.0.0.1 c4.zedo.com 
127.0.0.1 c5.zedo.com 
127.0.0.1 c6.zedo.com 
127.0.0.1 c7.zedo.com 
127.0.0.1 c8.zedo.com 
127.0.0.1 g.zedo.com 
127.0.0.1 l1.zedo.com 
127.0.0.1 l5.zedo.com 
127.0.0.1 simg.zedo.com 
127.0.0.1 ss2.zedo.com 
127.0.0.1 www.zedo.com 
127.0.0.1 xads.zedo.com 
127.0.0.1 y.zedo.com 
127.0.0.1 z.zedo.com

Please let me know how you get on.



Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#19 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 19 May 2009 - 08:41 PM

Hi Rocket Grannie -

That was easy! Thank you! I also added d2.zedo.com because that's the one that's bugging me on Boston.com.

I also ordered more memory from Dell. I'm running 1 GB and we have so much stuff on this computer after 2 years I thought more memory would help. I ordered 4 GB - it was pretty cheap and I hope I see a difference there, too.

Thank you for all your help! I learned a lot but I hope I won't be posting for awhile! :)

Amber1106

#20 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 19 May 2009 - 10:19 PM

Hello Amber1106

That was easy!


Great! I suggest you bookmark that site for future reference.

Every time you change your Hosts file you can create a backup of the new file with Spyware Blaster.
On the same page, you can delete old backups, and restore your Hosts file from a backup.

I also added d2.zedo.com


You're getting to be a real pro--- :rofl:

I also ordered more memory from Dell.


Smart idea!
Vista needs at least 2 GB of ram.
With 4 GB Iím sure youíll notice a difference in speed.

Thank you for all your help!


You are welcome.

To clean your temporary files and cookies on a regular basis I suggest you download CCleaner.
It is a simple program that clears all the rubbish you accumulate from the Internet.
Note: Do NOT use its Registry cleaner.
Registry cleaners do very little good, but can do major damage to the Registry.

Please download CCleaner (freeware) from here.
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner.

The following should be selected by default, if not, please select:
Posted Image

Then please click Posted Image and choose Posted Image

Please uncheck Posted Image

Then go back to Posted Image and click Posted Image to run it.


Rocket Grannie
a2.gif


My help is free however if you wish to make a donation please see Here

#21 Amber1106

Amber1106

    Member

  • Full Member
  • Pip
  • 65 posts

Posted 20 May 2009 - 08:28 AM

Hi Rocket Grannie -

I am going back through this thread and being sure to do all the other things that you suggested - like the Cleaner program and IE Spyad, etc.

I have a question, and honestly it's just a question because this has gone on so long and I truly believe my computer is performing much better. Although I added d2.zedo.com to my Hosts file, I still see it at the Boston.com website. Why is that?

As far as I can see, when I go beyond the homepage of Boston.com into Sports or another section, lots of ads, and legitimate Boston.com photos and formatting things go flying by in the lower left system tray. The d2.zedo.com address is followed by many characters and forward slashes and is impossible to note exactly since there are so many and (thankfully!) it is flying by quickly - much quicker than before.

Does the EXACT address need to be in the Hosts file in order to block it? OR... is the site being blocked by the Hosts file but it still shows up in the lower left system tray area as it flashes by trying to connect to its server?

Thanks for the information!

Amber1106

#22 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 21 May 2009 - 04:16 PM

Hello Amber1106

Please delete your entry for d2.zedo.com, then add the following sites to the Hosts file, then make a backup.

127.0.0.1 d2.zedo.com
127.0.0.1 d3.zedo.com
127.0.0.1 d7.zedo.com
127.0.0.1 d13.zedo.com

This tutorial here gives an excellent explanation of the Hosts file.

You can also use Firefox with the Adblock Plus add-on.

Please go here and install Adblock Plus.
You can use this add-on to block any unwanted ads.

I hope this helps.


Rocket Grannie.

Edited by Rocket Grannie, 26 May 2009 - 07:48 AM.

a2.gif


My help is free however if you wish to make a donation please see Here

#23 Rocket Grannie

Rocket Grannie

    SWI Australian Rebel

  • Administrators
  • PipPipPipPipPip
  • 7,969 posts

Posted 29 May 2009 - 06:08 PM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
a2.gif


My help is free however if you wish to make a donation please see Here




Member of UNITE
Support SpywareInfo Forum - click the button