Bad news...you failed to update MBA-M before the scan. Your database shows as
Database version: 8271
Same database as shown on your original scan done on November 29th. MBA-M has multiple updates DAILY. This is why the very first thing that must be done before each and every scan, even for scans run on the very same day, is to check for updates. The current database is 8295 so your program is out of date.

You need to update it again and run another Full Scan. Have it remove everything found and Reboot.
Post back here with the log.


Malwarebytes' Anti-Malware

Database version: 8295

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/2/2011 10:48:50 PM
mbam-log-2011-12-02 (22-48-50).txt

Scan type: Full scan (C:\|)
Objects scanned: 421248
Time elapsed: 52 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I also ran another scan with Super Anti Spyware. This was earlier
SUPERAntiSpyware Scan Log

Generated 12/02/2011 at 09:46 PM

Application Version : 5.0.1136

Core Rules Database Version : 8005
Trace Rules Database Version: 5817

Scan type : Quick Scan
Total Scan Time : 00:07:20

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 661
Memory threats detected : 0
Registry items scanned : 59914
Registry threats detected : 0
File items scanned : 13987
File threats detected : 44

Adware.Tracking Cookie
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\TMLC53WF.txt [ /ads.bleepingcomputer.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\XKB36RTE.txt [ /adxpose.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\7UO14QZN.txt [ /interclick.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\ZTAE2I32.txt [ /kaspersky.122.2o7.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\G3QQN94Z.txt [ /pointroll.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\F5QVOSV9.txt [ /fastclick.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\2G9V2WN6.txt [ /doubleclick.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\9UDWFK4K.txt [ /apmebf.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\SZV2N46M.txt [ /ads.pointroll.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\RMZ6AKXT.txt [ /adbrite.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\G8XLKTQJ.txt [ /casalemedia.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\PC9AEONR.txt [ /ad.yieldmanager.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\CV5HRAL0.txt [ /advertise.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\V8XU6710.txt [ /kontera.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\NAZV7HP4.txt [ /richmedia.yahoo.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\37LUACU9.txt [ /a1.interclick.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\6TAIKYCJ.txt [ /serving-sys.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\308GPFQ2.txt [ /yieldmanager.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\51K834S2.txt [ /atdmt.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\MPUO8OS7.txt [ /imrworldwide.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\VC54PLNZ.txt [ /bs.serving-sys.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\CBY8E62O.txt [ /legolas-media.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\CAJ21VYC.txt [ /adserver.zonemedia.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\I6WFFMFB.txt [ /questionmarket.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\F8Q191RN.txt [ /ad.wsod.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\JF2IT1V1.txt [ /invitemedia.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\0E7Y02UZ.txt [ /xml.mediality.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\L3689BEY.txt [ /eighteen25.blogspot.com ]
C:\USERS\ROMANSKI\Cookies\XKB36RTE.txt [ Cookie:romanski@adxpose.com/ ]
C:\USERS\ROMANSKI\Cookies\7UO14QZN.txt [ Cookie:romanski@interclick.com/ ]
C:\USERS\ROMANSKI\Cookies\G3QQN94Z.txt [ Cookie:romanski@pointroll.com/ ]
C:\USERS\ROMANSKI\Cookies\F5QVOSV9.txt [ Cookie:romanski@fastclick.net/ ]
C:\USERS\ROMANSKI\Cookies\9UDWFK4K.txt [ Cookie:romanski@apmebf.com/ ]
C:\USERS\ROMANSKI\Cookies\SZV2N46M.txt [ Cookie:romanski@ads.pointroll.com/ ]
C:\USERS\ROMANSKI\Cookies\PC9AEONR.txt [ Cookie:romanski@ad.yieldmanager.com/ ]
C:\USERS\ROMANSKI\Cookies\CV5HRAL0.txt [ Cookie:romanski@advertise.com/ ]
C:\USERS\ROMANSKI\Cookies\V8XU6710.txt [ Cookie:romanski@kontera.com/ ]
C:\USERS\ROMANSKI\Cookies\NAZV7HP4.txt [ Cookie:romanski@richmedia.yahoo.com/ ]
C:\USERS\ROMANSKI\Cookies\6TAIKYCJ.txt [ Cookie:romanski@serving-sys.com/ ]
C:\USERS\ROMANSKI\Cookies\308GPFQ2.txt [ Cookie:romanski@yieldmanager.net/ ]
C:\USERS\ROMANSKI\Cookies\MPUO8OS7.txt [ Cookie:romanski@imrworldwide.com/cgi-bin ]
C:\USERS\ROMANSKI\Cookies\VC54PLNZ.txt [ Cookie:romanski@bs.serving-sys.com/ ]
C:\USERS\ROMANSKI\Cookies\0E7Y02UZ.txt [ Cookie:romanski@xml.mediality.com/ ]
C:\USERS\ROMANSKI\Cookies\L3689BEY.txt [ Cookie:romanski@eighteen25.blogspot.com/ ]

This was just now! How can I avoid getting tracking cookies?

SUPERAntiSpyware Scan Log

Generated 12/02/2011 at 10:58 PM

Application Version : 5.0.1136

Core Rules Database Version : 8005
Trace Rules Database Version: 5817

Scan type : Quick Scan
Total Scan Time : 00:08:38

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 646
Memory threats detected : 0
Registry items scanned : 59914
Registry threats detected : 0
File items scanned : 17242
File threats detected : 18

Adware.Tracking Cookie
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\UXOZVXSZ.txt [ /fastclick.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\RIS0DVH1.txt [ /doubleclick.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\1F670E1Y.txt [ /apmebf.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\G07TSPRT.txt [ /revsci.net ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\8SC0Q08X.txt [ /ad.yieldmanager.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\UAGHN5V7.txt [ /casalemedia.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\0ADG308K.txt [ /adbrite.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\F5WMKTOU.txt [ /dmtracker.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\13988XTO.txt [ /atdmt.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\FD115QSM.txt [ /imrworldwide.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\QV9UT6PF.txt [ /ad.wsod.com ]
C:\Users\Romanski\AppData\Roaming\Microsoft\Windows\Cookies\528168X9.txt [ /invitemedia.com ]
C:\USERS\ROMANSKI\Cookies\UXOZVXSZ.txt [ Cookie:romanski@fastclick.net/ ]
C:\USERS\ROMANSKI\Cookies\1F670E1Y.txt [ Cookie:romanski@apmebf.com/ ]
C:\USERS\ROMANSKI\Cookies\G07TSPRT.txt [ Cookie:romanski@revsci.net/ ]
C:\USERS\ROMANSKI\Cookies\8SC0Q08X.txt [ Cookie:romanski@ad.yieldmanager.com/ ]
C:\USERS\ROMANSKI\Cookies\F5WMKTOU.txt [ Cookie:romanski@dmtracker.com/ ]
C:\USERS\ROMANSKI\Cookies\FD115QSM.txt [ Cookie:romanski@imrworldwide.com/cgi-bin ]


Your SUPERAntispyware is also out of date. Current versions are:
Core Definitions 8012
Trace Definitions 5824
The number one rule using any security program is UPDATE before each scan, always. It should become routine to do this, without having to think about it.

To not get tracking cookies you need to configure your browser correectly which is to block them.
In IE do the following;
go to Tools, Internet Options, Privacy, Advanced, and put a tick in Accept 1st Party Cookies and one in Block 3rd party cookies. OK your way out.

Also a key program to use that will also help to prevent tracking cookies is the program SpywareBlaster from JavaCool. It is FREE.


Download, install, UPDATE and then Enable ALL protection and then close the program. This one does NO scanning, it does NOT run in the background but it BLOCKS spyware, adware, browser hijackers, and dialers. It will
Prevent the installation of ActiveX-based spyware and other potentially unwanted programs.
Block spying / tracking via cookies.
Restrict the actions of potentially unwanted or dangerous web sites.

It absolutely, positively works exactly as it says it does. I would never run a computer without this installed and fully enabled. It does not update daily. It generally has updates every couple weeks and you will have to remember to check manually for updates. If there are any then install them and remember to then again ENABLE ALL Protection and close the program.

Now IF the computer is running correctly there are several other things that you absolutely must do:
1st of all your Java is out of date. Current version is 6 update 29.

You need to go into the Control Panel to Programs/ Uninstall a Program and uninstall the following:
J2SE Runtime Environment 5.0 Update 17
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 26

Once you have Uninstalled all of the above then go to this page:

You need to download BOTH the 32bit version AND the 64bit version. Both are required on a 64bit system. Download each install file and SAVE them to the DESKTOP. Then CLOSE your browsers.

Double click on each file, one at a time, and install each version.

You also have an extraordinarily large number of unnecessary auto starting programs. All of the ones I will give you do not need to auto start and run all the time. They can easily be run manually when needed.

To control your auto starting programs I recommend that you use another free program called CodeStuff Starter, you can get it from here:


Download, install and then open the program. You will see three Tabs.
Startups, these show the programs that run automatically everytime you start the computer and therefore run all the time in the background even if you are not using them. The second Tab is Processes, this is similar to the Task manager. The third Tab is Services, similar to Administrative tools, Services.

The Tab you want open is Start ups. On the left side click on All Sections. This will show you All the programs listed in the various sections below that.
Go through the list of programs in the large window to the right and remove the check marks from the following:

Facebook Update
Akamai NetSession Interface
HP Software Update
Adobe Reader Speed Launcher
Adobe ARM
SwitchBoard (this program is no longer supported and likely should be removed)
QuickTime Task
Malwarebytes' Anti-Malware
OpenOffice.org 3\program\quickstart.exe

Once you have removed the check marks close the program and reboot the computer.

Do all of the above and then post back on how things are running. It is quite late here where I live and I cannot stay anymore this evening but I will come back to see how things are going so please post back and let me know.

One more thing, I have another question, how long does your McAfee subscription run??

Edited by jholland1964: n/a


Thanks. I realized that the Super Anti Spyware needed updated after I posted that. I updated it, ran another scan it found 9 more adware.
So far everything is running great. A lot of the things on the start up list has been uninstalled previously. NortonOnlineBackupReminder and Spotify for example. How can I make sure that when I uninstall something it fully leaves my computer?

My McAfee ends in February. I wasn't too happy with it. Especially since I called their tech team first about this problem because I am positive it came from a pop up saying it was a Google update, which came from a website their siteadvisor said was okay. They were horrible and only said they would fix it if I paid $90! Do you have a recomendation for a better one?

Also, should I keep all of these installed programs on my computer (Malwarebytes, SuperAntiSpryware,TDSSKiller, HiJackThis, CodeStuffStarter)?


Glad to hear all is running well. Hope you did update the Java. This is very important, it does help you view websites properly AND keeping it updated also helps with security.I also hope that you did install SpywareBlaster, very important piece of protection every computer should have installed.

Go to Add/Remove and Uninstall HijackThis.
You can just Delete TDSSKiller, RKill and DDS Scanner as those are all executable files and are not installed and are for use only in situations like this. If you would ever need them again, new copies should always be used, hopefully that will never happen again.

KEEP CodeStuff and use it if you feel there is something auto starting that you don't need.
KEEP SUPERAntispware and Malwarebytes and update them every week and do a scan with each, at least once a week. The Malwarebytes' scan can be a Quick scan, not always a full one. If something is found have the program remove it and then reboot and immediately update again and do a full scan. If it's clean then just close the program. Weekly scans with both of those are as important as the weekly scans with your anti-virus program, as you have found. Those two programs look for things that the average anti-virus program doesn't look for or find.

Now, about your McAfee. Obviously it didn't work as it should and you certainly didn't "get your money's worth". Even though your license runs until February I truly would advise that you unintall it and install a new anti-virus program. It contains a firewall which also obviously didn't work well either.
If you uninstall McAfee then be sure to turn ON the built in Windows 7 firewall. It really does an excellent job and of course it is free because it comes with the operating system. You really don't need another.

There are several FREE anti-virus programs available and I highly recommend that you choose one of these and install. Avast is one and can be downloaded from here:

The other is Avira 2012 Free. Avira happens to be the one I use so I know more about it but you can choose either one. Both are excellent and score much higher on independent testing than McAfee.

Both offer protection against rootkits, which is what you had on the computer. McAfee obviously did not give this protection.

To uninstall McAfee completely do the following:
Click Start, Search, type Programs and Features, and click Go.
Double-click Programs and Features.
Select the McAfee SecurityCenter
Click Uninstall and follow the steps provided.
To then be certain that ALL parts of McAfee are completely removed continue with this step. You do need to be sure everything is totally gone.

Download the MCPR.exe removal tool from http://download.mcafee.com/products/licensed/cust_support_patches/MCPR.exe.
Click Save, and save the file to a folder on your computer.
Navigate to the folder where the file was saved.
Ensure that all McAfee windows are closed.
Double-click MCPR.exe to run the removal tool.
NOTE: Windows 7 users must right-click MCPR.exe and select Run as Administrator.
Restart your computer after receiving the message CleanUp Successful.
Your McAfee product will not be fully removed until the system is restarted.

After McAfee is totally removed then install a new anti-virus program, I stress again, BOTH of the ones noted are FREE.
As I said, I personally use Avira, I don't work for them or anything so that is not why I recommend it, I use it and that is why I know more about it. Here are the Avira 2012 install instructions:

Here is the direct link from Avira

Click the .exe button, it is the TOP button. You can save it wherever you can easily find it, I chose My Desktop.

Before you begin the install CLOSE all unnecessary programs, browsers, email, etc.
To begin, double click the executable file to start installation. Vista and Windows 7 users must run this executable as Admininistrator.

Before installation the installer will scan your system for other security programs installed. Avira Free AntiVirus 2012 may warn you of POSSIBLE incompatible security software on your system like SUPERAntispyware and Malwarebytes' Anti-Malware or SpywareBlaster. It is just a warning of POSSIBLE conflicts and you do not need to uninstall these software programs. Just install Avira Free AV and everything is OK. I was warned about all of those, I IGNORED the warning, I still have the programs and they ARE working fine. The warning is of POSSIBLE conflicts, not absolutes. I say again, you DO NOT have to uninstall the programs you may receive a warning about.
Just IGNORE the warning and click NEXT.
One of the first screens you will see is Choose Installation Type choose CUSTOM INSTALL then click Next.
The next screen you will see is titled Web Protection with Avira Search Free Tool Bar for your browser.
You DO NOT need this. So DO NOT insert check marks to accept this.
Just click the NEXT button.
Next screen shows Install Components. Check marks are all ready in place as these are the Default choices. Just click Next.
Next screen is Advanced Heuristic Analysis and Detection. Default is Medium. Just click Next.
After that installation will proceed to the end, showing you various screens.
When complete the program should update to latest definitions and then do a short scan.

After the program is installed you will have to set up the scan schedule. The update schedule is set up automatically by the program install and will likely be done each day at the same time you originally installed the program.
One thing you WILL see everyday when the program updates is a very large Pop Up screen urging you to purchase the paid version. This is "part of the price you pay" for using the Free version, Just "x" out of that large pop up and take it as an indication the program has updated. There are also small sliders that pop up just above the little red umbrella in your system tray on the lower right side of the task bar. You don't usually have to do anything with these, they should disappear quickly. If they don't disappear either click the tiny "x" on the upper right corner or click OK. Either one should close the slider. This appears on both the paid and free versions.

You need to Schedule a weekly scan yourself. My print screens show you how to do this. They are pretty self explanatory but if you have questions don't hesitate to ask. One thing Avira Free does not do is scan individual emails. This truly is not needed. If an email would happen to come onto the computer Avira WILL notify you an unwanted program or file has come onto the computer and will ask if you want to remove it of course say yes.

Attachments Avira_Scheduler.jpg 76.06 KB Avira_system_scan_1.jpg 57.81 KB Avira_system_scan_2.jpg 46.32 KB Avira_system_scan_3.jpg 43.85 KB Avira_system_scan_4.jpg 55.78 KB Avira_system_scan_5.jpg 42.82 KB
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.