Game account hacked 2 times in 2 days with logs

got a new computer a couple months back and have been very careful of what I put on it, however, when I woke up yesterday I found out my battle.net account was hacked, I got access restored and changed passwords and all. Then I woke up this morning and the same thing happened over night. So I ran avast (no threat found), superantisypware (deleted the cookies), malwarebytes (fixed what was found), hijackthis, and windows defender () and here are the logs:



SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 07/08/2012 at 11:12 AM

Application Version : 5.5.1006

Core Rules Database Version : 8862
Trace Rules Database Version: 6674

Scan type : Quick Scan
Total Scan Time : 00:14:28

Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 771
Memory threats detected : 0
Registry items scanned : 29030
Registry threats detected : 0
File items scanned : 14188
File threats detected : 224

Adware.Tracking Cookie
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\DLHZSI6H.txt [ /bs.serving-sys.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\RRV5GB4B.txt [ /revsci.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\W70OP4GM.txt [ /fastclick.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\5KOLL0K2.txt [ /tribalfusion.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\TH93SIAT.txt [ /a1.interclick.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\RMM151K4.txt [ /advertising.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\DLS53QSP.txt [ /imrworldwide.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\YZIYZ191.txt [ /ads.pubmatic.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\LOZKKR2M.txt [ /ad.yieldmanager.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\K46DY9U0.txt [ /collective-media.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\PS2NKOUD.txt [ /atdmt.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\WDTGG521.txt [ /serving-sys.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\UCUQC8Z7.txt [ /adlegend.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\8U85KMY1.txt [ /zedo.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\W13A5R7Q.txt [ /media6degrees.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\5VOGQ5VM.txt [ /ru4.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\YO6BEJFB.txt [ /casalemedia.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\DLVBF9ZP.txt [ /questionmarket.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\VCO3LEXU.txt [ /interclick.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\1MQ1Q13M.txt [ /invitemedia.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\QV8E51AT.txt [ /yieldmanager.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\J4QHVXGZ.txt [ /lucidmedia.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\CURFFQX8.txt [ /pro-market.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\UQ0W6JGQ.txt [ /at.atwola.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\R9AL6H2I.txt [ /legolas-media.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\T0BQJ1EV.txt [ /doubleclick.net ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\J2R4QQQF.txt [ /mediaplex.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\2YSJDSPW.txt [ /adbrite.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\QNYJDXFW.txt [ /adserver.adtechus.com ]
C:\Users\Shaun\AppData\Roaming\Microsoft\Windows\Cookies\D67U8Y7O.txt [ /apmebf.com ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@revsci[1].txt [ Cookie:shaun@revsci.net/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@imrworldwide[2].txt [ Cookie:shaun@imrworldwide.com/cgi-bin ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@ad.yieldmanager[2].txt [ Cookie:shaun@ad.yieldmanager.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@collective-media[2].txt [ Cookie:shaun@collective-media.net/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@verizontelecom.112.2o7[1].txt [ Cookie:shaun@verizontelecom.112.2o7.net/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@in.getclicky[1].txt [ Cookie:shaun@in.getclicky.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@verizon[4].txt [ Cookie:shaun@verizon.com/vztracker/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@hitbox[2].txt [ Cookie:shaun@hitbox.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@www.googleadservices[1].txt [ Cookie:shaun@www.googleadservices.com/pagead/conversion/1032882166/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@c.atdmt[2].txt [ Cookie:shaun@c.atdmt.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@questionmarket[2].txt [ Cookie:shaun@questionmarket.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@invitemedia[1].txt [ Cookie:shaun@invitemedia.com/ ]
C:\USERS\SHAUN\AppData\Roaming\Microsoft\Windows\Cookies\Low\shaun@ehg-verizon.hitbox[2].txt [ Cookie:shaun@ehg-verizon.hitbox.com/ ]
C:\USERS\SHAUN\Cookies\DLHZSI6H.txt [ Cookie:shaun@bs.serving-sys.com/ ]
C:\USERS\SHAUN\Cookies\RRV5GB4B.txt [ Cookie:shaun@revsci.net/ ]
C:\USERS\SHAUN\Cookies\W70OP4GM.txt [ Cookie:shaun@fastclick.net/ ]
C:\USERS\SHAUN\Cookies\TH93SIAT.txt [ Cookie:shaun@a1.interclick.com/ ]
C:\USERS\SHAUN\Cookies\DLS53QSP.txt [ Cookie:shaun@imrworldwide.com/cgi-bin ]
C:\USERS\SHAUN\Cookies\LOZKKR2M.txt [ Cookie:shaun@ad.yieldmanager.com/ ]
.imrworldwide.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\K46DY9U0.txt [ Cookie:shaun@collective-media.net/ ]
.imrworldwide.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\WDTGG521.txt [ Cookie:shaun@serving-sys.com/ ]
.dmtracker.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\UCUQC8Z7.txt [ Cookie:shaun@adlegend.com/ ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\8U85KMY1.txt [ Cookie:shaun@zedo.com/ ]
C:\USERS\SHAUN\Cookies\W13A5R7Q.txt [ Cookie:shaun@media6degrees.com/ ]
C:\USERS\SHAUN\Cookies\5VOGQ5VM.txt [ Cookie:shaun@ru4.com/ ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\DLVBF9ZP.txt [ Cookie:shaun@questionmarket.com/ ]
C:\USERS\SHAUN\Cookies\VCO3LEXU.txt [ Cookie:shaun@interclick.com/ ]
.doubleclick.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SHAUN\Cookies\1MQ1Q13M.txt [ Cookie:shaun@invitemedia.com/ ]
C:\USERS\SHAUN\Cookies\QV8E51AT.txt [ Cookie:shaun@yieldmanager.net/ ]
C:\USERS\SHAUN\Cookies\CURFFQX8.txt [ Cookie:shaun@pro-market.net/ ]
C:\USERS\SHAUN\Cookies\2YSJDSPW.txt [ Cookie:shaun@adbrite.com/ ]
C:\USERS\SHAUN\Cookies\QNYJDXFW.txt [ Cookie:shaun@adserver.adtechus.com/ ]
C:\USERS\SHAUN\Cookies\D67U8Y7O.txt [ Cookie:shaun@apmebf.com/ ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sportingnews.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nhl.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.premiumtv.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.timeinc.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
data.coremetrics.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saxogoerie.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.boostmobile.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitedaily.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pittsburghpostgazette.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitedaily.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitedaily.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.elitedaily.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bissell.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.newbalance.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.andomedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nandomedia.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media2.legacy.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
3DStats.com - Professional Website statistics in real time [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accounts.google.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.wegmansfoods.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.olx-st.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.olx.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.olx.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tracking.olx.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.olx-st.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.onestat.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media2.legacy.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findagrave.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findagrave.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findagrave.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Find A Grave - Millions of Cemetery Records [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findagrave.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.findagrave.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gsimedia.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media2.legacy.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gsimedia.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gsimedia.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.waterfrontmedia.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.usatoday1.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstmagazines.112.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.BurstMedia [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
BurstMedia [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
Cracked.com - America's Only Humor Site | Cracked.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\SHAUN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


Malwarebytes Anti-Malware 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: v2012.07.08.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Shaun :: SHAUN-PC [administrator]

7/8/2012 11:13:44 AM
mbam-log-2012-07-08 (11-13-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215489
Time elapsed: 7 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCR\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D9E1ADC-7DB1-4EAF-B6C7-7E062074E6BE} (PUP.BlekkoSearchBar) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Logfile of HijackThis v1.99.1
Scan saved at 12:12:39 PM, on 7/8/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Shaun\AppData\Local\Apps\2.0\BJVJM1J9.D8D\52HQV11T.C76\curs..tion_9e9e83ddf3ed3ead_0005.0001_31b318dc2771b66c\CurseClient.exe
C:\Windows\system32\taskeng.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\taskhost.exe
C:\Users\Shaun\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mystart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: CutePDF Editor Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe (file missing)

Hi scarne92,

Quote:

---

I got access restored and changed passwords and all.

---

May want to change passwords from a different computer.

Have you followed instructions here----> Help, I got hacked Account Security

NEXT

We need to see some information about what is happening in your machine. Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explaination about the tool. No input is needed, the scan is running.
• Notepad will open with the results.
• Follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Joe :)