Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 20 of 33 Posts

·
Registered
Joined
·
19 Posts
Discussion Starter · #1 ·
I have an Inspiron 1501 with Windows XP. I want to clean up my laptop and get rid of any software I don't need. I only use it for emailing, internet, documents, watching netflix instantly and storing a handful of photos. Any help for cleaning up and speeding up my laptop?
 

·
Retired Trusted Advisor
Joined
·
34,806 Posts
Please click HERE to download and install HijackThis.

Run it and select Do a system scan and save a logfile from the Main Menu.

The log will be saved in Notepad. Copy and paste the log in your next post.

IMPORTANT: Do not fix anything
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #3 ·
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:11:41 PM, on 1/8/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\X3watch\x3watch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [x3watch] C:\Program Files\X3watch\x3watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: InstallerJava - https://secure2.edward.org/CACHE/sdesktop/install/binaries/instjava.cab
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} (Cisco Systems WebVPN Relay Loader) - https://secure2.edward.org/+CSCOL+/relayp.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205290931001
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1205291768640
O16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} (CSD ActiveX Installer) - https://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7516 bytes
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #8 ·
Here is DDX text:

DDS (Ver_10-12-12.02) - NTFSx86
Run by Keith at 15:48:16.37 on Sat 01/08/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.136 [GMT -6:00]

AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\X3watch\x3watch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Keith\Application Data\U3\00019B7143702C8C\LaunchPad.exe
C:\Documents and Settings\Keith\Local Settings\Temporary Internet Files\Content.IE5\VI1659EP\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\MSMSGS.EXE" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SVCHOST.EXE] c:\windows\system32\drivers\svchost.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [x3watch] c:\program files\x3watch\x3watch.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\keith\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: InstallerJava - hxxps://secure2.edward.org/CACHE/sdesktop/install/binaries/instjava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://secure2.edward.org/+CSCOL+/relayp.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205290931001
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1205291768640
DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - hxxps://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\keith\applic~1\mozilla\firefox\profiles\4hzq4b4e.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/a/churchrez.org/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Fchurchrez.org%2F&bsv=zpwhtygjntrz&ltmpl=default&ltmplcache=2#inbox|http://www.synergyvacation.com/|http://www.synergyhospitality.com/our_team.php
FF - plugin: c:\documents and settings\keith\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-2 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-2 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-2 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-2 56816]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-11 135664]

=============== Created Last 30 ================

2011-01-08 21:35:02 0 ----a-w- C:\LOG5B.tmp
2011-01-08 21:11:05 -------- d-----w- c:\program files\Trend Micro
2010-12-15 00:58:02 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 21:54:35 0 ----a-w- C:\LOG4E.tmp
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-07-02 22:36:13 2033448 ----a-w- c:\program files\SkypeSetup.exe
2009-03-05 23:37:18 835107 -c--a-w- c:\program files\setup.exe

============= FINISH: 15:50:24.87 ===============

The Attach File is attached.

Here is the Ark.Txt

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-08 16:03:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 SAMSUNG_HM060HI rev.YD100-15
Running: qz3ts6xr[1].exe; Driver: C:\DOCUME~1\Keith\LOCALS~1\Temp\fgtyapob.sys

---- System - GMER 1.0.15 ----

SSDT F7D1EED6 ZwCreateKey
SSDT F7D1EECC ZwCreateThread
SSDT F7D1EEDB ZwDeleteKey
SSDT F7D1EEE5 ZwDeleteValueKey
SSDT F7D1EEEA ZwLoadKey
SSDT F7D1EEB8 ZwOpenProcess
SSDT F7D1EEBD ZwOpenThread
SSDT F7D1EEF4 ZwReplaceKey
SSDT F7D1EEEF ZwRestoreKey
SSDT F7D1EEE0 ZwSetValueKey
SSDT F7D1EEC7 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 250C 80501D44 4 Bytes JMP 74F7D1EE
? C:\DOCUME~1\Keith\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2624] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AE9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD145 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDB44 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!UnhookWindowsHookEx 7E42D5F3 5 Bytes JMP 3E254696 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E4FEF C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4F21 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E4F8C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4DF2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E4E54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E5052 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4EB6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 3E2EDBA0 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2924] ole32.dll!OleLoadFromStream 7752981B 5 Bytes JMP 3E3E5370 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Session [email protected] ???0?"??? ???????0???????????????????????????????f??SanDisk U3 Cruzer Micro USB Device?tro???0???Q?Q?Q???>?>?>?>?>???0??????????????? x??????+?????????????*??$???????????????????0??s??? ???????0?????0???????*??*??????????????????7??fdc?????? ???????0??????????????????????L?????????????sion??? ???????%?????0?????0????"?????????????7s???????0???V??????so??\\?\SW#{a7c7a5b0-5af3-11d1-9ced-00a024bf0407}#{9B365890-165F-11D0-A195-0020AFD156E4}#{fbf6f530-07b9-11d2-a71e-0000f8004788}\SAD7?o??? ???????0??????????????????????L?????????????sogr??{17CCA71B-ECD7-11D0-B908-00A0C9223196}????"??0???s??????su??USB Audio Device?l??? ???????%?????0?????0????"??????????????????????0???i??????ck??SamSs??t?????>?>?>?>?????????????:??????????il??Canon Digital Camera????????-9??????? ???????0??????????? ?*??????*?????????????????????? x??????0?????????????*?????????????????????????????0???>?>?>?>?>??? ???????>???????????/???????????????????0??\\?\USB#Vid_05ac&Pid_1281#CPID:8900_CPRV:30_CPFM:03_SCEP:05_BDID:04_ECID:000003CE7C1C832D_I

---- Disk sectors - GMER 1.0.15 ----

Disk \Device\Harddisk0\DR0 sector 01: copy of MBR
Disk \Device\Harddisk0\DR0 sector 02: copy of MBR
Disk \Device\Harddisk0\DR0 sector 03: copy of MBR
Disk \Device\Harddisk0\DR0 sector 04: copy of MBR
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
Disk \Device\Harddisk0\DR0 sector 06: copy of MBR
Disk \Device\Harddisk0\DR0 sector 07: copy of MBR
Disk \Device\Harddisk0\DR0 sector 08: copy of MBR
Disk \Device\Harddisk0\DR0 sector 09: copy of MBR
Disk \Device\Harddisk0\DR0 sector 10: rootkit-like behavior; copy of MBR
Disk \Device\Harddisk0\DR0 sector 11: copy of MBR
Disk \Device\Harddisk0\DR0 sector 12: copy of MBR
Disk \Device\Harddisk0\DR0 sector 13: copy of MBR
Disk \Device\Harddisk0\DR0 sector 14: copy of MBR
Disk \Device\Harddisk0\DR0 sector 15: copy of MBR
Disk \Device\Harddisk0\DR0 sector 16: copy of MBR
Disk \Device\Harddisk0\DR0 sector 17: copy of MBR
Disk \Device\Harddisk0\DR0 sector 18: copy of MBR
Disk \Device\Harddisk0\DR0 sector 19: copy of MBR
Disk \Device\Harddisk0\DR0 sector 20: copy of MBR
Disk \Device\Harddisk0\DR0 sector 21: copy of MBR
Disk \Device\Harddisk0\DR0 sector 22: copy of MBR
Disk \Device\Harddisk0\DR0 sector 23: copy of MBR
Disk \Device\Harddisk0\DR0 sector 24: copy of MBR
Disk \Device\Harddisk0\DR0 sector 25: copy of MBR
Disk \Device\Harddisk0\DR0 sector 26: copy of MBR
Disk \Device\Harddisk0\DR0 sector 27: copy of MBR
Disk \Device\Harddisk0\DR0 sector 28: copy of MBR
Disk \Device\Harddisk0\DR0 sector 29: copy of MBR
Disk \Device\Harddisk0\DR0 sector 30: copy of MBR
Disk \Device\Harddisk0\DR0 sector 31: copy of MBR
Disk \Device\Harddisk0\DR0 sector 32: copy of MBR
Disk \Device\Harddisk0\DR0 sector 33: copy of MBR
Disk \Device\Harddisk0\DR0 sector 34: copy of MBR
Disk \Device\Harddisk0\DR0 sector 35: copy of MBR
Disk \Device\Harddisk0\DR0 sector 36: copy of MBR
Disk \Device\Harddisk0\DR0 sector 37: copy of MBR
Disk \Device\Harddisk0\DR0 sector 38: copy of MBR
Disk \Device\Harddisk0\DR0 sector 39: copy of MBR
Disk \Device\Harddisk0\DR0 sector 40: copy of MBR
Disk \Device\Harddisk0\DR0 sector 41: copy of MBR
Disk \Device\Harddisk0\DR0 sector 42: copy of MBR
Disk \Device\Harddisk0\DR0 sector 43: copy of MBR
Disk \Device\Harddisk0\DR0 sector 44: copy of MBR
Disk \Device\Harddisk0\DR0 sector 45: copy of MBR
Disk \Device\Harddisk0\DR0 sector 46: copy of MBR
Disk \Device\Harddisk0\DR0 sector 47: copy of MBR
Disk \Device\Harddisk0\DR0 sector 48: copy of MBR
Disk \Device\Harddisk0\DR0 sector 49: copy of MBR
Disk \Device\Harddisk0\DR0 sector 50: copy of MBR
Disk \Device\Harddisk0\DR0 sector 51: copy of MBR
Disk \Device\Harddisk0\DR0 sector 52: copy of MBR
Disk \Device\Harddisk0\DR0 sector 53: copy of MBR
Disk \Device\Harddisk0\DR0 sector 54: copy of MBR
Disk \Device\Harddisk0\DR0 sector 55: copy of MBR
Disk \Device\Harddisk0\DR0 sector 56: copy of MBR
Disk \Device\Harddisk0\DR0 sector 57: copy of MBR
Disk \Device\Harddisk0\DR0 sector 58: copy of MBR
Disk \Device\Harddisk0\DR0 sector 59: copy of MBR
Disk \Device\Harddisk0\DR0 sector 60: copy of MBR
Disk \Device\Harddisk0\DR0 sector 61: copy of MBR
Disk \Device\Harddisk0\DR0 sector 62: copy of MBR
Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior; copy of MBR

---- EOF - GMER 1.0.15 ----
 

Attachments

·
Super Moderator
Joined
·
37,536 Posts
Hiya :)

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Please include the MBAM log and, SUPERAntiSpyware Scan Log and a fresh HijackThis log in your next reply

eddie
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #10 ·
Eddie,

Thanks so much my friend. Here are the reports:

SuperAntiSpyware Log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/10/2011 at 11:38 PM

Application Version : 4.47.1000

Core Rules Database Version : 6172
Trace Rules Database Version: 3984

Scan type : Complete Scan
Total Scan Time : 01:00:19

Memory items scanned : 453
Memory threats detected : 0
Registry items scanned : 5720
Registry threats detected : 0
File items scanned : 45461
File threats detected : 554

Adware.Tracking Cookie
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][4].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][3].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][5].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][3].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][6].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
C:\Documents and Settings\Keith\Cookies\[email protected][1].txt
C:\Documents and Settings\Keith\Cookies\[email protected][2].txt
stat.onestat.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
stat.onestat.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.andomedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.doubleclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tribalfusion.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.imrworldwide.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.apmebf.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.marthastewart.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.s.clickability.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.bluestreak.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
stat.onestat.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
statse.webtrendslive.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.yieldmanager.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adlegend.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trvlnet.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.highbeam.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.dailyheraldpaddockpublication.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.chicagosuntimes.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ads.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.kontera.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.chitika.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.associatedcontent.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ticketsnow.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adtech.de [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
rotator.adjuggler.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
rotator.adjuggler.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.dmtracker.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
data.coremetrics.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
dc.tremormedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.stardoll.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.videoegg.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.overture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.condenast.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.eyewonder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.snapfish.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.popcapgames.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.googleads.g.doubleclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ads.bridgetrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.pro-market.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.metacafe.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.countrystorecatalog.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.andomedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.socialmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.marketlive.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
adtracker.americantowns.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.accessdiscounts.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.perf.overture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.accessdiscounts.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.accessdiscounts.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.accessdiscounts.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.paypal.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.stats.paypal.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adecn.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
d.mediadakine.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.mediadakine.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media.causes.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
tracking.etapestry.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
tracking.etapestry.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.track.tester-rewards.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.bizrate.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.banner.adchemy.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.viacom.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.babynamescountry.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.babynamescountry.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.seventeen.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ads.gamesbannernet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.walmart.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revenue.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
bridge2.admarketplace.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.admarketplace.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
stat.dealtime.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lockedonmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
counter.hitslink.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
eas.apm.emediate.eu [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.e-2dj6wgkiglc5mko.stats.esomniture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.dealtime.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tracking.realtor.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.homestore.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adxpose.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ad.doubleclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver1.christianitytoday.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver1.christianitytoday.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.googleads.g.doubleclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.track.claimfreerewards.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.cratebarrel.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
cdn4.specificclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.network.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.lucidmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.countrygardencuisine.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.countrygardencuisine.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver1.christianitytoday.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver1.christianitytoday.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.homefinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.homefinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.cvhs.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.cvhs.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.cvhs.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.cvhs.adbureau.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
citi.bridgetrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.247realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
adserver.lat49.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tacoda.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.at.atwola.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.atdmt.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adbrite.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.roiservice.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.smartdestinations.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.evite.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.burstnet.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.www.ezytrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.www.ezytrack.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
counter.surfcounters.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.prnewswire.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.publicstorage.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.statcounter.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.realmedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ad.doubleclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.collective-media.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.burstbeacon.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.burstbeacon.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.telefloracom.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.timeinc.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.find.myrecipes.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.find.myrecipes.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.adserver.adtechus.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.media6degrees.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.pointroll.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.advertising.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.zedo.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.nextag.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
crosscountryfurniture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.amazonmerchants.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.discounts.common-deals.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.e-2dj6wgkokpcjgbp.stats.esomniture.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.healthgrades.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.answerstv.112.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tracking.foxnews.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.tracking.foxnews.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.legolas-media.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.track.internetpromorewards.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.track.internetpromorewards.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.liveperson.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.1800gotjunk.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
ad.yieldmanager.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.fastclick.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.questionmarket.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.insightexpressai.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.casalemedia.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.petfinder.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
www.googleadservices.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.eporia.122.2o7.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.ru4.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.trafficmp.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.revsci.net [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]
.mediaplex.com [ C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\cookies.sqlite ]

HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:22:20 AM, on 1/11/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\WLTRAY.exe
C:\Program Files\X3watch\x3watch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Southwest Airlines\Ding\Ding.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\System32\WLTRAY.exe
O4 - HKLM\..\Run: [x3watch] C:\Program Files\X3watch\x3watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: InstallerJava - https://secure2.edward.org/CACHE/sdesktop/install/binaries/instjava.cab
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} (Cisco Systems WebVPN Relay Loader) - https://secure2.edward.org/+CSCOL+/relayp.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205290931001
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1205291768640
O16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} (CSD ActiveX Installer) - https://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 7675 bytes
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #11 ·
MBAM Log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5501

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/10/2011 9:34:36 PM
mbam-log-2011-01-10 (21-34-36).txt

Scan type: Quick scan
Objects scanned: 135394
Time elapsed: 13 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SVCHOST.EXE (Trojan.Agent) -> Value: SVCHOST.EXE -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\Sysvxd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 

·
Super Moderator
Joined
·
37,536 Posts
Okay, lets do this now :)

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re-enable the protection again afterwards before connecting to the Internet.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

eddie
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #13 ·
Eddie,

Thanks so much for you continual help. Here is the Combo txt log:

ComboFix 11-01-14.01 - Keith 01/14/2011 13:06:50.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.446.254 [GMT -6:00]
Running from: c:\documents and settings\Keith\Desktop\username123.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Keith\g2mdlhlpx.exe
c:\documents and settings\Keith\GoToAssistDownloadHelper.exe
c:\documents and settings\Keith\Recent\Thumbs.db
c:\program files\\setup.exe
c:\program files\Setup.exe

.
((((((((((((((((((((((((( Files Created from 2010-12-14 to 2011-01-14 )))))))))))))))))))))))))))))))
.

2011-01-11 04:31 . 2011-01-11 04:31 -------- d-----w- c:\documents and settings\Keith\Application Data\SUPERAntiSpyware.com
2011-01-11 04:31 . 2011-01-11 04:31 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-01-11 04:31 . 2011-01-11 04:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-11 02:36 . 2011-01-11 02:36 -------- d-----w- c:\documents and settings\Keith\Application Data\Malwarebytes
2011-01-11 02:36 . 2010-12-21 00:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-11 02:35 . 2011-01-11 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-11 02:35 . 2010-12-21 00:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-11 02:35 . 2011-01-11 14:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-08 21:11 . 2011-01-08 21:11 -------- d-----w- c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2008-03-12 03:09 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2002-09-03 19:50 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26 . 2006-06-23 17:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2002-09-03 19:42 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2002-09-03 19:40 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-03 19:48 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2002-09-03 19:33 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2002-09-03 20:03 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-07-02 22:36 . 2009-07-02 22:36 2033448 ----a-w- c:\program files\SkypeSetup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-10 68856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-12-14 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\System32\WLTRAY.exe" [2007-03-17 1392640]
"x3watch"="c:\program files\X3watch\x3watch.exe" [2008-06-01 299008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-25 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]

c:\documents and settings\Keith\Start Menu\Programs\Startup\
DING!.lnk - c:\program files\Southwest Airlines\Ding\Ding.exe [2006-6-22 462848]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 12:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 12:41 PM 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/2/2009 11:40 AM 108289]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/11/2010 9:05 PM 135664]
.
Contents of the 'Scheduled Tasks' folder

2011-01-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 03:05]

2011-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 03:05]

2011-01-14 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 20:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: InstallerJava - hxxps://secure2.edward.org/CACHE/sdesktop/install/binaries/instjava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://secure2.edward.org/+CSCOL+/relayp.cab
DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - hxxps://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab
FF - ProfilePath - c:\documents and settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/a/churchrez.org/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Fchurchrez.org%2F&bsv=zpwhtygjntrz&ltmpl=default&ltmplcache=2#inbox|http://www.synergyvacation.com/|http://www.synergyhospitality.com/our_team.php
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SigmatelSysTrayApp - %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
Notify-AtiExtEvent - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-14 13:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\:õwjY*]
"DisplayName"="???\16?\11\09"
"DeviceDesc"="???\16?\11\09"
"ProviderName"="???\11?\16?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.8"
"DeviceInstanceIds"=multi:"c:\\dell\\drivers\\r174511\\smbus\\smbusati.inf\00"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(812)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2011-01-14 13:15:54
ComboFix-quarantined-files.txt 2011-01-14 19:15

Pre-Run: 49,229,856,768 bytes free
Post-Run: 49,204,912,128 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 1B8DE20E16939BD625074FE6FA7335A3
 

·
Super Moderator
Joined
·
37,536 Posts
Hmmm, lets have a look at one of those entries deeper:

Download LockSearch to your desktop
  • A window will pop up, Press 2 and then Enter. A scan will start, let it run uninterrupted. It should only take a few minutes.
  • A log will appear when it is finished, it will also be saved in the same location as LockSearch, which should be on your desktop. Post the contents of the log in your reply

eddie
 

·
Super Moderator
Joined
·
37,536 Posts
Hiya

Replying just to let you know I have to be away from home for a week. This wasn't planned, hence the late warning.

I'll be able to look at this thread at lunchtimes, but I've asked some others to take a look at the thread, whilst I'm away.

Hope you understand, and see you in a week :)

eddie
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #16 ·
Eddie,
Thanks for letting me know. I'm happy to work through this at your pace. I appreciate all your help!

Here is the LockSearch Log:
LockSearch by jpshortstuff (05.11.09.1)
Log created at 21:01 on 17/01/2011 (Keith)
Scanning C:\


C:\pagefile.sys
-------------------------

-=E.O.F=-

It seems short. I hope I got what you wanted here.

Keith
 

·
Super Moderator
Joined
·
37,536 Posts
Yep, you did it right :)

Okay, I just want to make sure its not a rootkit, so can you do this for me:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


  • If an infected file is detected, the default action will be Cure, click on Continue.


  • If a suspicious file is detected, the default action will be Skip, click on Continue.


  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #18 ·
2011/01/21 10:43:57.0854 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51
2011/01/21 10:43:57.0854 ================================================================================
2011/01/21 10:43:57.0854 SystemInfo:
2011/01/21 10:43:57.0854
2011/01/21 10:43:57.0854 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/21 10:43:57.0854 Product type: Workstation
2011/01/21 10:43:57.0854 ComputerName: KEITH-LAPTOP
2011/01/21 10:43:57.0869 UserName: Keith
2011/01/21 10:43:57.0869 Windows directory: C:\WINDOWS
2011/01/21 10:43:57.0869 System windows directory: C:\WINDOWS
2011/01/21 10:43:57.0869 Processor architecture: Intel x86
2011/01/21 10:43:57.0869 Number of processors: 1
2011/01/21 10:43:57.0869 Page size: 0x1000
2011/01/21 10:43:57.0869 Boot type: Normal boot
2011/01/21 10:43:57.0869 ================================================================================
2011/01/21 10:43:58.0510 Initialize success
2011/01/21 10:44:02.0744 ================================================================================
2011/01/21 10:44:02.0744 Scan started
2011/01/21 10:44:02.0744 Mode: Manual;
2011/01/21 10:44:02.0744 ================================================================================
2011/01/21 10:44:05.0666 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/21 10:44:05.0838 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/01/21 10:44:06.0073 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/21 10:44:06.0307 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/21 10:44:06.0885 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/01/21 10:44:07.0510 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/21 10:44:07.0682 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/21 10:44:07.0885 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/21 10:44:08.0119 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/21 10:44:08.0432 avgio (6a646c46b9415e13095aa9b352040a7a) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/01/21 10:44:08.0604 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/01/21 10:44:08.0713 avipbb (452e382340bb0c5e694ed9d3625356d0) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/01/21 10:44:08.0979 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/01/21 10:44:09.0104 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/01/21 10:44:09.0354 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/21 10:44:09.0854 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/21 10:44:10.0104 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/21 10:44:10.0229 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/21 10:44:10.0307 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/21 10:44:10.0698 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/01/21 10:44:10.0916 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/01/21 10:44:11.0448 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/21 10:44:11.0573 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/21 10:44:11.0807 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/21 10:44:11.0901 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/21 10:44:12.0041 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/21 10:44:12.0307 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/21 10:44:12.0619 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/21 10:44:12.0854 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/21 10:44:13.0026 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/21 10:44:13.0182 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/21 10:44:13.0416 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/21 10:44:13.0510 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/21 10:44:13.0713 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/21 10:44:13.0854 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/01/21 10:44:13.0979 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/21 10:44:14.0307 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/21 10:44:14.0494 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/21 10:44:14.0807 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/01/21 10:44:15.0026 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/01/21 10:44:15.0244 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/21 10:44:15.0619 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/21 10:44:15.0791 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/21 10:44:16.0213 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/21 10:44:16.0338 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/21 10:44:16.0526 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/21 10:44:16.0682 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/21 10:44:16.0838 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/21 10:44:16.0994 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/21 10:44:17.0135 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/21 10:44:17.0244 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/21 10:44:17.0416 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/21 10:44:17.0604 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/21 10:44:17.0869 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/21 10:44:18.0182 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/01/21 10:44:18.0385 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/21 10:44:18.0557 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/21 10:44:18.0651 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/21 10:44:18.0760 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/21 10:44:18.0885 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/21 10:44:19.0119 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/21 10:44:19.0291 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/21 10:44:19.0479 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/21 10:44:19.0619 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/21 10:44:19.0760 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/21 10:44:19.0963 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/21 10:44:20.0166 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/21 10:44:20.0229 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/21 10:44:20.0369 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/21 10:44:20.0463 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/21 10:44:20.0635 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/21 10:44:20.0776 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/21 10:44:20.0932 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/21 10:44:20.0994 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/21 10:44:21.0151 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/21 10:44:21.0526 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/21 10:44:21.0651 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/21 10:44:21.0869 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/21 10:44:22.0010 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/21 10:44:22.0135 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/21 10:44:22.0338 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/01/21 10:44:22.0479 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/21 10:44:22.0573 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/21 10:44:22.0713 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/21 10:44:23.0088 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/21 10:44:23.0213 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/21 10:44:24.0104 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/21 10:44:24.0276 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/21 10:44:24.0463 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/21 10:44:24.0651 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/21 10:44:25.0198 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/21 10:44:25.0385 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/21 10:44:25.0588 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/21 10:44:25.0744 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/21 10:44:25.0885 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/21 10:44:26.0010 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/21 10:44:26.0151 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/21 10:44:26.0401 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/21 10:44:26.0682 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/21 10:44:27.0104 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/01/21 10:44:27.0307 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/01/21 10:44:27.0557 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/01/21 10:44:27.0698 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/21 10:44:27.0885 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/01/21 10:44:28.0213 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/01/21 10:44:28.0401 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/01/21 10:44:28.0557 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/01/21 10:44:28.0994 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/21 10:44:29.0166 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/21 10:44:29.0369 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/21 10:44:29.0541 ssmdrv (654dfea96bc82b4acda4f37e5e4a3bbf) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/01/21 10:44:29.0776 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
2011/01/21 10:44:30.0010 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/21 10:44:30.0135 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/21 10:44:30.0666 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/21 10:44:30.0885 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/21 10:44:31.0010 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/21 10:44:31.0198 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/21 10:44:31.0323 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/21 10:44:31.0791 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/21 10:44:32.0182 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/21 10:44:32.0448 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/01/21 10:44:32.0635 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/21 10:44:32.0838 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/21 10:44:32.0948 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/21 10:44:33.0119 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/21 10:44:33.0229 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/01/21 10:44:33.0401 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/21 10:44:33.0573 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/21 10:44:33.0744 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/21 10:44:34.0010 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/21 10:44:34.0229 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/21 10:44:34.0557 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/21 10:44:34.0791 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/01/21 10:44:35.0260 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/01/21 10:44:35.0541 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/01/21 10:44:35.0713 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/01/21 10:44:36.0229 ================================================================================
2011/01/21 10:44:36.0229 Scan finished
2011/01/21 10:44:36.0229 ================================================================================
 

·
Super Moderator
Joined
·
37,536 Posts
Back again :)

Okay, looks good, so lets run this program, to see if there is anything else ;)

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

eddie
 

·
Registered
Joined
·
19 Posts
Discussion Starter · #20 ·
Here is the OTL.txt

OTL logfile created on: 1/26/2011 1:29:05 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Keith\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 143.00 Mb Available Physical Memory | 32.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 26.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 45.67 Gb Free Space | 81.73% Space Free | Partition Type: NTFS

Computer Name: KEITH-LAPTOP | User Name: Keith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/26 13:27:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
PRC - [2010/12/14 14:02:18 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/12/10 17:17:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/09/26 10:02:04 | 002,356,088 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
PRC - [2008/06/01 17:00:12 | 000,299,008 | ---- | M] (Tiger Green Productions LLC) -- C:\Program Files\X3watch\x3watch.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/09 22:17:43 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/06/22 13:15:48 | 000,462,848 | ---- | M] (Southwest Airlines) -- C:\Program Files\Southwest Airlines\Ding\Ding.exe

========== Modules (SafeList) ==========

MOD - [2011/01/26 13:27:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

========== Driver Services (SafeList) ==========

DRV - [2010/05/10 12:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 12:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/07 11:42:23 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 09:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 09:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/03/16 18:10:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/07/22 11:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 11:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 11:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.com/a/churchrez.org/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Fchurchrez.org%2F&bsv=zpwhtygjntrz&ltmpl=default&ltmplcache=2#inbox|http://www.synergyvacation.com/|http://www.synergyhospitality.com/our_team.php"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 17:17:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 17:17:47 | 000,000,000 | ---D | M]

[2008/12/18 17:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Keith\Application Data\Mozilla\Extensions
[2011/01/22 15:42:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\extensions
[2009/09/17 14:10:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Keith\Application Data\Mozilla\Firefox\Profiles\4hzq4b4e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/22 15:42:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/08/24 08:59:26 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/04/25 15:15:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/03/05 10:51:02 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
[2007/03/09 17:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

O1 HOSTS File: ([2011/01/14 13:12:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [x3watch] C:\Program Files\X3watch\x3watch.exe (Tiger Green Productions LLC)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Keith\Start Menu\Programs\Startup\DING!.lnk = C:\Program Files\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://secure2.edward.org/+CSCOL+/relayp.cab (Cisco Systems WebVPN Relay Loader)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1205290931001 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1205291768640 (MUWebControl Class)
O16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} https://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab (CSD ActiveX Installer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: InstallerJava https://secure2.edward.org/CACHE/sdesktop/install/binaries/instjava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Keith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Keith\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/11 21:12:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/26 13:27:42 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
[2011/01/21 10:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Desktop\tdsskiller
[2011/01/21 10:43:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/01/14 13:05:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/01/14 13:03:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/01/14 13:03:30 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/01/14 13:03:30 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/01/14 13:03:30 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/01/14 13:02:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/01/14 13:01:37 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/01/10 22:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Application Data\SUPERAntiSpyware.com
[2011/01/10 22:31:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/01/10 22:31:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/01/10 22:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/01/10 22:30:14 | 010,095,360 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Keith\Desktop\SUPERAntiSpyware.exe
[2011/01/10 20:36:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Keith\Application Data\Malwarebytes
[2011/01/10 20:36:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/01/10 20:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/10 20:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/01/10 20:35:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/01/10 20:35:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/01/10 20:33:39 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Keith\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/10 20:21:13 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\TFC.exe
[2011/01/08 15:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis
[2011/01/08 15:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/07/02 16:36:11 | 002,033,448 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe

========== Files - Modified Within 30 Days ==========

[2011/01/26 13:34:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/26 13:27:44 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\OTL.exe
[2011/01/26 09:58:39 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/25 23:34:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/24 19:48:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/21 18:50:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/21 18:49:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2011/01/21 18:49:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/21 10:42:38 | 001,236,025 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\tdsskiller.zip
[2011/01/17 23:18:24 | 000,463,221 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\IMG_5830.jpg
[2011/01/17 23:18:09 | 000,353,805 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\IMG_5829.jpg
[2011/01/17 23:17:58 | 000,368,852 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\IMG_5828.jpg
[2011/01/17 20:59:33 | 000,032,653 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\LockSearch.exe
[2011/01/15 21:04:57 | 000,043,008 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\Jan 30 Sermon.doc
[2011/01/14 13:54:56 | 000,234,753 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\HSA Document.mht
[2011/01/14 13:12:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/01/14 13:05:46 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/01/14 13:02:45 | 004,154,944 | R--- | M] () -- C:\Documents and Settings\Keith\Desktop\username123.exe
[2011/01/10 22:31:12 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/01/10 22:30:14 | 010,095,360 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Keith\Desktop\SUPERAntiSpyware.exe
[2011/01/10 20:33:39 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Keith\Desktop\mbam-setup-1.50.1.1100.exe
[2011/01/10 20:21:16 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Keith\Desktop\TFC.exe
[2011/01/08 15:11:07 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\Keith\Desktop\HijackThis.lnk

========== Files Created - No Company Name ==========

[2011/01/21 10:42:29 | 001,236,025 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\tdsskiller.zip
[2011/01/17 23:18:24 | 000,463,221 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\IMG_5830.jpg
[2011/01/17 23:18:09 | 000,353,805 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\IMG_5829.jpg
[2011/01/17 23:17:58 | 000,368,852 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\IMG_5828.jpg
[2011/01/17 20:59:30 | 000,032,653 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\LockSearch.exe
[2011/01/14 13:54:48 | 000,234,753 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\HSA Document.mht
[2011/01/14 13:05:46 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/01/14 13:05:42 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/01/14 13:03:30 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/01/14 13:03:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/01/14 13:03:30 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/01/14 13:03:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/01/14 13:03:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/01/14 12:57:01 | 004,154,944 | R--- | C] () -- C:\Documents and Settings\Keith\Desktop\username123.exe
[2011/01/10 22:31:12 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/01/08 15:11:06 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\HijackThis.lnk
[2011/01/05 21:20:00 | 000,043,008 | ---- | C] () -- C:\Documents and Settings\Keith\Desktop\Jan 30 Sermon.doc
[2010/10/16 15:44:18 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/02 19:49:57 | 000,009,201 | ---- | C] () -- C:\Program Files\WeeMee_15582112_for_keith.hartsell.jpg
[2008/06/21 17:24:33 | 000,001,353 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/06/14 08:29:49 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Keith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/11 21:45:29 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2008/03/11 21:45:28 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2008/03/11 21:14:23 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2008/03/11 21:03:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/03/11 14:57:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== LOP Check ==========

[2009/03/05 10:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/01/21 20:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\x3watch
[2010/10/16 11:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/20 15:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/06 11:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Cisco
[2010/05/07 14:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Facebook
[2008/05/25 21:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Snapfish
[2008/06/22 18:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\Southwest Airlines
[2009/03/05 17:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Keith\Application Data\x3watch
[2011/01/21 18:49:21 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========

< End of report >

And here is the Extras.txt:
OTL Extras logfile created on: 1/26/2011 1:29:05 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Keith\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

446.00 Mb Total Physical Memory | 143.00 Mb Available Physical Memory | 32.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 26.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 45.67 Gb Free Space | 81.73% Space Free | Partition Type: NTFS

Computer Name: KEITH-LAPTOP | User Name: Keith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] --
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{84031A18-BA9A-4156-A74F-E05B52DDFCE2}" = DING!
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EF40BAC3-372B-46F4-A32D-B37CF4217CE7}" = ATI Catalyst Control Center
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PopCap Browser Plugin" = PopCap Browser Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X3watch_is1" = X3watch 5.0.6
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GoToMeeting" = GoToMeeting 4.1.0.366
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/20/2011 1:32:20 AM | Computer Name = KEITH-LAPTOP | Source = Application Error | ID = 1000
Description = Faulting application wordconv.exe, version 12.0.6500.5000, faulting
module unknown, version 0.0.0.0, fault address 0x31265c4b.

Error - 1/20/2011 5:02:59 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/21/2011 5:03:53 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/21/2011 8:41:15 PM | Computer Name = KEITH-LAPTOP | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3989, faulting
module npswf32.dll, version 10.1.53.64, fault address 0x00182955.

Error - 1/21/2011 8:41:24 PM | Computer Name = KEITH-LAPTOP | Source = Application Error | ID = 1001
Description = Fault bucket -2077495846.

Error - 1/22/2011 5:02:53 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/23/2011 5:02:18 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/24/2011 5:02:32 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/25/2011 5:02:44 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 1/26/2011 5:03:04 AM | Computer Name = KEITH-LAPTOP | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

[ System Events ]
Error - 1/17/2011 5:04:29 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/18/2011 5:04:04 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/19/2011 5:04:49 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/20/2011 5:04:22 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/21/2011 5:05:19 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/22/2011 5:03:55 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/23/2011 5:03:14 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/24/2011 5:03:26 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/25/2011 5:03:55 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 1/26/2011 5:04:29 AM | Computer Name = KEITH-LAPTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

< End of report >
 
1 - 20 of 33 Posts
Status
Not open for further replies.
Top