Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hijacked by Get-answers-fast and/or kozanekosearchsystem


  • Please log in to reply

#1
wifeiskillinme

wifeiskillinme

    Member

  • Member
  • PipPip
  • 16 posts
I appreciate anyone's help. My wife's computer has had her search engine hijacked. Whether I use Google, Mozilla or IE searches get re routed to various bogus pages. I've seen get-answers-fast come up and I also see kozanekosearchsystem

Also, and I don't know if this is all connected, she keeps getting a run time error R6025 Pure Virtual Function Call.

Most recently she downloaded iTunes and was loading music through some sort of sharing with my daughter. Don't know if that is what did it.

I ran Malwarebytes, Xoftspy, Superantispyware and Viperescue Scanner. None have cured the problem. I tried running OTL.exe, OTL.scr and OTL.com but all get blocked.

Below is the log from Superantispyware. Any help is appreciated

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/28/2011 at 08:59 PM

Application Version : 5.0.1136

Core Rules Database Version : 7994
Trace Rules Database Version: 5806

Scan type : Complete Scan
Total Scan Time : 01:29:10

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 2 (Build 5.01.2600)
Administrator

Memory items scanned : 624
Memory threats detected : 1
Registry items scanned : 38749
Registry threats detected : 9
File items scanned : 123724
File threats detected : 702

Adware.MyWebSearch/FunWebProducts
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#DeviceDesc

Adware.Tracking Cookie
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /4.adbrite ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /a.findarticles ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /a1.interclick ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ad.fed.msn ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ad.greenmarquee ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ad.wsod ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ad2.doublepimp ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /adlegend ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /admarketplace ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /adopt.euroclick ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /adprotraffic ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads-dev.youporn ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads.adap ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.adgoto ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.as4x.tmcs.ticketmaster ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads.as4x.tmcs ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.belointeractive ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads.cnn ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads.digitalmedianet ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.heraldnet ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.itubeit ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ads.mobiledia ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /ads.vidsense ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /adv.dmv ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /anad.tacoda ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /app.insightgrit ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /at.atwola ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /banners.andomedia ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /bannerspace ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /bizrate ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /bookit.advertserve ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /bridge2.admarketplace ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /burstbeacon ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /burstnet ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /chitika ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /click.tvprocessing ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /clickbank ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /collective-media ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /consumergain ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /content.yieldmanager ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /coolsavings ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /counter.surfcounters ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /dist.belnk ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /dmtracker ]
C:\Documents and Settings\terri\Cookies\[email protected].esomniture[2].txt [ /e-2dj6wfk4socpklq.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /e-2dj6wfkichcjabp.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /e-2dj6wgligld5kgp.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /e-2dj6wjk4gjcpgao.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /e-2dj6wjlieicpehp.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /e-2dj6wjlooiazwfq.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /e-2dj6wjlyagc5scp.stats.esomniture ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /ecnext.advertserve ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /enterprise.clickdefense ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /exefind ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /eyewonder ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /findarticles ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /humornsex ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /insightexpressai ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /insightfirst ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /interclick ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /invitemedia ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /kanoodle ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /kontera ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /link.mercent ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /linksynergy ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /m2omedia ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /media.medhelp ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /media6degrees ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /moneybanner728 ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /myaccount.verizonwireless ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /naiadsystems ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /naked ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /nextag ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /nordictrack ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /partner2profit ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /petfinder ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /pornhost ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /pornhub ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /porn ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /qnsr ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /revenue ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /roiservice ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sec1.liveperson ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /spafinder ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /specificmedia ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /stat.dealtime ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /stats.gamestop ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /tacoda ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /tailteens ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /technologyquestions ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /teenselite ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /track.bestbuy ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /track.teetahn ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /versuscountrybagamonsterbuck ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /vhost.oddcast ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /weownthetraffic ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.accountonline ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.burstbeacon ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.burstnet ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.clickhereshopping ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.clickmanage ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.clickr ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.humornsex ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.intuitaccountants ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.nordictrack ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.pornhub ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.quickfinder ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.technologyquestions ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.tltrack ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.toseeka ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /xiti ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /yieldmanager ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /yieldmanager ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /youngpornmovies ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /youporn ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /try.starware.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /webstat.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /4.adbrite.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /sec1.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /statse.webtrendslive.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /statse.webtrendslive.com ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /www.googleadservices.com ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.googleadservices.com ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /web-stat.com ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.pornhost.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.googleadservices.com ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.pornhost.com ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /server.iad.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][2].txt [ /sales.liveperson.net ]
C:\Documents and Settings\terri\Cookies\[email protected][1].txt [ /www.googleadservices.com ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/cgi-bin ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/hc/88287119 ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected]almedia[1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]web-traffic-analysis.net/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/hc/7046965 ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/RealMedia/ads/adstream_sx.ads/babble.com/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/servlet/ajrotator/146993/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ad/show/38956/drct/02/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/adserving ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected]_ad_init[2].txt [ Cookie:[email protected]/apps/foundation/components/cn_ad_init/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][2].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\[email protected][1].txt [ Cookie:[email protected]/ ]
crackle.com [ C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\8ESPQFNX ]
ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
ia.media-imdb.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
media.bonefishgrill.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
msnbcmedia.msn.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
sftrack.searchforce.net [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\5YGEDSX3 ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\6VIYB1AT.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\6VIYB1AT.DEFAULT\COOKIES.SQLITE ]
.advertise.com [ C:\DOCUMENTS AND SETTINGS\TERRI\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\6VIYB1AT.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-electrum.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trackalyzer.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
t5.trackalyzer.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracking.waterfrontmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
copilot.mediaarmor.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaarmor.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaarmor.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.marriottinternational.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nandomedia.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
myaccount.verizonwireless.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
eas.apm.emediate.eu [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.movieticketscom.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.gsimedia.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaforge.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
d.mediaforge.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediabrandsww.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
webstats.talcore.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.farecastcom.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.njmvc.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ghmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.app.insightgrit.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.accountemps.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.accountemps.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.accountemps.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountemps.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.accountemps.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.snapfish.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
gs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.americancancersocietyinc.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnportal.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.charmingshoppes.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myaccount.trugreen.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myaccount.trugreen.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.myaccount.trugreen.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstbeacon.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.petadoptiontracker.org [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.petadoptiontracker.org [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.petadoptiontracker.org [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.petadoptiontracker.org [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.petfinder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ford.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserving.autotrader.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.w3counter.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.auto-price-finder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.auto-price-finder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.auto-price-finder.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
peoplemedia.pmlusc.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
a.visualrevenue.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediacenter.motorola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediacenter.motorola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediacenter.motorola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tracestat.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
webmail.sbfaccounting.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hyundaimotoramerica.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banners.andomedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-emmiscommunications.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hitbox.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dominionenterprises.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.evite.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adlegend.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.wolverineworldwide.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hearstmagazines.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
citi.bridgetrack.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pubads.g.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media.adfrontiers.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gsimedia.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.feed.validclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bridge2.admarketplace.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.admarketplace.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.g.va.bid.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
publishers.domainadvertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.homestore.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizzclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.theclickcheck.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.theclickcheck.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.theclickcheck.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertise.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\DOCUMENTS AND SETTINGS\TERRI\LOCAL SETTINGS\TEMP\COOKIES\[email protected][1].TXT [ /MSNPORTAL.112.2O7 ]

Trojan.Agent/Gen
C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE
C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE.EXE
C:\WINDOWS\Prefetch\SASCORE.EXE-39EC1F08.pf
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
You might have better luck in Safe Mode with Networking

(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

ComboFix
:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Doubleclick on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.

Download aswMBR.exe ( 511KB ) to your desktop.
Double click the aswMBR.exe to run it
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then run it.
Double click on TDSSKiller.exe (Vista or Win 7 must right click and Run As Admin)
If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.

Ron
  • 0

#3
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ron,

will do all this and be back.

Thanks for your help
  • 0

#4
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ron,

Combofix installed the recovery console but now it popped up a box that says "Combofix has detected a presence of rootkit activity and must reboot the machine" my only option is OK. Should I do that? What then?
  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Let it reboot. When it finishes, reboot it one more time.
  • 0

#6
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
got it ok
  • 0

#7
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Here is the combofix log. I'm going to run the aswmbr now. Quick question. in your directions you say
"On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log"

If the Fix Button is enabled, do I click it or do I just save the log and exit?


ComboFix 11-11-29.04 - terri 11/29/2011 16:12:33.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2038.1695 [GMT -5:00]
Running from: c:\documents and settings\terri\My Documents\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\terri\GoToAssistDownloadHelper.exe
c:\documents and settings\terri\Local Settings\Temporary Internet Files\viewChanges.html
c:\windows\$NtUninstallKB30148$
c:\windows\$NtUninstallKB30148$\1081526861\@
c:\windows\$NtUninstallKB30148$\1081526861\L\odetmngk
c:\windows\$NtUninstallKB30148$\1081526861\loader.tlb
c:\windows\$NtUninstallKB30148$\1081526861\U\@00000001
c:\windows\$NtUninstallKB30148$\1081526861\U\@000000c0
c:\windows\$NtUninstallKB30148$\1081526861\U\@000000cb
c:\windows\$NtUninstallKB30148$\1081526861\U\@000000cf
c:\windows\$NtUninstallKB30148$\1081526861\U\@80000000
c:\windows\$NtUninstallKB30148$\1081526861\U\@800000c0
c:\windows\$NtUninstallKB30148$\1081526861\U\@800000cb
c:\windows\$NtUninstallKB30148$\1081526861\U\@800000cf
c:\windows\$NtUninstallKB30148$\3853175110
c:\windows\bwUnin-8.1.1.50-8876480SL.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\
c:\windows\system32\c_69412.nls
.
Infected copy of c:\windows\system32\drivers\netbt.sys was found and disinfected
Restored copy from - The cat found it :)
.
((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-29 )))))))))))))))))))))))))))))))
.
.
2011-11-29 18:58 . 2004-08-04 09:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-11-29 18:58 . 2004-08-04 09:00 162816 ----a-w- c:\windows\system32\dllcache\netbt.sys
2011-11-29 13:31 . 2010-11-09 18:56 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-11-29 13:31 . 2010-11-09 18:56 27984 ----a-w- c:\windows\system32\sbbd.exe
2011-11-29 13:29 . 2011-11-29 16:38 -------- d-----w- C:\VIPRERESCUE
2011-11-29 00:29 . 2011-11-29 00:29 -------- d-----w- c:\documents and settings\terri\Application Data\SUPERAntiSpyware.com
2011-11-29 00:28 . 2011-11-29 02:32 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-11-29 00:28 . 2011-11-29 00:28 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-11-28 23:27 . 2011-11-28 23:27 -------- d-----w- c:\program files\Common Files\ParetoLogic
2011-11-28 23:27 . 2011-11-28 23:27 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2011-11-28 19:37 . 2011-11-28 19:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-28 19:37 . 2011-08-31 22:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 19:34 . 2011-11-28 19:34 -------- d-----w- c:\documents and settings\terri\Local Settings\Application Data\Mozilla
2011-11-28 18:55 . 2011-11-28 18:55 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-28 04:11 . 2011-11-29 16:39 80896 ----a-w- c:\windows\system32\OLD2F2.tmp
2011-11-27 20:42 . 2011-11-28 18:54 -------- d-----w- C:\QB 2011
2011-11-27 18:14 . 2011-11-28 18:54 -------- d-----w- c:\windows\system32\config\systemprofile\UserData
2011-11-24 14:53 . 2011-11-24 14:53 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-11-24 14:46 . 2011-11-28 23:00 -------- d-sh--w- c:\documents and settings\terri\Local Settings\Application Data\4076ca4d
2011-11-20 17:37 . 2011-11-20 17:37 -------- d-----w- c:\program files\iPod
2011-11-20 17:37 . 2011-11-20 17:40 -------- d-----w- c:\program files\iTunes
2011-11-20 17:31 . 2011-11-20 17:31 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer
2011-11-20 17:29 . 2011-11-20 17:29 -------- d-----w- c:\program files\Bonjour
2011-11-08 21:19 . 2011-11-08 21:19 -------- d-----w- c:\documents and settings\terri\Application Data\ScanSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-21 04:04 . 2011-11-28 19:34 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-07 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-06-06 26112]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe" [2005-09-08 8192]
"MMTray"="c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe" [2005-09-08 110592]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-06-06 169472]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-11-12 864256]
"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2005-08-12 1121792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-02-22 1497352]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
"XoftSpySE"="c:\program files\XoftSpySE6\XoftSpySE.exe" [2010-09-29 4861720]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Intuit Data Protect.lnk - c:\program files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe [2011-3-1 5904216]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2010-8-10 66864]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2011-3-5 1156384]
QuickBooks_Standard_21.lnk - c:\program files\Intuit\QuickBooks 2011\QBW32.EXE [2011-3-5 1178400]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XoftSpySE]
2010-09-29 18:43 4861720 ----a-w- c:\program files\XoftSpySE6\XoftSpySE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XoftSpyService"=3 (0x3)
"Bonjour Service"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2006\\QBDBMgrN.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2007\\QBDBMgrN.exe"=
"c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2010\\QBDBMgrN.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2011\\QBDBMgrN.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\terri\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Logitech\\QuickCam\\LU\\LogitechUpdate.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jaucheck.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jucheck.exe"=
"c:\\Documents and Settings\\terri\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\MUSICMATCH\\Common\\ComponentMgr\\MMComponentMgr.exe"=
"c:\\Program Files\\Common Files\\Intuit\\QuickBooks\\QBUpdate\\qbupdate.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:ooVoo TCP port 443
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [11/29/2011 8:31 AM 98392]
R2 QBVSS;QBIDPService;c:\program files\Common Files\Intuit\DataProtect\QBIDPService.exe [3/5/2011 8:03 PM 1249792]
R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [11/25/2005 5:43 PM 31896]
S2 !SASCORE;SAS Core Service;"c:\program files\SUPERAntiSpyware\SASCORE.EXE" --> c:\program files\SUPERAntiSpyware\SASCORE.EXE [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" --> c:\program files\Viewpoint\Common\ViewpointService.exe [?]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1944172404-2730849703-1090397954-1006Core.job
- c:\documents and settings\terri\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-10 23:48]
.
2011-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1944172404-2730849703-1090397954-1006UA.job
- c:\documents and settings\terri\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-10 23:48]
.
2011-11-28 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-09-29 18:43]
.
2011-11-28 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-09-29 18:43]
.
2011-11-28 c:\windows\Tasks\XoftSpySE.job
- c:\program files\XoftSpySE6\XoftSpySELauncher.exe [2010-09-29 18:43]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
Trusted Zone: musicmatch.com\online
TCP: DhcpNameServer = 192.168.0.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\terri\Application Data\Mozilla\Firefox\Profiles\6viyb1at.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Status Monitor CLJ1500 - c:\program files\Hewlett-Packard\CLJ1500\\Toolbox\HPPOUMUI.exe
MSConfigStartUp-POD3 - c:\program files\MessageLabs\POD36\mlpod36.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-29 16:56
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(632)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(3284)
c:\windows\system32\msls31.dll
c:\windows\system32\shdoclc.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\progra~1\MUSICM~1\MUSICM~3\MMDiag.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
c:\program files\MUSICMATCH\Musicmatch Jukebox\mim.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wscntfy.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
c:\program files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
.
**************************************************************************
.
Completion time: 2011-11-29 17:00:25 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-29 22:00
.
Pre-Run: 68,054,753,280 bytes free
Post-Run: 69,803,143,168 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 9C9D5A69DE79AC04B0CFA32CAC0AD345
  • 0

#8
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Here is the aswMBR log. The Fix button was NOT enabled. I did notice that it was defaulted to do a quick scan. I didn't change that option hope that was OK. Running tdsskiller now

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-11-29 17:10:14
-----------------------------
17:10:14.468 OS Version: Windows 5.1.2600 Service Pack 2
17:10:14.468 Number of processors: 2 586 0x409
17:10:14.500 ComputerName: TERRIPC UserName: terri
17:10:15.906 Initialize success
17:12:12.609 AVAST engine defs: 11112902
17:12:50.562 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
17:12:50.578 Disk 0 Vendor: SAMSUNG_HD160JJ/P ZM100-34 Size: 152587MB BusType: 3
17:12:52.609 Disk 0 MBR read successfully
17:12:52.609 Disk 0 MBR scan
17:12:52.671 Disk 0 unknown MBR code
17:12:52.687 Disk 0 scanning sectors +312496380
17:12:52.781 Disk 0 scanning C:\WINDOWS\system32\drivers
17:13:02.609 Service scanning
17:13:09.203 Modules scanning
17:13:15.375 AVAST engine scan C:\WINDOWS
17:13:21.484 AVAST engine scan C:\WINDOWS\system32
17:14:28.484 File: C:\WINDOWS\system32\msiexec.exe.tmp **INFECTED** Win32:Patched-WQ [Trj]
17:15:39.515 AVAST engine scan C:\WINDOWS\system32\drivers
17:15:53.250 AVAST engine scan C:\Documents and Settings\terri
17:23:38.093 AVAST engine scan C:\Documents and Settings\All Users
17:27:29.156 Scan finished successfully
17:34:35.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\terri\My Documents\MBR.dat"
17:34:35.328 The log file has been saved successfully to "C:\Documents and Settings\terri\My Documents\aswMBR.txt"
17:35:06.390 Disk 0 MBR has been saved successfully to "F:\MBR.dat"
17:35:06.406 The log file has been saved successfully to "F:\aswMBR.txt"
  • 0

#9
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
here is the tdskiller log. By the way, I ran all of these in safe mode. Waiting on next steps. Again, thank you so much.


17:35:53.0625 0532 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
17:35:53.0750 0532 ============================================================
17:35:53.0750 0532 Current date / time: 2011/11/29 17:35:53.0750
17:35:53.0750 0532 SystemInfo:
17:35:53.0750 0532
17:35:53.0750 0532 OS Version: 5.1.2600 ServicePack: 2.0
17:35:53.0750 0532 Product type: Workstation
17:35:53.0750 0532 ComputerName: TERRIPC
17:35:53.0750 0532 UserName: terri
17:35:53.0750 0532 Windows directory: C:\WINDOWS
17:35:53.0750 0532 System windows directory: C:\WINDOWS
17:35:53.0750 0532 Processor architecture: Intel x86
17:35:53.0750 0532 Number of processors: 2
17:35:53.0750 0532 Page size: 0x1000
17:35:53.0750 0532 Boot type: Safe boot with network
17:35:53.0750 0532 ============================================================
17:35:55.0609 0532 Initialize success
17:36:01.0703 0812 ============================================================
17:36:01.0703 0812 Scan started
17:36:01.0703 0812 Mode: Manual;
17:36:01.0703 0812 ============================================================
17:36:04.0078 0812 Abiosdsk - ok
17:36:04.0125 0812 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:36:04.0125 0812 abp480n5 - ok
17:36:04.0156 0812 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:36:04.0156 0812 ACPI - ok
17:36:04.0203 0812 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:36:04.0203 0812 ACPIEC - ok
17:36:04.0234 0812 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:36:04.0234 0812 adpu160m - ok
17:36:04.0281 0812 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
17:36:04.0281 0812 aec - ok
17:36:04.0312 0812 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
17:36:04.0312 0812 AFD - ok
17:36:04.0359 0812 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
17:36:04.0359 0812 agp440 - ok
17:36:04.0375 0812 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:36:04.0375 0812 agpCPQ - ok
17:36:04.0390 0812 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:36:04.0390 0812 Aha154x - ok
17:36:04.0421 0812 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:36:04.0437 0812 aic78u2 - ok
17:36:04.0453 0812 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:36:04.0453 0812 aic78xx - ok
17:36:04.0500 0812 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
17:36:04.0500 0812 AliIde - ok
17:36:04.0531 0812 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:36:04.0531 0812 alim1541 - ok
17:36:04.0546 0812 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:36:04.0546 0812 amdagp - ok
17:36:04.0625 0812 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
17:36:04.0625 0812 amsint - ok
17:36:04.0656 0812 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
17:36:04.0656 0812 asc - ok
17:36:04.0687 0812 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:36:04.0687 0812 asc3350p - ok
17:36:04.0718 0812 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:36:04.0718 0812 asc3550 - ok
17:36:04.0750 0812 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
17:36:04.0750 0812 ASCTRM - ok
17:36:04.0843 0812 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:36:04.0843 0812 AsyncMac - ok
17:36:04.0875 0812 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:36:04.0875 0812 atapi - ok
17:36:04.0890 0812 Atdisk - ok
17:36:04.0906 0812 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:36:04.0906 0812 Atmarpc - ok
17:36:04.0953 0812 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:36:04.0953 0812 audstub - ok
17:36:04.0984 0812 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:36:04.0984 0812 Beep - ok
17:36:05.0078 0812 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
17:36:05.0078 0812 BrScnUsb - ok
17:36:05.0093 0812 BrSerIf (c121e10c64318182a6478acae1855ee0) C:\WINDOWS\system32\Drivers\BrSerIf.sys
17:36:05.0093 0812 BrSerIf - ok
17:36:05.0109 0812 BrUsbSer (7ac85cdc03befd78908b3b6a73d201d0) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
17:36:05.0109 0812 BrUsbSer - ok
17:36:05.0140 0812 catchme - ok
17:36:05.0156 0812 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:36:05.0156 0812 cbidf - ok
17:36:05.0187 0812 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:36:05.0187 0812 cbidf2k - ok
17:36:05.0234 0812 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:36:05.0234 0812 CCDECODE - ok
17:36:05.0281 0812 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:36:05.0281 0812 cd20xrnt - ok
17:36:05.0296 0812 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:36:05.0296 0812 Cdaudio - ok
17:36:05.0312 0812 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
17:36:05.0312 0812 Cdfs - ok
17:36:05.0359 0812 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:36:05.0359 0812 Cdrom - ok
17:36:05.0359 0812 Changer - ok
17:36:05.0421 0812 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:36:05.0421 0812 CmdIde - ok
17:36:05.0500 0812 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:36:05.0500 0812 Cpqarray - ok
17:36:05.0531 0812 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:36:05.0546 0812 dac2w2k - ok
17:36:05.0546 0812 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:36:05.0546 0812 dac960nt - ok
17:36:05.0609 0812 dfmirage (d8cd6a2a94f545858eec6117f0d5dff4) C:\WINDOWS\system32\DRIVERS\dfmirage.sys
17:36:05.0609 0812 dfmirage - ok
17:36:05.0656 0812 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
17:36:05.0656 0812 Disk - ok
17:36:05.0703 0812 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
17:36:05.0703 0812 DLABOIOM - ok
17:36:05.0718 0812 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:36:05.0718 0812 DLACDBHM - ok
17:36:05.0734 0812 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS
17:36:05.0734 0812 DLADResN - ok
17:36:05.0765 0812 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
17:36:05.0765 0812 DLAIFS_M - ok
17:36:05.0781 0812 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
17:36:05.0781 0812 DLAOPIOM - ok
17:36:05.0812 0812 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
17:36:05.0812 0812 DLAPoolM - ok
17:36:05.0843 0812 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
17:36:05.0843 0812 DLARTL_N - ok
17:36:05.0875 0812 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
17:36:05.0875 0812 DLAUDFAM - ok
17:36:05.0890 0812 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
17:36:05.0890 0812 DLAUDF_M - ok
17:36:05.0953 0812 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
17:36:05.0968 0812 dmboot - ok
17:36:06.0000 0812 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
17:36:06.0000 0812 dmio - ok
17:36:06.0031 0812 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:36:06.0031 0812 dmload - ok
17:36:06.0093 0812 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
17:36:06.0093 0812 DMusic - ok
17:36:06.0140 0812 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:36:06.0140 0812 dpti2o - ok
17:36:06.0156 0812 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
17:36:06.0156 0812 drmkaud - ok
17:36:06.0203 0812 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:36:06.0203 0812 DRVMCDB - ok
17:36:06.0218 0812 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:36:06.0218 0812 DRVNDDM - ok
17:36:06.0250 0812 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:36:06.0250 0812 E100B - ok
17:36:06.0312 0812 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
17:36:06.0312 0812 Fastfat - ok
17:36:06.0343 0812 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:36:06.0343 0812 Fdc - ok
17:36:06.0406 0812 FilterService (50104c5f1ee1e295781caf9521ca2e56) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
17:36:06.0406 0812 FilterService - ok
17:36:06.0437 0812 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
17:36:06.0437 0812 Fips - ok
17:36:06.0453 0812 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:36:06.0453 0812 Flpydisk - ok
17:36:06.0484 0812 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:36:06.0484 0812 FltMgr - ok
17:36:06.0515 0812 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:36:06.0515 0812 Fs_Rec - ok
17:36:06.0531 0812 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:36:06.0531 0812 Ftdisk - ok
17:36:06.0578 0812 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:36:06.0578 0812 GEARAspiWDM - ok
17:36:06.0593 0812 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:36:06.0609 0812 Gpc - ok
17:36:06.0656 0812 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:36:06.0656 0812 HDAudBus - ok
17:36:06.0718 0812 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:36:06.0718 0812 HidUsb - ok
17:36:06.0765 0812 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
17:36:06.0765 0812 hpn - ok
17:36:06.0781 0812 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:36:06.0796 0812 HPZid412 - ok
17:36:06.0843 0812 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:36:06.0843 0812 HPZipr12 - ok
17:36:06.0890 0812 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:36:06.0890 0812 HPZius12 - ok
17:36:06.0921 0812 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
17:36:06.0921 0812 HTTP - ok
17:36:06.0953 0812 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
17:36:06.0953 0812 i2omgmt - ok
17:36:07.0000 0812 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:36:07.0000 0812 i2omp - ok
17:36:07.0015 0812 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:36:07.0015 0812 i8042prt - ok
17:36:07.0093 0812 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
17:36:07.0109 0812 ialm - ok
17:36:07.0156 0812 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:36:07.0156 0812 Imapi - ok
17:36:07.0218 0812 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:36:07.0218 0812 ini910u - ok
17:36:07.0296 0812 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
17:36:07.0312 0812 IntelIde - ok
17:36:07.0328 0812 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:36:07.0328 0812 intelppm - ok
17:36:07.0359 0812 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:36:07.0359 0812 Ip6Fw - ok
17:36:07.0390 0812 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:36:07.0390 0812 IpFilterDriver - ok
17:36:07.0406 0812 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:36:07.0406 0812 IpInIp - ok
17:36:07.0437 0812 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:36:07.0453 0812 IpNat - ok
17:36:07.0468 0812 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:36:07.0468 0812 IPSec - ok
17:36:07.0500 0812 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:36:07.0500 0812 IRENUM - ok
17:36:07.0546 0812 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:36:07.0546 0812 isapnp - ok
17:36:07.0562 0812 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:36:07.0562 0812 Kbdclass - ok
17:36:07.0609 0812 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:36:07.0609 0812 kbdhid - ok
17:36:07.0671 0812 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
17:36:07.0671 0812 kmixer - ok
17:36:07.0687 0812 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
17:36:07.0687 0812 KSecDD - ok
17:36:07.0734 0812 lbrtfdc - ok
17:36:07.0843 0812 LVPr2Mon (a6919138f29ae45e90e99fa94737e04c) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
17:36:07.0843 0812 LVPr2Mon - ok
17:36:07.0906 0812 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\WINDOWS\system32\DRIVERS\lvrs.sys
17:36:07.0921 0812 LVRS - ok
17:36:07.0953 0812 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\WINDOWS\system32\drivers\LVUSBSta.sys
17:36:07.0953 0812 LVUSBSta - ok
17:36:08.0109 0812 LVUVC (8bc0d5f6e3898f465a94c6d03afb5a20) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
17:36:08.0187 0812 LVUVC - ok
17:36:08.0203 0812 MBAMSwissArmy - ok
17:36:08.0250 0812 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:36:08.0250 0812 mnmdd - ok
17:36:08.0312 0812 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
17:36:08.0312 0812 Modem - ok
17:36:08.0343 0812 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:36:08.0343 0812 Mouclass - ok
17:36:08.0390 0812 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:36:08.0390 0812 mouhid - ok
17:36:08.0421 0812 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
17:36:08.0421 0812 MountMgr - ok
17:36:08.0453 0812 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:36:08.0453 0812 mraid35x - ok
17:36:08.0468 0812 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:36:08.0468 0812 MRxDAV - ok
17:36:08.0531 0812 MRxSmb (5ddc9a1b2eb5a4bf010ce8c019a18c1f) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:36:08.0531 0812 MRxSmb - ok
17:36:08.0562 0812 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
17:36:08.0578 0812 Msfs - ok
17:36:08.0640 0812 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:36:08.0640 0812 MSKSSRV - ok
17:36:08.0671 0812 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:36:08.0671 0812 MSPCLOCK - ok
17:36:08.0703 0812 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
17:36:08.0703 0812 MSPQM - ok
17:36:08.0718 0812 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:36:08.0718 0812 mssmbios - ok
17:36:08.0750 0812 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
17:36:08.0750 0812 MSTEE - ok
17:36:08.0765 0812 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
17:36:08.0765 0812 Mup - ok
17:36:08.0843 0812 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:36:08.0875 0812 NABTSFEC - ok
17:36:08.0968 0812 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
17:36:08.0984 0812 NDIS - ok
17:36:09.0000 0812 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:36:09.0000 0812 NdisIP - ok
17:36:09.0031 0812 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:36:09.0031 0812 NdisTapi - ok
17:36:09.0062 0812 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:36:09.0062 0812 Ndisuio - ok
17:36:09.0078 0812 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:36:09.0078 0812 NdisWan - ok
17:36:09.0109 0812 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
17:36:09.0109 0812 NDProxy - ok
17:36:09.0140 0812 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:36:09.0140 0812 NetBIOS - ok
17:36:09.0171 0812 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:36:09.0187 0812 NetBT - ok
17:36:09.0281 0812 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
17:36:09.0281 0812 Npfs - ok
17:36:09.0343 0812 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
17:36:09.0343 0812 Ntfs - ok
17:36:09.0390 0812 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:36:09.0390 0812 Null - ok
17:36:09.0484 0812 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:36:09.0515 0812 nv - ok
17:36:09.0546 0812 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:36:09.0546 0812 NwlnkFlt - ok
17:36:09.0562 0812 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:36:09.0562 0812 NwlnkFwd - ok
17:36:09.0593 0812 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
17:36:09.0593 0812 Parport - ok
17:36:09.0609 0812 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
17:36:09.0609 0812 PartMgr - ok
17:36:09.0640 0812 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
17:36:09.0640 0812 ParVdm - ok
17:36:09.0656 0812 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
17:36:09.0656 0812 PCI - ok
17:36:09.0687 0812 PCIDump - ok
17:36:09.0703 0812 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:36:09.0703 0812 PCIIde - ok
17:36:09.0750 0812 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:36:09.0750 0812 Pcmcia - ok
17:36:09.0765 0812 PDCOMP - ok
17:36:09.0781 0812 PDFRAME - ok
17:36:09.0828 0812 PDRELI - ok
17:36:09.0843 0812 PDRFRAME - ok
17:36:09.0875 0812 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
17:36:09.0875 0812 perc2 - ok
17:36:09.0906 0812 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:36:09.0906 0812 perc2hib - ok
17:36:10.0015 0812 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:36:10.0015 0812 PptpMiniport - ok
17:36:10.0046 0812 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
17:36:10.0046 0812 PSched - ok
17:36:10.0062 0812 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:36:10.0062 0812 Ptilink - ok
17:36:10.0109 0812 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:36:10.0109 0812 PxHelp20 - ok
17:36:10.0171 0812 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:36:10.0171 0812 ql1080 - ok
17:36:10.0203 0812 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:36:10.0203 0812 Ql10wnt - ok
17:36:10.0218 0812 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:36:10.0218 0812 ql12160 - ok
17:36:10.0234 0812 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:36:10.0234 0812 ql1240 - ok
17:36:10.0265 0812 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:36:10.0265 0812 ql1280 - ok
17:36:10.0296 0812 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:36:10.0296 0812 RasAcd - ok
17:36:10.0343 0812 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:36:10.0343 0812 Rasl2tp - ok
17:36:10.0359 0812 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:36:10.0359 0812 RasPppoe - ok
17:36:10.0390 0812 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:36:10.0390 0812 Raspti - ok
17:36:10.0453 0812 Rdbss (809ca45caa9072b3176ad44579d7f688) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:36:10.0453 0812 Rdbss - ok
17:36:10.0468 0812 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:36:10.0468 0812 RDPCDD - ok
17:36:10.0515 0812 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:36:10.0531 0812 rdpdr - ok
17:36:10.0578 0812 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
17:36:10.0578 0812 RDPWD - ok
17:36:10.0609 0812 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:36:10.0609 0812 redbook - ok
17:36:10.0765 0812 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:36:10.0781 0812 SASDIFSV - ok
17:36:10.0796 0812 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:36:10.0828 0812 SASKUTIL - ok
17:36:10.0875 0812 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREDrv.sys
17:36:10.0875 0812 SBRE - ok
17:36:10.0937 0812 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:36:10.0937 0812 Secdrv - ok
17:36:10.0984 0812 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:36:10.0984 0812 serenum - ok
17:36:11.0031 0812 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
17:36:11.0031 0812 Serial - ok
17:36:11.0078 0812 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:36:11.0078 0812 Sfloppy - ok
17:36:11.0125 0812 Simbad - ok
17:36:11.0156 0812 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:36:11.0156 0812 sisagp - ok
17:36:11.0203 0812 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:36:11.0203 0812 SLIP - ok
17:36:11.0234 0812 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:36:11.0250 0812 Sparrow - ok
17:36:11.0281 0812 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
17:36:11.0281 0812 splitter - ok
17:36:11.0312 0812 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
17:36:11.0312 0812 sr - ok
17:36:11.0375 0812 Srv (553007ecce7f6565bbe645beb66d3b69) C:\WINDOWS\system32\DRIVERS\srv.sys
17:36:11.0390 0812 Srv - ok
17:36:11.0500 0812 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
17:36:11.0515 0812 STHDA - ok
17:36:11.0562 0812 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:36:11.0562 0812 streamip - ok
17:36:11.0593 0812 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:36:11.0593 0812 swenum - ok
17:36:11.0625 0812 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
17:36:11.0625 0812 swmidi - ok
17:36:11.0671 0812 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
17:36:11.0671 0812 symc810 - ok
17:36:11.0687 0812 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:36:11.0703 0812 symc8xx - ok
17:36:11.0718 0812 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:36:11.0718 0812 sym_hi - ok
17:36:11.0734 0812 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:36:11.0734 0812 sym_u3 - ok
17:36:11.0796 0812 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
17:36:11.0812 0812 sysaudio - ok
17:36:11.0875 0812 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:36:11.0875 0812 Tcpip - ok
17:36:11.0921 0812 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:36:11.0921 0812 TDPIPE - ok
17:36:11.0937 0812 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
17:36:11.0937 0812 TDTCP - ok
17:36:11.0968 0812 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:36:11.0968 0812 TermDD - ok
17:36:12.0031 0812 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
17:36:12.0031 0812 TosIde - ok
17:36:12.0093 0812 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
17:36:12.0093 0812 Udfs - ok
17:36:12.0125 0812 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
17:36:12.0125 0812 ultra - ok
17:36:12.0156 0812 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
17:36:12.0156 0812 Update - ok
17:36:12.0234 0812 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
17:36:12.0234 0812 USBAAPL - ok
17:36:12.0281 0812 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
17:36:12.0281 0812 usbaudio - ok
17:36:12.0375 0812 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:36:12.0375 0812 usbccgp - ok
17:36:12.0390 0812 usbehci (708579b01fed227aadb393cb0c3b4a2c) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:36:12.0390 0812 usbehci - ok
17:36:12.0421 0812 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:36:12.0421 0812 usbhub - ok
17:36:12.0468 0812 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:36:12.0468 0812 usbprint - ok
17:36:12.0500 0812 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:36:12.0500 0812 USBSTOR - ok
17:36:12.0546 0812 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:36:12.0546 0812 usbuhci - ok
17:36:12.0593 0812 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:36:12.0593 0812 usbvideo - ok
17:36:12.0609 0812 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
17:36:12.0609 0812 VgaSave - ok
17:36:12.0640 0812 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:36:12.0640 0812 viaagp - ok
17:36:12.0656 0812 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
17:36:12.0656 0812 ViaIde - ok
17:36:12.0703 0812 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
17:36:12.0703 0812 VolSnap - ok
17:36:12.0765 0812 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:36:12.0765 0812 Wanarp - ok
17:36:12.0781 0812 wanatw - ok
17:36:12.0843 0812 WDICA - ok
17:36:12.0921 0812 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
17:36:12.0921 0812 wdmaud - ok
17:36:13.0109 0812 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:36:13.0109 0812 WSTCODEC - ok
17:36:13.0187 0812 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
17:36:13.0203 0812 \Device\Harddisk0\DR0 - ok
17:36:13.0218 0812 Boot (0x1200) (d5752b035aa03cb4625edd43c5f77e6f) \Device\Harddisk0\DR0\Partition0
17:36:13.0218 0812 \Device\Harddisk0\DR0\Partition0 - ok
17:36:13.0265 0812 Boot (0x1200) (9796542fc2d66e886a29ccd4a5627597) \Device\Harddisk0\DR0\Partition1
17:36:13.0265 0812 \Device\Harddisk0\DR0\Partition1 - ok
17:36:13.0265 0812 ============================================================
17:36:13.0265 0812 Scan finished
17:36:13.0265 0812 ============================================================
17:36:13.0296 0640 Detected object count: 0
17:36:13.0296 0640 Actual detected object count: 0
  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
You should be able to run in regular mode now.

Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.

Run OTL (Vista or Win 7 => right click and Run As Administrator)

select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.
  • 0

Advertisements


#11
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Here are the two OTL log files. Thanks!


OTL logfile created on: 11/30/2011 8:24:11 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\terri\My Documents
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 75.65% Memory free
2.58 Gb Paging File | 2.17 Gb Available in Paging File | 84.19% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 64.94 Gb Free Space | 59.81% Space Free | Partition Type: NTFS
Drive D: | 37.11 Gb Total Space | 37.03 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 249.60 Mb Total Space | 1.12 Mb Free Space | 0.45% Space Free | Partition Type: FAT

Computer Name: TERRIPC | User Name: terri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/30 08:22:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\terri\My Documents\OTL (1).exe
PRC - [2011/11/29 11:39:11 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/11/29 11:39:10 | 000,061,440 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
PRC - [2011/11/29 11:39:09 | 001,249,792 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/11/07 13:04:36 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/03/05 20:04:06 | 001,156,384 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/08/10 11:44:12 | 000,066,864 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2008/08/14 16:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008/08/14 16:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/08/14 16:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/01/25 13:32:56 | 000,689,416 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe
PRC - [2008/01/25 13:32:48 | 000,191,240 | ---- | M] (Logitech, Inc.) -- c:\Program Files\Logitech\QuickCam\LU\LULnchr.exe
PRC - [2006/06/05 20:00:04 | 000,554,496 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
PRC - [2006/06/05 20:00:04 | 000,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
PRC - [2006/06/05 19:48:38 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/09/23 22:05:26 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2005/09/08 18:20:46 | 000,464,384 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
PRC - [2005/09/08 18:20:46 | 000,110,592 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
PRC - [2005/09/08 18:20:46 | 000,102,400 | ---- | M] (Musicmatch, Inc.) -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\MMDiag.exe
PRC - [2005/09/08 04:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2004/11/11 21:00:04 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/30 08:20:45 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/11/30 08:20:44 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/11/28 19:30:08 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/11/28 19:30:07 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2010/08/10 11:44:10 | 000,061,496 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
MOD - [2010/04/14 07:08:17 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
MOD - [2010/04/14 07:06:36 | 000,676,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
MOD - [2010/04/14 07:06:30 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
MOD - [2010/04/14 07:01:48 | 005,449,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll
MOD - [2010/04/14 06:54:24 | 007,867,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll
MOD - [2010/04/14 06:54:02 | 011,485,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll
MOD - [2008/08/14 16:22:36 | 000,112,912 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.DLL
MOD - [2008/08/14 16:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008/08/14 16:13:30 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008/08/14 16:13:08 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008/08/14 16:13:08 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008/08/14 16:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008/08/14 16:11:48 | 000,345,872 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2006/06/05 20:00:04 | 000,554,496 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
MOD - [2006/06/05 20:00:04 | 000,524,288 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MOD - [2006/06/05 20:00:04 | 000,415,744 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
MOD - [2006/06/05 20:00:04 | 000,140,800 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopDeskbar2.dll
MOD - [2006/06/05 20:00:04 | 000,137,728 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll
MOD - [2005/10/05 02:12:00 | 000,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
MOD - [2005/09/01 06:51:14 | 000,122,880 | ---- | M] () -- C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmgit.dll
MOD - [2003/09/23 00:00:00 | 000,106,496 | ---- | M] () -- C:\Program Files\Dell\ShareDLL\djbsdk.dll
MOD - [2003/04/08 10:13:18 | 000,049,152 | ---- | M] () -- C:\WINDOWS\system32\PRTSERV.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Viewpoint Manager Service)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- -- (!SASCORE)
SRV - [2011/11/29 11:39:11 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/11/29 11:39:10 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/11/29 11:39:09 | 001,249,792 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)


========== Driver Services (SafeList) ==========

DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/09 13:56:12 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2008/07/26 10:26:56 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/07/26 10:26:44 | 004,658,584 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam S5500(UVC)
DRV - [2008/07/26 10:26:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/07/26 10:25:48 | 000,627,864 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 07:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/05 19:48:41 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/11/25 17:43:48 | 000,031,896 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dfmirage.sys -- (dfmirage)
DRV - [2005/11/16 20:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/08 04:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 04:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 04:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 04:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 04:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 11:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 11:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co...-inc&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co...-inc&channel=us

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\terri\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\terri\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/28 14:34:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/11/28 14:34:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\terri\Application Data\Mozilla\Extensions
[2011/11/28 14:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/20 23:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/20 20:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\terri\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\terri\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\terri\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\terri\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/11/29 16:55:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MimBoot] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [XoftSpySE] C:\Program Files\XoftSpySE6\XoftSpySE.exe (ParetoLogic Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk = C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk = C:\Program Files\Intuit\QuickBooks 2011\QBW32.EXE (Intuit Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} http://upload.facebo...otoUploader.cab (Facebook Photo Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://qbp.webex.co.../ra/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCE04F9A-1783-4C43-B5F4-44249CCF1B34}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\terri\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\terri\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/30 08:23:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\terri\My Documents\OTL (1).exe
[2011/11/29 17:00:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/11/29 13:58:11 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netbt.sys
[2011/11/29 13:51:17 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/11/29 13:46:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/11/29 13:46:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/11/29 13:46:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/11/29 13:46:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/11/29 13:46:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/11/29 13:45:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/29 13:41:49 | 004,321,290 | R--- | C] (Swearware) -- C:\Documents and Settings\terri\My Documents\ComboFix.exe
[2011/11/29 13:41:37 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\terri\My Documents\tdsskiller.exe
[2011/11/29 13:38:56 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\terri\My Documents\aswMBR.exe
[2011/11/29 08:31:16 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/11/29 08:31:16 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2011/11/29 08:29:30 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/11/29 08:17:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\terri\My Documents\OTL.exe
[2011/11/29 07:50:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2011/11/28 19:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\terri\Application Data\SUPERAntiSpyware.com
[2011/11/28 19:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/11/28 19:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/11/28 19:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/11/28 18:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\XoftSpySE
[2011/11/28 18:27:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/11/28 18:27:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/11/28 18:26:49 | 004,135,632 | ---- | C] (ParetoLogic Inc.) -- C:\Documents and Settings\terri\My Documents\XoftSpySE_Setup_RW.exe
[2011/11/28 14:38:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/28 14:37:58 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/28 14:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/28 14:34:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\terri\Local Settings\Application Data\Mozilla
[2011/11/28 14:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/11/28 14:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/11/27 15:42:34 | 000,000,000 | ---D | C] -- C:\QB 2011
[2011/11/24 09:46:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\terri\Local Settings\Application Data\4076ca4d
[2011/11/20 12:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/11/20 12:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/11/20 12:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/11/20 12:31:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/11/20 12:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/11/08 16:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\terri\Application Data\ScanSoft
[2011/11/08 16:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\terri\My Documents\My PaperPort Documents
[2008/04/22 20:47:10 | 001,723,432 | ---- | C] (Yugma,Inc. ) -- C:\Documents and Settings\All Users\Application Data\Yugma-Uninstaller.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/30 08:22:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\terri\My Documents\OTL (1).exe
[2011/11/30 08:20:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/30 08:20:15 | 2137,149,440 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/30 08:20:11 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/11/30 08:20:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/11/29 17:34:35 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\terri\My Documents\MBR.dat
[2011/11/29 16:55:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/11/29 13:51:35 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/11/29 13:45:23 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\terri\Desktop\Shortcut to ComboFix.exe.lnk
[2011/11/29 13:45:18 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\terri\Desktop\Shortcut to tdsskiller.exe.lnk
[2011/11/29 13:45:02 | 000,000,532 | ---- | M] () -- C:\Documents and Settings\terri\Desktop\Shortcut to aswMBR.exe.lnk
[2011/11/29 13:39:20 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\terri\My Documents\tdsskiller.exe
[2011/11/29 13:38:36 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\terri\My Documents\aswMBR.exe
[2011/11/29 13:36:56 | 004,321,290 | R--- | M] (Swearware) -- C:\Documents and Settings\terri\My Documents\ComboFix.exe
[2011/11/29 13:06:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1944172404-2730849703-1090397954-1006UA.job
[2011/11/29 11:53:25 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2011/11/29 07:19:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/11/28 21:34:56 | 000,000,626 | ---- | M] () -- C:\WINDOWS\hpstatusx.ini
[2011/11/28 20:46:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\terri\My Documents\OTL.exe
[2011/11/28 19:28:38 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/28 19:06:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1944172404-2730849703-1090397954-1006Core.job
[2011/11/28 18:28:56 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/11/28 18:27:23 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\XoftSpySE.lnk
[2011/11/28 18:27:23 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/11/28 18:27:22 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2011/11/28 18:24:34 | 004,135,632 | ---- | M] (ParetoLogic Inc.) -- C:\Documents and Settings\terri\My Documents\XoftSpySE_Setup_RW.exe
[2011/11/28 14:38:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/28 14:34:41 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/28 14:34:41 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/28 14:16:36 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/11/27 19:38:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/20 16:07:43 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\terri\Desktop\Google Chrome.lnk
[2011/11/20 16:07:43 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/20 12:40:43 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/11/20 12:20:58 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/11/14 15:39:50 | 000,688,097 | ---- | M] () -- C:\Documents and Settings\terri\My Documents\ken disessa cancel service contract.pdf
[2011/11/13 12:25:18 | 000,035,840 | ---- | M] () -- C:\Documents and Settings\terri\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/11 16:35:49 | 000,021,508 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\.DS_Store
[2011/11/11 15:44:36 | 010,158,317 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\Wood Duck Collage.jpg
[2011/11/08 16:23:50 | 000,516,995 | ---- | M] () -- C:\Documents and Settings\terri\My Documents\Tuesday, November 08, 2011.pdf
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/30 08:20:15 | 2137,149,440 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/29 17:34:35 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\terri\My Documents\MBR.dat
[2011/11/29 13:51:35 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/11/29 13:51:20 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/11/29 13:46:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/11/29 13:46:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/11/29 13:46:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/11/29 13:46:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/11/29 13:46:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/29 13:45:23 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\terri\Desktop\Shortcut to ComboFix.exe.lnk
[2011/11/29 13:45:18 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\terri\Desktop\Shortcut to tdsskiller.exe.lnk
[2011/11/29 13:45:02 | 000,000,532 | ---- | C] () -- C:\Documents and Settings\terri\Desktop\Shortcut to aswMBR.exe.lnk
[2011/11/28 19:28:38 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/28 18:28:56 | 000,000,444 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/11/28 18:27:23 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\XoftSpySE.lnk
[2011/11/28 18:27:22 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/11/28 18:27:20 | 000,000,376 | ---- | C] () -- C:\WINDOWS\tasks\XoftSpySE.job
[2011/11/28 14:38:01 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/28 14:34:41 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/28 14:34:41 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/28 14:34:41 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/11/20 12:40:43 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/11/20 12:20:58 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/11/14 15:39:50 | 000,688,097 | ---- | C] () -- C:\Documents and Settings\terri\My Documents\ken disessa cancel service contract.pdf
[2011/11/11 15:44:35 | 010,158,317 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\Wood Duck Collage.jpg
[2011/11/08 16:23:45 | 000,516,995 | ---- | C] () -- C:\Documents and Settings\terri\My Documents\Tuesday, November 08, 2011.pdf
[2010/12/05 13:16:48 | 000,022,797 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\Microsoft Excel.ADR
[2010/12/05 13:14:07 | 000,022,084 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\Tab Separated Values (Windows).ADR
[2010/12/05 13:12:26 | 000,022,807 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\Tab Separated Values (DOS).ADR
[2010/08/22 20:35:02 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/11 20:48:41 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\terri\Application Data\dvd.bmk
[2010/08/10 11:45:35 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/04/14 06:54:15 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2010/04/14 06:51:54 | 000,002,432 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/18 20:01:32 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\terri\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/03 11:53:07 | 000,053,068 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/10 18:45:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Install.ini
[2008/07/26 07:25:02 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/10/23 17:22:30 | 000,001,216 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2007/01/28 13:57:11 | 000,000,059 | ---- | C] () -- C:\WINDOWS\sview.ini
[2006/12/10 21:05:46 | 000,051,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2006/10/10 20:41:44 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2006/10/10 20:41:44 | 000,000,050 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2006/09/18 13:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 13:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2006/08/07 21:04:21 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/08/07 21:04:21 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\2FCC179395.sys
[2006/07/04 19:02:20 | 000,050,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\atntwink.sys
[2006/06/22 20:59:15 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/06/13 19:37:25 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\PRTSERV.dll
[2006/06/10 21:56:27 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/10 14:52:51 | 000,000,152 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2006/06/10 14:52:50 | 000,001,337 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2006/06/10 14:52:50 | 000,000,426 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2006/06/10 14:52:50 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7420.dat
[2006/06/10 14:52:50 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2006/06/10 14:52:24 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2006/06/10 14:52:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2006/06/10 14:50:42 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2006/06/10 14:40:44 | 000,000,626 | ---- | C] () -- C:\WINDOWS\hpstatusx.ini
[2006/06/10 14:38:14 | 000,013,364 | ---- | C] () -- C:\WINDOWS\hplj1500.ini
[2006/06/10 14:37:45 | 000,000,372 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2006/06/10 14:37:44 | 000,000,280 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2006/06/10 14:17:45 | 000,000,165 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2006/06/10 10:03:35 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\terri\Local Settings\Application Data\fusioncache.dat
[2006/06/05 20:05:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/05 19:59:33 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/06/05 19:55:39 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/06/05 19:53:59 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/06/05 19:47:51 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/06/05 19:26:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/06/05 19:26:14 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 12:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 11:57:15 | 000,258,248 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 11:51:21 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 11:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 11:51:20 | 000,442,466 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 11:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 11:51:20 | 000,071,732 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 11:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 11:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 11:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 11:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 11:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 11:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 11:51:09 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 11:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 11:50:56 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2003/06/05 06:36:05 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\HPBVNSTP.dll
[2003/06/05 06:36:05 | 000,000,209 | ---- | C] () -- C:\WINDOWS\System32\HPBVNSTP.dat
[2002/03/04 09:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll
[2001/03/22 04:24:22 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\psctsnmp.dll
[1999/01/04 12:25:00 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[1998/11/04 01:20:00 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 60 bytes -> C:\Documents and Settings\All Users\Documents\Wood Duck Collage.jpg:AFP_AfpInfo

< End of report >

________________________________
_________________________________
__________________________________


OTL Extras logfile created on: 11/30/2011 8:24:11 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\terri\My Documents
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.51 Gb Available Physical Memory | 75.65% Memory free
2.58 Gb Paging File | 2.17 Gb Available in Paging File | 84.19% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 108.59 Gb Total Space | 64.94 Gb Free Space | 59.81% Space Free | Partition Type: NTFS
Drive D: | 37.11 Gb Total Space | 37.03 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 249.60 Mb Total Space | 1.12 Mb Free Space | 0.45% Space Free | Partition Type: FAT

Computer Name: TERRIPC | User Name: terri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"443:TCP" = 443:TCP:*:Enabled:ooVoo TCP port 443
"443:UDP" = 443:UDP:*:Enabled:ooVoo UDP port 443
"37674:TCP" = 37674:TCP:*:Enabled:ooVoo TCP port 37674
"37674:UDP" = 37674:UDP:*:Enabled:ooVoo UDP port 37674
"37675:UDP" = 37675:UDP:*:Enabled:ooVoo UDP port 37675

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2006\QBDBMgrN.exe:*:Enabled:QuickBooks 2006 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2007\QBDBMgrN.exe:*:Enabled:QuickBooks 2007 Data Manager -- (iAnywhere Solutions, Inc.)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2010\QBDBMgrN.exe:*:Enabled:QuickBooks 2010 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe" = C:\Program Files\Intuit\QuickBooks 2011\QBDBMgrN.exe:*:Enabled:QuickBooks 2011 Data Manager -- (Intuit, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Documents and Settings\terri\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\terri\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe" = C:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe:*:Enabled:Logitech Updater -- (Logitech, Inc.)
"C:\Program Files\Common Files\Java\Java Update\jaucheck.exe" = C:\Program Files\Common Files\Java\Java Update\jaucheck.exe:*:Enabled:Java™ Update Client Checker -- (Sun Microsystems, Inc.)
"C:\Program Files\Common Files\Java\Java Update\jucheck.exe" = C:\Program Files\Common Files\Java\Java Update\jucheck.exe:*:Enabled:Java™ Update Checker -- (Sun Microsystems, Inc.)
"C:\Program Files\MUSICMATCH\Common\ComponentMgr\MMComponentMgr.exe" = C:\Program Files\MUSICMATCH\Common\ComponentMgr\MMComponentMgr.exe:*:Enabled:Musicmatch Component Manager -- (Musicmatch, Inc.)
"C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe" = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe:*:Enabled:QuickBooks Automatic Update -- (Intuit Inc.)
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware -- (Malwarebytes Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{06A9E630-DBA6-4D92-9DE7-A235AA6496C7}" = QuickBooks
"{0700E22B-A423-40A5-BD20-04BF618CA0F9}" = QuickBooks Premier: Accountant Edition 2010
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{0B325F20-59AD-4D6B-976B-C12E5CD675C7}" = Install Notes
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{11E0AC7D-6823-4F67-865F-EE1C13D28C38}" = QuickBooks Premier: Accountant Edition 2011
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{1265A07C-5B80-4D8C-A076-FD7E2AFE4435}" = HP LaserJet Fonts
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{14374624-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Premier Edition 2005
"{1D70AABC-CB59-4700-A708-EA56D1CA07B0}" = QuickBooks
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{2b02f822-a9b9-458c-80e5-3ea8c0de8471}" = QuickBooks Pro Edition 2004
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB05099-1963-4268-A3BB-9153964750ED}" = XoftSpySE
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{55584E16-4D70-44EE-93DD-F144E8B7D4B7}" = QuickBooks Product Listing Service
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5DB7F50E-0649-4347-B003-8CEFBFB9D9D1}" = hp color LaserJet 1500
"{69B02159-7624-4DBB-B9EE-F933039830AD}" = QuickBooks Premier Edition 2006
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{9068A4FE-BBD5-48BF-96C7-3EA967C71D43}" = User Guide
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B702CCCE-3176-4DBF-B932-D1B8F402F330}" = Digital Content Portal
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E06C8E13-7A8C-434C-8548-34BC4762212D}" = Logitech Harmony Remote Software 7
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"ActiveTouchMeetingClient" = WebEx
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Google Desktop" = Google Desktop
"HP Color LaserJet CP3505" = HP Color LaserJet CP3505
"InfraRecorder" = InfraRecorder
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mirage Driver_is1" = Mirage Driver 1.1
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"Print Server Driver" = Print Server Driver
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/29/2011 9:18:45 AM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 9:19:42 AM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 9:20:23 AM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 9:23:15 AM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.scr, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 9:23:36 AM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.com, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 10:03:23 AM | Computer Name = TERRIPC | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 Professional -- Error 1706. No valid
source could be found for product Microsoft Office 2000 Professional. The Windows
installer cannot continue.

Error - 11/29/2011 12:56:43 PM | Computer Name = TERRIPC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 11/29/2011 1:09:44 PM | Computer Name = TERRIPC | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 Professional -- Error 1706. No valid
source could be found for product Microsoft Office 2000 Professional. The Windows
installer cannot continue.

Error - 11/29/2011 1:22:49 PM | Computer Name = TERRIPC | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.31.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/29/2011 1:59:41 PM | Computer Name = TERRIPC | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Office 2000 Professional -- Error 1706. No valid
source could be found for product Microsoft Office 2000 Professional. The Windows
installer cannot continue.

[ System Events ]
Error - 11/29/2011 6:10:00 PM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/29/2011 6:11:09 PM | Computer Name = TERRIPC | Source = Service Control Manager | ID = 7000
Description = The SAS Core Service service failed to start due to the following
error: %%2

Error - 11/29/2011 6:11:09 PM | Computer Name = TERRIPC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Fips intelppm SASDIFSV SASKUTIL

Error - 11/29/2011 6:34:52 PM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/29/2011 6:34:57 PM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/29/2011 6:39:49 PM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/29/2011 6:41:10 PM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 11/30/2011 9:19:17 AM | Computer Name = TERRIPC | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 11/30/2011 9:20:31 AM | Computer Name = TERRIPC | Source = Service Control Manager | ID = 7000
Description = The SAS Core Service service failed to start due to the following
error: %%2

Error - 11/30/2011 9:20:31 AM | Computer Name = TERRIPC | Source = Service Control Manager | ID = 7000
Description = The Viewpoint Manager Service service failed to start due to the following
error: %%3


< End of report >
  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Before proceeding, disable Ad-Watch and leave it disabled until we're done here. See http://aumha.net/vie...hp?f=43&t=38668

Uninstall:
Java™ 6 Update 24J2SE Runtime Environment 5.0 Update 10- Having an old version of Java on your PC is like having a sign that says infect me -
Java™ 6 Update 2
Java 2 Runtime Environment, SE v1.4.2_03 = Get the latest version at java.com
XoftSpySE - Snake Oil - doesn't really do any good
Adobe Reader 7.0.9 - Old Adobe software is another infection opportunity
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin - Get the latest Adobe software at adobe.com (Reader and Flash)
Search Assist -Adware
SUPERAntiSpyware -broken
LiveUpdate 2.6 (Symantec Corporation) -leftover
Logitech Desktop Messenger -junk

Copy the text in the code box by highlighting and Ctrl + c

:processes
killallprocesses

:OTL
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [XoftSpySE] C:\Program Files\XoftSpySE6\XoftSpySE.exe (ParetoLogic Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
[2011/11/24 09:46:48 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\terri\Local Settings\Application Data\4076ca4d
C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2011/11/28 18:27:23 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\XoftSpySE.lnk
[2011/11/28 18:27:23 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2011/11/28 18:27:22 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\XoftSpySE.job

:files
xcopy %Temp%\smtmp\1 "%AllUsersProfile%\Start Menu" /H /I /S /Y /C
xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C
xcopy %Temp%\smtmp\3 "%AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar" /H /I /S /Y /C
xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C
sc config "Viewpoint Manager Service" start= disabled /c
sc config AppMgmt start= disabled /c
sc config !SASCORE start= disabled /c
     
:Commands
[RESETHOSTS]
[purity]
[Reboot]

then run OTL and Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the Run Fix button at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it to a reply.

Open OTL again and select either the Use SafeList or All option in the Extra Registry group then the Run Scan button. Post the two logs it produces in your next reply.

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



Ron
  • 0

#13
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Ron,

I can't find anything that would indicate that Ad-watch is running. I looked at the link in your post on how to disable it but I don't have it in my system tray and I can't find it anywhere on the computer.

I went ahead and uninstalled the other programs as directed. But will wait to hear from you before moving forward with anything else

Thanks
  • 0

#14
wifeiskillinme

wifeiskillinme

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ron,

forgot to ask. Some of the uninstalls wanted me to reboot the computer. OK to do that before the OTL run?
  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
yes
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP