TechSpot

Virus redirects me from Google "fusionresearch.com" when I click a search result

By lawrierl
Aug 2, 2011
  1. Can anyone help me? When I choose a google search result, I am typically redirected to other sites. It appears that I am mostly redirected to "fusionresearch.com". What can I do to get this off of my computer?

    Thanks,
    Becky Ray
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I guess you missed this sticky:

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ===========================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
     
  3. lawrierl

    lawrierl TS Rookie Topic Starter

    Logs

    You're right! I didn't see the sticky. But no fear, here is the info:

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7360

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    8/2/2011 11:14:03 PM
    mbam-log-2011-08-02 (23-14-03).txt

    Scan type: Quick scan
    Objects scanned: 176054
    Time elapsed: 7 minute(s), 4 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 1
    Registry Data Items Infected: 2
    Folders Infected: 2
    Files Infected: 14

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CLASSES_ROOT\AppID\main.DLL\AppID (Adware.DeepDive) -> Value: AppID -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    c:\program files\screensavers.com (Adware.Comet) -> Quarantined and deleted successfully.
    c:\program files\screensavers.com\wallpaper (Adware.Comet) -> Quarantined and deleted successfully.

    Files Infected:
    c:\documents and settings\localservice\application data\020000002c69f2791406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\documents and settings\localservice\application data\020000002c69f2791406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\documents and settings\localservice\application data\020000002c69f2791406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\documents and settings\localservice\application data\020000002c69f2791406s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\program files\Common\_helper.sig (Malware.Trace) -> Quarantined and deleted successfully.
    c:\program files\Common\helper.sig (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\update.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\020000002c69f2791406c.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\020000002c69f2791406o.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\020000002c69f2791406p.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\020000002c69f2791406s.manifest (Malware.Trace) -> Quarantined and deleted successfully.
    c:\program files\screensavers.com\wallpaper\friday night lights - kyle chandler.jpg (Adware.Comet) -> Quarantined and deleted successfully.
    c:\program files\screensavers.com\wallpaper\greys anatomy - patrick dempsey.jpg (Adware.Comet) -> Quarantined and deleted successfully.
    c:\program files\screensavers.com\wallpaper\scooby-doo - ruh-roh!.jpg (Adware.Comet) -> Quarantined and deleted successfully.
    ____________________________________________________________

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2011-08-02 23:37:32
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 ST3200822AS rev.3.02
    Running: k7y49u7m.exe; Driver: C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\uxldypod.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- EOF - GMER 1.0.15 ----

    ______________________________________________________________

    dds.txt
    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
    Run by HP_Owner at 23:41:39 on 2011-08-02
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1350 [GMT -4:00]
    .
    AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Disabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
    C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
    c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\utildll32.exe
    C:\WINDOWS\system32\iplPX32.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
    C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\Imgtask.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\ALCWZRD.EXE
    C:\WINDOWS\ALCMTR.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.facebook.com/?ref=hp
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = localhost;*.local
    uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.5\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
    BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
    TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
    TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.5\CoIEPlg.dll
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    TB: {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\HOMERunner.exe"
    mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
    mRun: [VTTimer] VTTimer.exe
    mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
    mRun: [SoundMan] SOUNDMAN.EXE
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
    mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"
    mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
    mRun: [KBD] c:\hp\kbd\KBD.EXE
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
    mRun: [ImgTask] c:\windows\Imgtask.exe
    mRun: [IcoSet] c:\hp\bin\cloaker.exe c:\hp\bin\icoset\adjust.bat seticon
    mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe
    mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
    mRun: [AlcxMonitor] ALCXMNTR.EXE
    mRun: [AlcWzrd] ALCWZRD.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\totalm~1.lnk - c:\program files\arcsoft\totalmedia backup\uBBMonitor.exe
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    Trusted Zone: fredericks.com\secureweb
    Trusted Zone: limewire.com\www
    Trusted Zone: weightwatchers.com\www
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} - hxxp://www2.snapfish.com/SnapfishOutlookImport.cab
    DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} - hxxp://www.stonyfield.com/coupons/scriptX/smsx.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {1E2941E3-8E63-11D4-9D5A-00902742D6E0} - hxxps://gateway.kroger.com/iNotes.cab,DanaInfo=a060mail01.kroger.com,CT=java+
    DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - hxxp://www.symantec.com/techsupp/asa/LSSupCtl.cab
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab
    DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxps://gateway.kroger.com/iNotes6W.cab,DanaInfo=a060mail01.kroger.com,CT=java+
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
    DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://www.tastefullysimple.com/Reports/Reserved.ReportViewerWebControl.axd?ReportSession=u4mpvyiw2mxh4evipiyexs45&ControlID=25dfa460a683442fb73ea5f3e6c68b21&Culture=1033&UICulture=1033&ReportStack=1&OpType=PrintCab
    DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
    DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} - hxxp://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
    DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
    DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://www.slide.com/uploader/SlideImageUploader.cab
    DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
    DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {819EDD4C-7EB6-4D97-B831-D68B57E7D3ED} - hxxp://www.dynacal.com/wyncs/Wyncs.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - hxxp://a19.g.akamai.net/7/19/7125/4056/ftp.coupons.com/r3302/cpbrkpie.cab
    DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
    DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
    DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cab
    DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - hxxps://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
    DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} - hxxp://a248.e.akamai.net/f/248/5462/2h/www.symantecstore.com/v2.0-img/operations/symbizpr/xcontrol/SymDlBrg.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
    DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/asa/SymAData.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} - hxxp://zone.msn.com/bingame/feed/default/SproutLauncher.cab
    DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.pogo.com/game/deluxe/insaniquarium/popcaploader_v6.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab
    DPF: {ED28050F-D713-43BA-A376-DCC5C35407D5} - hxxp://entimg.msn.com/client/msnmusax2918.cab
    TCP: DhcpNameServer = 192.168.200.1
    TCP: Interfaces\{30A29FCF-D878-46B2-AF60-5EA4FF3D53D2} : DhcpNameServer = 192.168.200.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxsrvc.dll
    AppInit_DLLs: c:\windows\system32\ksuser32.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\hp_owner\application data\mozilla\firefox\profiles\n7jm6atz.default\
    FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
    FF - plugin: c:\documents and settings\hp_owner\local settings\application data\robloxversions\version-5ce51d8367464075\NPRobloxProxy.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
    FF - plugin: c:\program files\nos\bin\np_gp.dll
    FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
    R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2007-8-25 211816]
    R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
    R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]
    R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-1-25 149352]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-2 366640]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-10-4 583640]
    R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2005-3-21 1245064]
    R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
    R2 winmgmt32;Windows Management Instrumentation ;c:\windows\system32\utildll32.exe [2011-7-28 764928]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-7-30 105592]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-2 22712]
    R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110802.024\NAVENG.SYS [2011-8-2 86008]
    R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110802.024\NAVEX15.SYS [2011-8-2 1542392]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-30 133104]
    S2 gupdate1ca10ca6b58e3ca;Google Update Service (gupdate1ca10ca6b58e3ca);c:\program files\google\update\GoogleUpdate.exe [2009-7-30 133104]
    S3 cdiskdun;cdiskdun;\??\c:\docume~1\hp_owner\locals~1\temp\cdiskdun.sys --> c:\docume~1\hp_owner\locals~1\temp\cdiskdun.sys [?]
    S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
    S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2007-6-19 18560]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-30 133104]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-8-2 41272]
    .
    =============== Created Last 30 ================
    .
    2011-08-03 03:14:54 345600 ----a-w- c:\windows\system32\audiodev32.dll
    2011-08-02 22:36:43 -------- d-----w- c:\documents and settings\hp_owner\application data\Malwarebytes
    2011-08-02 22:36:31 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-08-02 22:36:30 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-08-02 22:36:26 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-08-02 22:36:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-07-30 17:16:02 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-07-30 17:16:01 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-07-30 17:16:01 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-07-30 17:16:01 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
    2011-07-30 17:16:01 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-07-30 17:16:01 1850328 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-07-30 17:16:01 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
    2011-07-30 17:16:01 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-07-30 17:16:00 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
    2011-07-30 17:16:00 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
    2011-07-28 23:46:48 0 ---ha-w- c:\documents and settings\hp_owner\tlbkepswgk.tmp
    2011-07-28 21:42:23 764928 ----a-w- c:\windows\system32\iplPX32.exe
    2011-07-28 21:42:22 161280 ----a-w- c:\windows\system32\ksuser32.dll
    2011-07-28 21:42:19 764928 ----a-w- c:\windows\system32\utildll32.exe
    2011-07-26 06:19:23 6881616 ----a-w- c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{fc97f8a1-8b9d-4083-86e1-8286a6cf05d0}\mpengine.dll
    .
    ==================== Find3M ====================
    .
    2011-06-07 15:12:57 85600 ----a-w- c:\windows\~GLC0002.TMP
    2011-06-02 14:02:05 1858944 ----a-w- c:\windows\system32\win32k.sys
    2011-05-24 23:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
    .
    ============= FINISH: 23:42:39.06 ===============
    _____________________________________________________________
    attach.txt

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-23.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 3/21/2005 6:51:47 PM
    System Uptime: 8/2/2011 11:15:31 PM (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. | | Goldfish2
    Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | CPU 1 | 3000/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 180 GiB total, 90.23 GiB free.
    D: is FIXED (FAT32) - 6 GiB total, 0.593 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    H: is Removable
    I: is Removable
    J: is Removable
    K: is Removable
    L: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E96D-E325-11CE-BFC1-08002BE10318}
    Description: Agere Systems PCI Soft Modem
    Device ID: PCI\VEN_11C1&DEV_048C&SUBSYS_044C11C1&REV_03\4&2E9A5DB2&0&28F0
    Manufacturer: Agere
    Name: Agere Systems PCI Soft Modem
    PNP Device ID: PCI\VEN_11C1&DEV_048C&SUBSYS_044C11C1&REV_03\4&2E9A5DB2&0&28F0
    Service: Modem
    .
    ==== System Restore Points ===================
    .
    RP2340: 7/17/2011 11:37:15 PM - System Checkpoint
    RP2341: 3/18/2011 9:01:25 PM - System Checkpoint
    RP2342: 3/19/2011 2:28:19 AM - Software Distribution Service 3.0
    RP2343: 3/20/2011 3:43:20 AM - System Checkpoint
    RP2344: 3/21/2011 4:28:45 AM - System Checkpoint
    RP2345: 3/22/2011 2:28:26 AM - Software Distribution Service 3.0
    RP2346: 3/23/2011 3:06:55 AM - System Checkpoint
    RP2347: 3/24/2011 3:18:50 AM - System Checkpoint
    RP2348: 3/25/2011 2:28:20 AM - Software Distribution Service 3.0
    RP2349: 3/26/2011 3:18:59 AM - System Checkpoint
    RP2350: 3/27/2011 4:30:57 AM - System Checkpoint
    RP2351: 3/28/2011 5:42:57 AM - System Checkpoint
    RP2352: 3/29/2011 2:28:21 AM - Software Distribution Service 3.0
    RP2353: 3/30/2011 2:42:57 AM - System Checkpoint
    RP2354: 3/31/2011 4:44:25 AM - System Checkpoint
    RP2355: 4/1/2011 2:28:21 AM - Software Distribution Service 3.0
    RP2356: 4/2/2011 3:30:58 AM - System Checkpoint
    RP2357: 4/3/2011 4:18:57 AM - System Checkpoint
    RP2358: 4/4/2011 3:00:17 AM - Software Distribution Service 3.0
    RP2359: 4/5/2011 3:51:03 AM - System Checkpoint
    RP2360: 4/5/2011 10:52:24 AM - Software Distribution Service 3.0
    RP2361: 4/6/2011 4:33:55 PM - System Checkpoint
    RP2362: 4/7/2011 4:41:07 PM - System Checkpoint
    RP2363: 4/8/2011 2:31:22 PM - Software Distribution Service 3.0
    RP2364: 4/9/2011 4:06:46 PM - System Checkpoint
    RP2365: 4/10/2011 5:51:16 PM - System Checkpoint
    RP2366: 4/11/2011 6:41:47 PM - System Checkpoint
    RP2367: 4/12/2011 2:51:27 PM - Software Distribution Service 3.0
    RP2368: 4/13/2011 3:00:37 AM - Software Distribution Service 3.0
    RP2369: 4/14/2011 3:36:53 AM - System Checkpoint
    RP2370: 4/15/2011 1:46:17 AM - Software Distribution Service 3.0
    RP2371: 4/16/2011 2:24:53 AM - System Checkpoint
    RP2372: 4/17/2011 3:12:53 AM - System Checkpoint
    RP2373: 4/18/2011 3:37:22 AM - System Checkpoint
    RP2374: 4/20/2011 3:12:17 PM - Software Distribution Service 3.0
    RP2375: 4/21/2011 3:00:17 AM - Software Distribution Service 3.0
    RP2376: 4/22/2011 2:08:15 AM - Software Distribution Service 3.0
    RP2377: 4/23/2011 2:58:09 AM - System Checkpoint
    RP2378: 4/24/2011 4:46:11 AM - System Checkpoint
    RP2379: 4/25/2011 6:45:08 AM - System Checkpoint
    RP2380: 4/26/2011 2:08:21 AM - Software Distribution Service 3.0
    RP2381: 4/27/2011 3:00:17 AM - Software Distribution Service 3.0
    RP2382: 4/28/2011 4:47:44 AM - System Checkpoint
    RP2383: 4/29/2011 2:08:21 AM - Software Distribution Service 3.0
    RP2384: 4/30/2011 2:23:50 AM - System Checkpoint
    RP2385: 5/1/2011 2:46:15 AM - System Checkpoint
    RP2386: 5/2/2011 3:33:16 AM - System Checkpoint
    RP2387: 5/3/2011 2:08:19 AM - Software Distribution Service 3.0
    RP2388: 5/3/2011 3:47:13 PM - Norton_Power_Eraser_20110503154706968
    RP2389: 5/4/2011 4:20:42 PM - System Checkpoint
    RP2390: 5/5/2011 7:25:47 PM - System Checkpoint
    RP2391: 5/6/2011 2:18:16 AM - Software Distribution Service 3.0
    RP2392: 5/7/2011 2:47:46 AM - System Checkpoint
    RP2393: 5/8/2011 7:15:43 AM - System Checkpoint
    RP2394: 5/9/2011 7:24:45 AM - System Checkpoint
    RP2395: 5/10/2011 2:18:24 AM - Software Distribution Service 3.0
    RP2396: 5/11/2011 3:00:32 AM - Software Distribution Service 3.0
    RP2397: 5/12/2011 4:35:46 AM - System Checkpoint
    RP2398: 5/13/2011 2:18:23 AM - Software Distribution Service 3.0
    RP2399: 5/14/2011 2:23:50 AM - System Checkpoint
    RP2400: 5/15/2011 3:35:50 AM - System Checkpoint
    RP2401: 5/16/2011 5:13:49 AM - System Checkpoint
    RP2402: 5/17/2011 2:18:24 AM - Software Distribution Service 3.0
    RP2403: 5/18/2011 3:23:50 AM - System Checkpoint
    RP2404: 5/19/2011 3:47:49 AM - System Checkpoint
    RP2405: 5/20/2011 2:18:21 AM - Software Distribution Service 3.0
    RP2406: 5/21/2011 3:35:54 AM - System Checkpoint
    RP2407: 5/22/2011 4:23:54 AM - System Checkpoint
    RP2408: 5/23/2011 8:03:21 AM - System Checkpoint
    RP2409: 5/24/2011 2:18:06 AM - Software Distribution Service 3.0
    RP2410: 5/25/2011 2:22:35 AM - System Checkpoint
    RP2411: 5/26/2011 2:59:55 AM - System Checkpoint
    RP2412: 5/27/2011 8:55:52 AM - System Checkpoint
    RP2413: 5/27/2011 9:29:59 AM - Software Distribution Service 3.0
    RP2414: 5/28/2011 9:38:21 AM - System Checkpoint
    RP2415: 5/29/2011 11:47:01 AM - System Checkpoint
    RP2416: 5/30/2011 11:59:55 AM - System Checkpoint
    RP2417: 5/31/2011 2:18:22 AM - Software Distribution Service 3.0
    RP2418: 6/1/2011 2:47:54 AM - System Checkpoint
    RP2419: 6/2/2011 3:59:53 AM - System Checkpoint
    RP2420: 6/3/2011 2:18:06 AM - Software Distribution Service 3.0
    RP2421: 6/4/2011 2:28:19 AM - System Checkpoint
    RP2422: 6/5/2011 2:36:02 AM - System Checkpoint
    RP2423: 6/6/2011 3:12:02 AM - System Checkpoint
    RP2424: 6/7/2011 2:18:28 AM - Software Distribution Service 3.0
    RP2425: 6/8/2011 3:12:03 AM - System Checkpoint
    RP2426: 6/9/2011 4:48:02 AM - System Checkpoint
    RP2427: 6/10/2011 2:10:17 AM - Software Distribution Service 3.0
    RP2428: 6/11/2011 2:48:50 AM - System Checkpoint
    RP2429: 6/12/2011 4:34:47 AM - System Checkpoint
    RP2430: 6/13/2011 4:46:18 AM - System Checkpoint
    RP2431: 6/14/2011 2:10:21 AM - Software Distribution Service 3.0
    RP2432: 6/15/2011 5:32:41 AM - System Checkpoint
    RP2433: 6/16/2011 3:00:36 AM - Software Distribution Service 3.0
    RP2434: 6/17/2011 2:05:19 AM - Software Distribution Service 3.0
    RP2435: 6/18/2011 3:32:47 AM - System Checkpoint
    RP2436: 6/19/2011 5:39:33 AM - System Checkpoint
    RP2437: 6/20/2011 8:03:50 AM - System Checkpoint
    RP2438: 6/21/2011 2:05:32 AM - Software Distribution Service 3.0
    RP2439: 6/22/2011 4:46:04 PM - System Checkpoint
    RP2440: 6/23/2011 5:33:50 PM - System Checkpoint
    RP2441: 6/24/2011 2:05:24 AM - Software Distribution Service 3.0
    RP2442: 6/25/2011 8:29:56 AM - System Checkpoint
    RP2443: 6/26/2011 9:04:59 AM - System Checkpoint
    RP2444: 6/27/2011 10:03:11 AM - System Checkpoint
    RP2445: 6/28/2011 2:05:12 AM - Software Distribution Service 3.0
    RP2446: 6/29/2011 3:00:17 AM - Software Distribution Service 3.0
    RP2447: 6/30/2011 3:34:00 AM - System Checkpoint
    RP2448: 7/1/2011 2:28:26 AM - Software Distribution Service 3.0
    RP2449: 7/2/2011 3:10:00 AM - System Checkpoint
    RP2450: 7/3/2011 3:22:00 AM - System Checkpoint
    RP2451: 7/4/2011 3:46:04 AM - System Checkpoint
    RP2452: 7/5/2011 2:28:17 AM - Software Distribution Service 3.0
    RP2453: 7/6/2011 2:46:04 AM - System Checkpoint
    RP2454: 7/7/2011 3:34:03 AM - System Checkpoint
    RP2455: 7/8/2011 2:28:15 AM - Software Distribution Service 3.0
    RP2456: 7/9/2011 3:10:04 AM - System Checkpoint
    RP2457: 7/10/2011 3:48:03 AM - System Checkpoint
    RP2458: 7/11/2011 4:10:07 AM - System Checkpoint
    RP2459: 7/12/2011 2:28:27 AM - Software Distribution Service 3.0
    RP2460: 7/13/2011 3:00:29 AM - Software Distribution Service 3.0
    RP2461: 7/14/2011 3:39:44 AM - System Checkpoint
    RP2462: 7/15/2011 2:08:21 AM - Software Distribution Service 3.0
    RP2463: 7/16/2011 2:51:45 AM - System Checkpoint
    RP2464: 7/17/2011 3:20:41 AM - System Checkpoint
    RP2465: 7/18/2011 3:27:49 AM - System Checkpoint
    RP2466: 7/19/2011 4:39:49 AM - System Checkpoint
    RP2467: 7/19/2011 9:25:11 PM - Software Distribution Service 3.0
    RP2468: 7/20/2011 10:37:04 PM - System Checkpoint
    RP2469: 7/22/2011 1:14:04 AM - System Checkpoint
    RP2470: 7/22/2011 2:19:28 AM - Software Distribution Service 3.0
    RP2471: 7/23/2011 2:34:36 AM - System Checkpoint
    RP2472: 7/24/2011 2:46:37 AM - System Checkpoint
    RP2473: 7/25/2011 4:58:48 AM - System Checkpoint
    RP2474: 7/26/2011 2:19:19 AM - Software Distribution Service 3.0
    RP2475: 7/27/2011 4:11:13 AM - System Checkpoint
    RP2476: 7/28/2011 4:58:40 AM - System Checkpoint
    RP2477: 7/28/2011 7:36:15 PM - Software Distribution Service 3.0
    RP2478: 7/28/2011 7:48:10 PM - Removed Star Wars®: Knights of the Old Republic (TM)
    RP2479: 7/29/2011 2:19:19 AM - Software Distribution Service 3.0
    RP2480: 7/29/2011 5:16:57 AM - Software Distribution Service 3.0
    RP2481: 7/29/2011 11:10:55 PM - Software Distribution Service 3.0
    RP2482: 7/30/2011 2:18:21 AM - Software Distribution Service 3.0
    RP2483: 7/30/2011 12:49:17 PM - Removed Business Contact Manager for Outlook 2003
    RP2484: 7/30/2011 12:52:54 PM - Removed Google Earth Plug-in.
    RP2485: 7/30/2011 12:54:50 PM - Removed Microsoft Money Shared Libraries
    RP2486: 7/30/2011 7:54:26 PM - Software Distribution Service 3.0
    RP2487: 7/31/2011 1:41:21 AM - Software Distribution Service 3.0
    RP2488: 7/31/2011 2:39:52 PM - Software Distribution Service 3.0
    RP2489: 8/1/2011 1:41:21 AM - Software Distribution Service 3.0
    RP2490: 8/1/2011 10:13:42 AM - Software Distribution Service 3.0
    RP2491: 8/2/2011 1:42:14 AM - Software Distribution Service 3.0
    RP2492: 8/2/2011 8:06:49 AM - Software Distribution Service 3.0
    .
    ==== Installed Programs ======================
    .
    1600
    1600_Help
    1600Trb
    3ivx MPEG-4 5.0.3 (remove only)
    Adobe Acrobat 5.0
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.4.5
    Adobe Shockwave Player 11.5
    Agere Systems PCI Soft Modem
    AiO_Scan
    AiOSoftware
    Airport Mania
    AppCore
    Apple Application Support
    Apple Software Update
    ArcSoft PhotoImpression 5
    ArcSoft PhotoPrinter 5
    ArcSoft TotalMedia Backup
    Boggle Supreme
    Bonjour
    Bonus
    BufferChm
    CameraDrivers
    CC_ccProxyExt
    ccCommon
    CCleaner (remove only)
    ccPxyCore
    CCScore
    CIB
    Compatibility Pack for the 2007 Office system
    Component Framework
    Copy
    CP_AtenaShokunin1Config
    cp_dwShrek2Albums1
    cp_dwShrek2Cards1
    Creating Keepsakes Scrapbook Designer
    CreativeProjects
    CreativeProjectsTemplates
    CueTour
    DB CIF Cam
    Dell Digital Jukebox Driver
    Destinations
    Director
    DocProc
    DocumentViewer
    Easy MPEG/AVI/DIVX/WMV/RM to DVD 2.0.17
    Enhanced Multimedia Keyboard Solution
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    Fax
    fflink
    FlipShare
    GdiplusUpgrade
    Google Update Helper
    Help and Support Additions
    Hotfix for Windows Internet Explorer 7 (KB947864)
    HP Extended Capabilities 4.7
    HP Image Zone 4.7
    HP Image Zone Plus 4.2.3
    HP Organize
    HP Photosmart Cameras 4.0
    HP Product Assistant
    HP PSC & OfficeJet 4.7
    HP Software Update
    HPIZ423
    HpSdpAppCoreApp
    HPSystemDiagnostics
    InstantShare
    Intel(R) Graphics Media Accelerator Driver
    IntelliMover Data Transfer Demo
    Intellisync Lite
    InterActual Player
    InterVideo DiscLabel
    InterVideo WinDVD Creator
    InterVideo WinDVD Player
    iTunes
    J2SE Runtime Environment 5.0 Update 11
    J2SE Runtime Environment 5.0 Update 8
    J2SE Runtime Environment 5.0 Update 9
    Java 2 Runtime Environment, SE v1.4.2_03
    Java(TM) 6 Update 15
    Java(TM) SE Runtime Environment 6 Update 1
    Jobulator
    Juniper Networks Cache Cleaner 6.2.0
    Juniper Networks Host Checker
    Juniper Terminal Services Client
    kgcbaby
    kgcbase
    kgchday
    kgchlwn
    kgcinvt
    kgckids
    kgcmove
    kgcvday
    KODAK EASYSHARE Gallery Upload ActiveX Control
    Kodak EasyShare software
    LeapFrog Connect
    LeapFrog Tag Plugin
    LiveUpdate (Symantec Corporation)
    LiveUpdate Notice (Symantec Corporation)
    LP_Flash
    LS_HSI
    Malwarebytes' Anti-Malware version 1.51.1.1800
    MarketResearch
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2416447)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office File Validation Add-In
    Microsoft Office Professional Edition 2003
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Web Publishing Wizard 1.52
    Mozilla Firefox 5.0.1 (x86 en-US)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee autoProducer 3.5 magicMoments - HPD
    netbrdg
    Norton Add-on Pack (Symantec Corporation)
    Norton AntiSpam
    Norton AntiVirus
    Norton AntiVirus Help
    Norton Confidential Core
    Norton Internet Security
    Norton Internet Security (Symantec Corporation)
    Norton Protection Center
    OfotoXMI
    OverDrive Media Console
    PanoStandAlone
    Pharaoh and Cleopatra
    PhotoGallery
    PictureGear 4.6Lite
    PrintScreen
    ProductContext
    QFolder
    QuickProjects
    QuickTime
    Readme
    RealPlayer
    Registry Mechanic 10.0
    Roblox for HP_Owner
    Safari
    Sandlot Games Client Services
    Scan
    ScannerCopy
    sd_gs_saver1 Screen Saver
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2497640)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB923689)
    SFR
    SFR2
    SHASTA
    skin0001
    SkinsHP1
    SKINXSDK
    Skype Toolbars
    Skype™ 5.0
    Sonic Express Labeler
    Sonic RecordNow!
    Sonic Update Manager
    SPBBC 32bit
    staticcr
    Super Collapse II
    Symantec Real Time Storage Protection Component
    SymNet
    TomTom HOME 2.5.1.36
    tooltips
    TrayApp
    Unity Web Player
    Unload
    Update for Windows Internet Explorer 8 (KB968220)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Updates from HP
    Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
    VPRINTOL
    WebFldrs XP
    WebIQ Client Software
    WebReg
    Windows Defender
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WIRELESS
    World of Warcraft
    Write Me a Memory Font CD
    ZoomTown Software
    .
    ==== Event Viewer Messages From Past Week ========
    .
    8/2/2011 6:54:22 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: fasttx2k SISAGP viaagp1
    8/2/2011 1:42:47 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.109.869.0).
    7/30/2011 12:58:46 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000007F' while processing the file 'desktop.ini' on the volume 'HarddiskVolume3'. It has stopped monitoring the volume.
    7/30/2011 12:36:44 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the FlipShare Server service to connect.
    7/30/2011 12:36:32 PM, error: Service Control Manager [7031] - The FlipShare Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    7/30/2011 12:36:17 PM, error: Service Control Manager [7034] - The FlipShare Service service terminated unexpectedly. It has done this 1 time(s).
    7/29/2011 2:19:55 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.109.625.0).
    .
    ==== End Of File ===========================
     
  4. lawrierl

    lawrierl TS Rookie Topic Starter

    Update

    Hi! I am not pressuring you in any way, but I don't want my thread to be closed so I just wanted to give you an update on my status. I will be monitoring this site today but I will be unavailable after today until August 14. We are still having this problem so I want to continue working with you. I am hoping this will prevent my thread from being closed. Thanks!

    Becky
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Thank you Becky. I'll leave a note at the end to keep the thread open.

    Please remove all of these from the Trusted Zone:
    Trusted Zone: fredericks.com\secureweb
    Trusted Zone: limewire.com\www
    Trusted Zone: weightwatchers.com\www
    Nothing needs to be in this zone. It's a marketing ploy to allow promotional and other mail from them into the system. The security is lower in this zone- and you most surely don't want LimeWire there!
    =====================================
    P2P Warning:
    Note: Even if you are using a "safe" P2P program, it is only the program that is safe. The use of LimeWire and any pther file sharing program will assure you of malware. I suggest that you uninstall LimeWire for the following reasons:
    • As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
    • Malware writers use these program to include malicious content.
    • File sharing is usually unmonitored and there is a danger that your private files might be accessed.
    • The 'sharing' also includes malware that the shared system has on it.
    • Files that are illegal can be spread through file sharing.
    Please read the information on P2P Warning to help you better understand these dangers.
    =========================================
    You have 6 outdated versions of Java- all vulnerabilities
    The best way to handle that is to run the following: Note: I do not want this log!

    Please download JavaRa and unzip it to your desktop.

    Important!***Please close any instances of Internet Explorer before continuing!***
    • Double-click on JavaRa.exe to start the program.
    • From the drop-down menu, choose English and click on Select.
    • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
    • Click Yes when prompted. When JavaRa is done, a notice will appear that
      a logfile has been produced. Click OK.
    • A logfile will pop up. Please save it to a convenient location.Note: Do not leave this log.
    Download and install then most current version and update of Java RuntimeEnvironment (JRE)HERE.
    Note: Uncheck 'Install Yahoo Toolbar' on the download screen before you do the update.
    ===========================================
    Do this after you have run JavaRa and then updated Java and rebooted
    You will most surely have malware in the Java cache, so you should go ahead and empty it:
    To clear the Java Plug-in cache:

    • [1]. Click Start > Control Panel.
      [2]. Double-click the Java icon in the control panel. [​IMG] The Java Control Panel appears.
      [​IMG]
      [3].Click Settings under Temporary Internet Files.The Temporary Files Settings dialog box appears.
      [​IMG]
      [4] Click Delete Files.The Delete Temporary Files dialog box appears.
      [​IMG]
      [5]. Click OK on Delete Temporary Files window.
      Note: This deletes all the Downloaded Applications and Applets from the cache.
      [6]. Click Apply> OK on Temporary Files Settings window.
    Images courtesy java.com
    =========================================
    Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.

    Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
    Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
    =================================================
    Please leave the Combofix log in your next reply.

    (OT- leave open 8/14)
     
  6. lawrierl

    lawrierl TS Rookie Topic Starter

    Here is the Combofix log! Thanks for the help!!!
    Becky

    ComboFix 11-08-15.04 - HP_Owner 08/14/2011 15:44:42.2.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1189 [GMT -4:00]
    Running from: c:\documents and settings\HP_Owner\My Documents\Downloads\ComboFix.exe
    AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406C.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406O.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406P.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406S.manifest
    .
    ---- Previous Run -------
    .
    c:\documents and settings\Default User\WINDOWS
    c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\extensions\{5d0e1cad-c768-4012-b7be-553f1bbdfae2}
    c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\extensions\{5d0e1cad-c768-4012-b7be-553f1bbdfae2}\chrome.manifest
    c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\extensions\{5d0e1cad-c768-4012-b7be-553f1bbdfae2}\chrome\xulcache.jar
    c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\extensions\{5d0e1cad-c768-4012-b7be-553f1bbdfae2}\defaults\preferences\xulcache.js
    c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\extensions\{5d0e1cad-c768-4012-b7be-553f1bbdfae2}\install.rdf
    c:\documents and settings\HP_Owner\tlbkepswgk.tmp
    c:\documents and settings\HP_Owner\WINDOWS
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406C.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406O.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406P.manifest
    c:\documents and settings\LocalService\Application Data\020000002c69f2791406S.manifest
    c:\program files\Common
    c:\windows\Downloaded Program Files\popcaploader.inf
    c:\windows\Imgtask.exe
    c:\windows\system32\BSTIEPrintCtl1.dll
    c:\windows\system32\config\systemprofile\WINDOWS
    c:\windows\system32\no
    D:\Autorun.inf
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-07-14 to 2011-08-14 )))))))))))))))))))))))))))))))
    .
    .
    2011-08-14 18:49 . 2011-08-14 18:48 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-08-14 13:03 . 2011-08-14 13:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-08-14 13:03 . 2011-08-14 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
    2011-08-14 13:03 . 2011-08-14 13:03 -------- d-----w- c:\program files\McAfee Security Scan
    2011-08-14 00:38 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
    2011-08-14 00:37 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
    2011-08-03 03:48 . 2011-08-14 18:48 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
    2011-08-03 03:48 . 2011-08-14 18:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-08-03 03:14 . 2011-08-03 03:14 345600 ----a-w- c:\windows\system32\audiodev32.dll
    2011-08-02 22:36 . 2011-08-02 22:36 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\Malwarebytes
    2011-08-02 22:36 . 2011-07-06 23:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-08-02 22:36 . 2011-08-02 22:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2011-08-02 22:36 . 2011-08-02 22:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-08-02 22:36 . 2011-07-06 23:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-07-30 17:16 . 2011-07-08 07:16 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
    2011-07-30 17:16 . 2011-07-08 07:16 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
    2011-07-30 17:16 . 2011-07-08 07:16 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
    2011-07-30 17:16 . 2011-07-08 07:16 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
    2011-07-30 17:16 . 2011-07-08 07:16 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
    2011-07-30 17:16 . 2011-07-08 07:16 1850328 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
    2011-07-30 17:16 . 2011-07-08 07:16 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
    2011-07-30 17:16 . 2011-07-08 07:16 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
    2011-07-30 17:16 . 2010-01-01 08:00 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
    2011-07-30 17:16 . 2010-01-01 08:00 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
    2011-07-29 23:04 . 2011-07-29 23:07 -------- d-----w- c:\documents and settings\HP_Owner\Application Data\U3
    2011-07-28 21:42 . 2011-07-28 21:42 764928 ----a-w- c:\windows\system32\iplPX32.exe
    2011-07-28 21:42 . 2011-07-28 21:42 161280 ----a-w- c:\windows\system32\ksuser32.dll
    2011-07-28 21:42 . 2011-07-28 21:42 764928 ----a-w- c:\windows\system32\utildll32.exe
    2011-07-26 06:19 . 2011-07-13 03:39 6881616 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{FC97F8A1-8B9D-4083-86E1-8286A6CF05D0}\mpengine.dll
    2011-07-21 19:49 . 2011-07-21 19:49 -------- d-----w- c:\program files\Apple Software Update
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-07-15 13:29 . 2004-11-03 18:50 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2011-07-13 03:39 . 2009-07-19 19:25 6881616 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-07-08 14:02 . 2004-11-03 18:50 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
    2011-06-24 14:10 . 2004-11-03 18:50 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2011-06-23 18:36 . 2004-11-03 18:52 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-06-23 18:36 . 2004-11-03 18:50 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-06-23 18:36 . 2004-11-03 18:50 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-06-23 12:05 . 2004-11-03 18:50 385024 ----a-w- c:\windows\system32\html.iec
    2011-06-20 17:44 . 2004-11-03 18:52 293376 ----a-w- c:\windows\system32\winsrv.dll
    2011-06-07 15:12 . 2011-06-07 15:12 85600 ----a-w- c:\windows\~GLC0002.TMP
    2011-06-02 14:02 . 2004-11-03 18:52 1858944 ----a-w- c:\windows\system32\win32k.sys
    2011-05-24 23:14 . 2009-10-03 01:49 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-07-08 07:16 . 2011-07-30 17:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-08-14_19.17.28 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2011-08-14 19:31 . 2011-08-14 19:31 16384 c:\windows\Temp\Perflib_Perfdata_1b0.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-11-27 234856]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"="VTTimer.exe" [BU]
    "UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2004-10-22 180269]
    "SoundMan"="SOUNDMAN.EXE" [2005-04-06 90112]
    "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-15 233472]
    "osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
    "Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-09-28 185688]
    "LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 253952]
    "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
    "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-04-17 196608]
    "IcoSet"="c:\hp\bin\cloaker.exe" [1999-11-07 27136]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 176128]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-08 57344]
    "AlcWzrd"="ALCWZRD.EXE" [2005-04-06 2805248]
    "AGRSMMSG"="AGRSMMSG.exe" [2005-03-04 88209]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-23 39264]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
    HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
    TotalMedia Backup Monitor.lnk - c:\program files\ArcSoft\TotalMedia Backup\uBBMonitor.exe [2010-11-26 331776]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\system32\ksuser32.dll
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^HP_Owner^Start Menu^Programs^Startup^Jobulator.lnk]
    path=c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\Jobulator.lnk
    backup=c:\windows\pss\Jobulator.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
    2010-10-28 00:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
    2004-08-21 05:51 118784 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    2011-01-25 20:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    2010-10-11 21:49 14940040 ----a-r- c:\program files\Skype\Phone\Skype.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\documents and settings\HP_Owner\Application Data\Facebook\facebook.exe"= c:\documents and settings\HP_Owner\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook
    "c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
    "c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "24726:TCP"= 24726:TCP:FlipShareServer
    "24727:TCP"= 24727:TCP:FlipShareServer
    .
    R2 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [5/6/2011 12:58 PM 1085440]
    R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [1/25/2008 9:47 PM 149352]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/2/2011 6:36 PM 366640]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [10/4/2010 9:06 PM 583640]
    R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
    R2 winmgmt32;Windows Management Instrumentation ;c:\windows\system32\utildll32.exe [7/28/2011 5:42 PM 764928]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/30/2011 12:33 PM 105592]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/2/2011 6:36 PM 22712]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/30/2009 12:01 AM 133104]
    S2 gupdate1ca10ca6b58e3ca;Google Update Service (gupdate1ca10ca6b58e3ca);c:\program files\Google\Update\GoogleUpdate.exe [7/30/2009 12:01 AM 133104]
    S3 cdiskdun;cdiskdun;\??\c:\docume~1\HP_Owner\LOCALS~1\Temp\cdiskdun.sys --> c:\docume~1\HP_Owner\LOCALS~1\Temp\cdiskdun.sys [?]
    S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [1/12/2008 10:32 PM 23888]
    S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [6/19/2007 2:21 AM 18560]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/30/2009 12:01 AM 133104]
    S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8/2/2011 6:36 PM 41272]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 8:49 AM 227232]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - COMHOST
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-08-03 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
    .
    2011-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-30 04:01]
    .
    2011-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-30 04:01]
    .
    2011-08-14 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
    .
    2011-08-02 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - HP_Owner.job
    - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 14:05]
    .
    2011-08-14 c:\windows\Tasks\User_Feed_Synchronization-{127E4DCF-4630-4D04-9455-45FB47CD677A}.job
    - c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.facebook.com/?ref=hp
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = localhost;*.local
    uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.200.1
    DPF: {26B2A5DA-BFD6-422F-A89A-28A54C74B12B} - hxxp://www.costcophotocenter.com/upload/activex/v3_0_0_4/PhotoCenter_ActiveX_Control.cab
    DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://www.tastefullysimple.com/Reports/Reserved.ReportViewerWebControl.axd?ReportSession=u4mpvyiw2mxh4evipiyexs45&ControlID=25dfa460a683442fb73ea5f3e6c68b21&Culture=1033&UICulture=1033&ReportStack=1&OpType=PrintCab
    DPF: {819EDD4C-7EB6-4D97-B831-D68B57E7D3ED} - hxxp://www.dynacal.com/wyncs/Wyncs.cab
    DPF: {A084A130-28AE-4B32-B51A-1C8CE164BC88} - hxxp://www.convergysworkathome.com/AppHardT.CAB
    FF - ProfilePath - c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\n7jm6atz.default\
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    AddRemove-{83d96ed0-98aa-4515-8ddc-816f3efdd104} - c:\program files\InstallShield Installation Information\{83d96ed0-98aa-4515-8ddc-816f3efdd104}\setup.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-08-14 15:53
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2350988805-2725598575-1874813117-1009\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    Completion time: 2011-08-14 16:03:27
    ComboFix-quarantined-files.txt 2011-08-14 20:03
    .
    Pre-Run: 95,663,284,224 bytes free
    Post-Run: 95,190,462,464 bytes free
    .
    - - End Of File - - 61FD5C76C99BBCBBE590251C8CCE83D6
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Sorry- running a bit behind.

    I strongly recommend that you go through the addons and remove or disable as many as you can. All or most of these are Active X Objects. Each can be a vulnerability to the system. It appears that media and photo imaging are high on your list- that's okay but having so many of these type is not good for a healthy system.

    You have 38 addons, most Active X. Do you really need all of these for features for:
    costcophotocenter.com
    offers.e-centives.com
    Pinecone Research: gathering consumer opinion
    /images3.pnimedia.com/ProductAssets/costcous: photo uload
    Tastefully Simple: food & gifts
    Kroger
    Cosco, etc
    ---------
    Please sign on to the Administrator account> open IE> Tools> Manage addons>> there are 2 categories> 1 addons now on system and 2. addons previously on system. Look through bot sections be clicking on the arrow point to the right of the dialog box. Remove or disable as many as you can. It's easy to see by some of the sites you're visiting how you're picking adware/spyware/ other malware, up.
    ========================================
    I'd like you to run the following> be sure to check the line for removal> paste the log in next reply. I will have you reset the Cookies to prevent the Tracking Cookies.
    [​IMG]
    SuperAntiSpyware Home Edition Free Version
    • Please download SuperAntiSpyware from HERE
    • Launch SuperAntiSpyware and click on 'Check for updates'.
    • Wait for the updates to be installed
    • On the main screen click on 'Scan your computer'.
    • Check: 'Perform Complete Scan then Click 'Next' to start the scan.
    • Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
    • Make sure everything found has a checkmark next to it,then press 'Next'.
    • Click on 'Finish' when you've done.
    It's possible that the program will ask you to reboot in order to delete some files.

    Obtain the SuperAntiSpyware log as follows:
    • Click on 'Preferences'.
    • Click on the 'Statistics/Logs' tab.
    • Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
    It will then open in your default text editor,such as Notepad. Paste the notepad file here on your reply
    ======================================
    Another consideration: using the FlipShareServer allows you to put video on social media sites. If you in turn are also receiving media from same, note that this is file sharing and a danger to the system.
    =======================================
    Are you aware that you also have the McAfee Security scan running? If Norton is the AV, you need to remove McAfee: McAfee Removal
    =====================================
    You also have multiple auto-updaters set to run on Startup. The only auto-updater that need to be on Startup is the AV program and it's firewall if there is one.

    Script to follow after I see the SAS log.
     
  8. lawrierl

    lawrierl TS Rookie Topic Starter

    maybe a stupid question...

    I am going into my add-ons and not seeing those you mention. I am not sure if I am actually logging onto the administrator account. I assume I am not. Can you direct me on how to make sure I am in the administrator account?

    Thanks,
    Becky
     
  9. lawrierl

    lawrierl TS Rookie Topic Starter

    Administrator Account

    I went into the Control Panel and saw that I only have the one user account that is an administrator account. So I am assuming that I am always logged on as an administrator.
    I went back into the add-ons in IE. While the sites you listed look familiar to me, I don't see them in my add-ons. Can you help me figure out why? I am going to go on and run the next step of the Super AntiSpyware program.

    Becky
     
  10. lawrierl

    lawrierl TS Rookie Topic Starter

    The Super AntiSpyware Log

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 08/20/2011 at 11:04 PM

    Application Version : 5.0.1118

    Core Rules Database Version : 7585
    Trace Rules Database Version: 5397

    Scan type : Complete Scan
    Total Scan Time : 01:25:05

    Operating System Information
    Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
    Administrator

    Memory items scanned : 634
    Memory threats detected : 2
    Registry items scanned : 38705
    Registry threats detected : 14
    File items scanned : 77925
    File threats detected : 254

    Adware.180solutions/Search Assistant
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll#.Owner
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/MediaGatewayX.dll#{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}

    Registry Cleaner Trial
    HKCR\Install.Install
    HKCR\Install.Install\CLSID
    HKCR\Install.Install\CurVer
    HKCR\Install.Install.1
    HKCR\Install.Install.1\CLSID

    Adware.Tracking Cookie
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a1.interclick[1].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertise[1].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bizzclick[1].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@imrworldwide[3].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@interclick[1].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@invitemedia[2].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lucidmedia[2].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media6degrees[2].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediabrandsww[1].txt
    C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.find-fast-answers[2].txt
    C:\Documents and Settings\HP_Owner\Cookies\XPG68Z0M.txt
    C:\Documents and Settings\HP_Owner\Cookies\O4X9ZKRD.txt
    C:\Documents and Settings\HP_Owner\Cookies\UEMM64N0.txt
    C:\Documents and Settings\HP_Owner\Cookies\7VT4FOXJ.txt
    C:\Documents and Settings\HP_Owner\Cookies\BP6Y2ST1.txt
    C:\Documents and Settings\HP_Owner\Cookies\3XWF3PZV.txt
    C:\Documents and Settings\HP_Owner\Cookies\DW27RG2O.txt
    C:\Documents and Settings\HP_Owner\Cookies\R2IJKTZO.txt
    C:\Documents and Settings\HP_Owner\Cookies\2USMZIY4.txt
    C:\Documents and Settings\HP_Owner\Cookies\FNW15EL0.txt
    C:\Documents and Settings\HP_Owner\Cookies\G67TZ9QH.txt
    mediacast.realgravity.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LVFRMS23 ]
    mediasuite.multicastmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\LVFRMS23 ]
    .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    bridge1.admarketplace.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .admarketplace.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .getclicky.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .static.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    segment-pixel.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    va.px.invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    moodle.countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    www.find-fast-answers.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    track.napprd.netshelter.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adxpose.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickbooth.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    jmp.clickbooth.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    adserver.brownpublishing.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    adserver.brownpublishing.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    adserver.brownpublishing.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertise.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .r1-ads.ace.advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .yieldmanager.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    stats.peopletopeople.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    stats.peopletopeople.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adserver.adtechus.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    network.realmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ewstv.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .anrtx.tacoda.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .247realmedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .mediabrandsww.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .www.burstnet.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .generalelectric.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    dc.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .2o7.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    server.iad.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .bizzclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .content.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .trafficmp.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .fastclick.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adknowledge.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adknowledge.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .adknowledge.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    www.countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .countryday.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .tacoda.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .advertising.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]
    .mediaplex.com [ C:\DOCUMENTS AND SETTINGS\HP_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N7JM6ATZ.DEFAULT\COOKIES.SQLITE ]

    Trojan.Agent/Gen
    HKLM\System\ControlSet001\Services\WINMGMT32
    C:\WINDOWS\SYSTEM32\UTILDLL32.EXE
    HKLM\System\ControlSet001\Enum\Root\LEGACY_WINMGMT32
    HKLM\System\ControlSet003\Services\WINMGMT32
    HKLM\System\ControlSet003\Enum\Root\LEGACY_WINMGMT32
    HKLM\System\CurrentControlSet\Services\WINMGMT32
    HKLM\System\CurrentControlSet\Enum\Root\LEGACY_WINMGMT32
    C:\WINDOWS\SYSTEM32\UTILDLL32.EXE
    C:\WINDOWS\SYSTEM32\IPLPX32.EXE
    C:\WINDOWS\SYSTEM32\IPLPX32.EXE
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{8F7A5040-9305-4BDA-A5EE-E7EE68E6A93B}\RP2507\A0174058.EXE
    C:\WINDOWS\Prefetch\IPLPX32.EXE-16F14C32.pf
     
  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    About the entries in SAS:
    1. Dis you check the box in SAS for removal of the entries it finds? This is similar to the line in Mbam. If you did notu did not check it, run SAS again with the box checked for removal.
    2. There is only 1 name for user in the Tracking Cookies: it is HP_Owner
    3. The Tracking Cookies are the usual internet junk found on every site. But it clearly shows you are set to accept 3rd party Cookies and we need to change that. All the these are in Firefox, but please also follow the reset for Internet Explorer:
    Reset Cookies

    For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus[
    Easy List


    For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

    For Chrome if you decide to use this browser at some point: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    (First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)
    =========================================
    Delete the prefetch files: I like to use Windows explorer to do this and the files are easily accessible:
    These are hidden files: Show Hidden Folders/Files
    • Open My Computer.
      [*] Go to Tools > Folder Options.
      [*] Select the View tab.
      [*] Scroll down to Hidden files and folders.
      [*] Select Show hidden files and folders.
      [*] Uncheck Hide extensions of known file types.
      [*] UncheckHide protected operating system files (Recommended).
      [*] Click Yes when prompted.
      [*] Click OK.
      [*] Close My Computer.

      • Here's an easy way to delete your prefetch -- Automatically!!

        1. [1]. Go into My Computer> Local Drive (C)
          [2]. Right-click anywhere that a file is not and select the 'New' submenu and click 'Text Document'

          [3]. Name it deleteprefetch=
          [4]. Double-click on the text file you just created.
          5.] Type del C:\Windows\Prefetch\*.* /Q
          []6. Go to File > Save As... and choose "All Files" from the "Save as Type" box and save it as deleteprefetch.bat
          [7]. You just created a batch file that will automatically delete all the files in your Prefetch folder. Congrats.

        Reset Hidden/System Files & Folders
        ==========================================
        For removing the adons, but sure to look in both locations in this Ma nags addons, you will have to check both sections of the dialog box..
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...