1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive ? Infected Computer

Discussion in 'Malware and Virus Removal Archive' started by deester, 2010/07/17.

Thread Status:
Not open for further replies.
Page 1 of 2
  1. 2010/07/17
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    [Inactive] ? Infected Computer

    Inspiron Desk top w OS Windows 7 home premium
    A few days ago popups started appearing on my computer warning that my computer was infected and attempting to sell me software tp clean it. I ran Malwarebytes and indeed there were infected, I had to run it twice to clean out the viruses .Iwould the following logs looked at to be sure that I am clean.


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 5/3/2010 5:01:07 PM
    System Uptime: 7/17/2010 6:22:51 AM (13 hours ago)

    Motherboard: Dell Inc. | | 0N826N
    Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz | Socket 775 | 2700/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 581 GiB total, 545.322 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    I: is FIXED (NTFS) - 298 GiB total, 238.365 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP27: 6/8/2010 3:10:37 AM - Windows Update
    RP28: 6/9/2010 3:00:10 AM - Windows Update
    RP29: 6/10/2010 7:44:07 PM - Windows Update
    RP30: 6/16/2010 8:49:09 AM - Windows Update
    RP31: 6/30/2010 1:36:07 PM - Windows Update
    RP32: 6/30/2010 4:30:03 PM - Installed Print Creations
    RP33: 6/30/2010 4:30:50 PM - Installed Print Creations
    RP34: 6/30/2010 4:31:23 PM - Installed Connect Service
    RP35: 7/1/2010 3:00:22 AM - Windows Update
    RP36: 7/1/2010 2:25:09 PM - Windows Update
    RP37: 7/2/2010 3:00:28 AM - Windows Update
    RP38: 7/5/2010 10:44:12 PM - Windows Update
    RP39: 7/8/2010 10:22:28 AM - Windows Update
    RP40: 7/13/2010 6:41:41 AM - Windows Update
    RP41: 7/14/2010 5:26:24 PM - Windows Update
    RP42: 7/14/2010 9:52:31 PM - Restore Operation
    RP43: 7/14/2010 9:59:02 PM - Windows Update
    RP44: 7/16/2010 1:39:55 PM - Windows Update
    RP45: 7/17/2010 3:00:22 AM - Windows Update

    ==== Installed Programs ======================

    7-Zip 4.57
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.2
    AOL Toolbar
    AOL Uninstaller (Choose which Products to Remove)
    ArcSoft Print Creations
    ArcSoft Print Creations - Album Page
    ArcSoft Print Creations - Funhouse
    ArcSoft Print Creations - Greeting Card
    ArcSoft Print Creations - Photo Book
    ArcSoft Print Creations - Photo Calendar
    ArcSoft Print Creations - Scrapbook
    ArcSoft Print Creations - Slimline Card
    Dell Support Center (Support Software)
    Download Updater (AOL LLC)
    Driver Access
    Driver Detective
    Driver Updater Pro
    DriverMD
    GoToAssist 8.0.0.514
    Java Auto Updater
    Java(TM) 6 Update 18
    jZip
    LogMeIn Hamachi
    Malwarebytes' Anti-Malware
    Microsoft VC9 runtime libraries
    Mozilla Firefox (3.6.3)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    My.Freeze.com Toolbar (Remove Toolbar Only)
    OpenOffice.org 3.2
    PriceGong 2.1.0
    QuickTime
    Shop to Win 2
    TinyZIP
    Uninstall AOL Emergency Connect Utility 1.0
    Viewpoint Media Player
    WeatherBug
    WordPerfect Office X3
    Yahoo! Toolbar
    Yahoo! Toolbar for Internet Explorer

    ==== Event Viewer Messages From Past Week ========

    7/17/2010 8:31:26 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    7/17/2010 4:17:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
    7/16/2010 3:19:42 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on E: cannot be read.
    7/16/2010 2:15:12 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DEESTONE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FA21069E-004C-48D2-AECA-CC5F0DDD463E}. The master browser is stopping or an election is being forced.
    7/14/2010 8:31:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR6.
    7/13/2010 7:41:19 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{FA21069E-004C-48D2-AECA-CC5F0DDD463E} because another computer on the network has the same name. The server could not start.
    7/13/2010 7:41:19 PM, Error: NetBT [4321] - The name "TED-PC :20" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.7 did not allow the name to be claimed by this computer.
    7/13/2010 7:41:18 PM, Error: NetBT [4321] - The name "TED-PC :0" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.7 did not allow the name to be claimed by this computer.
    7/13/2010 5:20:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    7/12/2010 8:30:54 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    7/12/2010 8:28:58 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    7/12/2010 8:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/12/2010 8:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/12/2010 8:28:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/12/2010 8:28:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/12/2010 8:28:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
    7/12/2010 8:21:12 PM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
    7/12/2010 8:02:20 PM, Error: Service Control Manager [7034] - The SupportSoft Sprocket Service (DellSupportCenter) service terminated unexpectedly. It has done this 1 time(s).
    7/12/2010 10:22:15 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 4 time(s).
    7/12/2010 10:22:04 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 3 time(s).
    7/12/2010 10:21:42 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 2 time(s).

    ==== End Of File ===========================
     
    deester,
    #1
  2. 2010/07/17
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 5/3/2010 5:01:07 PM
    System Uptime: 7/17/2010 6:22:51 AM (13 hours ago)

    Motherboard: Dell Inc. | | 0N826N
    Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz | Socket 775 | 2700/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 581 GiB total, 545.322 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    G: is Removable
    H: is Removable
    I: is FIXED (NTFS) - 298 GiB total, 238.365 GiB free.

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP27: 6/8/2010 3:10:37 AM - Windows Update
    RP28: 6/9/2010 3:00:10 AM - Windows Update
    RP29: 6/10/2010 7:44:07 PM - Windows Update
    RP30: 6/16/2010 8:49:09 AM - Windows Update
    RP31: 6/30/2010 1:36:07 PM - Windows Update
    RP32: 6/30/2010 4:30:03 PM - Installed Print Creations
    RP33: 6/30/2010 4:30:50 PM - Installed Print Creations
    RP34: 6/30/2010 4:31:23 PM - Installed Connect Service
    RP35: 7/1/2010 3:00:22 AM - Windows Update
    RP36: 7/1/2010 2:25:09 PM - Windows Update
    RP37: 7/2/2010 3:00:28 AM - Windows Update
    RP38: 7/5/2010 10:44:12 PM - Windows Update
    RP39: 7/8/2010 10:22:28 AM - Windows Update
    RP40: 7/13/2010 6:41:41 AM - Windows Update
    RP41: 7/14/2010 5:26:24 PM - Windows Update
    RP42: 7/14/2010 9:52:31 PM - Restore Operation
    RP43: 7/14/2010 9:59:02 PM - Windows Update
    RP44: 7/16/2010 1:39:55 PM - Windows Update
    RP45: 7/17/2010 3:00:22 AM - Windows Update

    ==== Installed Programs ======================

    7-Zip 4.57
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.2
    AOL Toolbar
    AOL Uninstaller (Choose which Products to Remove)
    ArcSoft Print Creations
    ArcSoft Print Creations - Album Page
    ArcSoft Print Creations - Funhouse
    ArcSoft Print Creations - Greeting Card
    ArcSoft Print Creations - Photo Book
    ArcSoft Print Creations - Photo Calendar
    ArcSoft Print Creations - Scrapbook
    ArcSoft Print Creations - Slimline Card
    Dell Support Center (Support Software)
    Download Updater (AOL LLC)
    Driver Access
    Driver Detective
    Driver Updater Pro
    DriverMD
    GoToAssist 8.0.0.514
    Java Auto Updater
    Java(TM) 6 Update 18
    jZip
    LogMeIn Hamachi
    Malwarebytes' Anti-Malware
    Microsoft VC9 runtime libraries
    Mozilla Firefox (3.6.3)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    My.Freeze.com Toolbar (Remove Toolbar Only)
    OpenOffice.org 3.2
    PriceGong 2.1.0
    QuickTime
    Shop to Win 2
    TinyZIP
    Uninstall AOL Emergency Connect Utility 1.0
    Viewpoint Media Player
    WeatherBug
    WordPerfect Office X3
    Yahoo! Toolbar
    Yahoo! Toolbar for Internet Explorer

    ==== Event Viewer Messages From Past Week ========

    7/17/2010 8:31:26 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
    7/17/2010 4:17:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
    7/16/2010 3:19:42 PM, Error: Microsoft-Windows-BitLocker-Driver [24620] - Encrypted volume check: Volume information on E: cannot be read.
    7/16/2010 2:15:12 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DEESTONE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FA21069E-004C-48D2-AECA-CC5F0DDD463E}. The master browser is stopping or an election is being forced.
    7/14/2010 8:31:43 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR6.
    7/13/2010 7:41:19 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{FA21069E-004C-48D2-AECA-CC5F0DDD463E} because another computer on the network has the same name. The server could not start.
    7/13/2010 7:41:19 PM, Error: NetBT [4321] - The name "TED-PC :20" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.7 did not allow the name to be claimed by this computer.
    7/13/2010 7:41:18 PM, Error: NetBT [4321] - The name "TED-PC :0" could not be registered on the interface with IP address 192.168.0.6. The computer with the IP address 192.168.0.7 did not allow the name to be claimed by this computer.
    7/13/2010 5:20:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    7/12/2010 8:30:54 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    7/12/2010 8:28:58 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    7/12/2010 8:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    7/12/2010 8:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    7/12/2010 8:28:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    7/12/2010 8:28:46 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    7/12/2010 8:28:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache spldr Wanarpv6
    7/12/2010 8:21:12 PM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 1 time(s).
    7/12/2010 8:02:20 PM, Error: Service Control Manager [7034] - The SupportSoft Sprocket Service (DellSupportCenter) service terminated unexpectedly. It has done this 1 time(s).
    7/12/2010 10:22:15 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 4 time(s).
    7/12/2010 10:22:04 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 3 time(s).
    7/12/2010 10:21:42 AM, Error: Service Control Manager [7034] - The AOL Connectivity Service service terminated unexpectedly. It has done this 2 time(s).

    ==== End Of File ===========================
     
    deester,
    #2


  3. to hide this advert.

  4. 2010/07/17
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4306

    Windows 6.1.7600 (Safe Mode)
    Internet Explorer 8.0.7600.16385

    7/12/2010 8:32:57 PM
    mbam-log-2010-07-12 (20-32-57).txt

    Scan type: Quick scan
    Objects scanned: 139159
    Time elapsed: 2 minute(s), 43 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 41
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 8
    Files Infected: 15

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\smart-shopper.hbax (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{305c6cb1-9d31-4489-881d-5a8e2dc3fe14} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{e79b1445-dfea-4bef-a786-e0c0f33c863b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{4cf088bd-be95-40a5-be9b-677f8683edea} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6fac4823-815e-4361-836e-46d65ed2550b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{911f251e-34fd-465e-b6ce-df00ff49a6be} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{fe4f1649-8909-49c0-87ba-24d65120db46} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.hbax.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.hbinfoband (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.hbinfoband.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebutton (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebutton.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttona (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttona.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttonb (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttonb.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{90f62ef7-58d1-4e8e-bb3e-cfb10ba9e47b} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{b2b92bc9-e149-4ee8-a93e-0b8cfb329808} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{022c671f-6cba-4a03-a8f9-3b3a361b235a} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{8ad815fc-607b-419f-8b70-d345a507a54e} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\barquery (Adware.Zwangi) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\smart-shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\BarQuery (Adware.Zwangi) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BarQuery Service (Adware.Zwangi) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\acjcelev (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\ProgramData\BarQuery (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\BarQuery (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\Bin (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\Bin\2.5.1 (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs\antiphishing (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Users\Ted\AppData\Local\xvfsnrtgv\aksfowttssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\BarQuery\barquery153.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\BarQuery\barquery.dll (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\BarQuery\barquery.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\BarQuery\uninstall.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\Uninst.exe (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs\antiphishing\antiphishing.html (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs\antiphishing\phishAlert.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs\antiphishing\x.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Smart-Shopper\cs\antiphishing\xActive.gif (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Comapre product prices.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper - Compare travel rate.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\SmartShopper Help.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper\Uninstall SmartShopper.lnk (Adware.SmartShopper) -> Quarantined and deleted successfully.
     
    deester,
    #3
  5. 2010/07/17
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4306

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    7/13/2010 12:01:38 AM
    mbam-log-2010-07-13 (00-01-38).txt

    Scan type: Full scan (C:\|I:\|)
    Objects scanned: 240081
    Time elapsed: 20 minute(s), 54 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Users\Ted\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NKUIBSHL\movie43555[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Users\TED G STONE\AppData\Local\Mozilla\Firefox\Profiles\anbbdax3.default\Cache\A0C33A70d01 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\TED G STONE\AppData\Local\tfjmby\cvqrsftav.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
     
    deester,
    #4
  6. 2010/07/17
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Download SUPERAntiSpyware Free for Home Users:
    http://www.superantispyware.com/

    * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    * An icon will be created on your desktop. Double-click that icon to launch the program.
    * If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
    * Close SUPERAntiSpyware.

    Restart computer in Safe Mode.
    To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

    * Open SUPERAntiSpyware.
    * Under "Configuration and Preferences ", click the Preferences button.
    * Click the Scanning Control tab.
    * Under Scanner Options make sure the following are checked (leave all others unchecked):

    • Close browsers before scanning.
      Scan for tracking cookies.
      Terminate memory threats before quarantining.
    * Click the "Close" button to leave the control center screen.
    * Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    * On the left, make sure you check C:\Fixed Drive.
    * On the right, under "Complete Scan ", choose Perform Complete Scan.
    * Click "Next" to start the scan. Please be patient while it scans your computer.
    * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK ".
    * Make sure everything has a checkmark next to it and click "Next ".
    * A notification will appear that "Quarantine and Removal is Complete ". Click "OK" and then click the "Finish" button to return to the main menu.
    * If asked if you want to reboot, click "Yes ".
    * To retrieve the removal information after reboot, launch SUPERAntispyware again.

    • Click Preferences, then click the Statistics/Logs tab.
      Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      Please copy and paste the Scan Log results in your next reply.
    * Click Close to exit the program.
    Post SUPERAntiSpyware log.

    ==============================================================

    Download OTL to your Desktop.

    * Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    * Under the Custom Scan box paste this in:



    netsvcs
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\system32\*.wt
    %systemroot%\system32\*.ruy
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\system32\spool\prtprocs\w32x86\*.tmp
    %systemroot%\*. /mp /s
    /md5start
    /md5stop
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs



    * Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    broni,
    #5
  7. 2010/07/18
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/18/2010 at 08:06 PM

    Application Version : 4.40.1002

    Core Rules Database Version : 5134
    Trace Rules Database Version: 2946

    Scan type : Complete Scan
    Total Scan Time : 00:16:41

    Memory items scanned : 328
    Memory threats detected : 0
    Registry items scanned : 12368
    Registry threats detected : 0
    File items scanned : 26211
    File threats detected : 651

    Adware.Tracking Cookie
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@casalemedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@yieldmanager[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tradedoubler[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@realmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.freefatpornmovies[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.bbwpornmpegs[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@nextag[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad.yieldmanager[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@a1.interclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@clubseventeen[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@questionmarket[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@apmebf[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ru4[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@atdmt[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tacoda[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.undertone[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@dmtracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@fastclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ar.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@zedo[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.911adnetwork[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@pointroll[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@specificmedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@overture[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@insightexpressai[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.bridgetrack[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tribalfusion[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@specificclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@bs.serving-sys[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@trafficmp[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adultadworld[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ar.atwola[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hitbox[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adxpansion[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@server.iad.liveperson[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.youporn[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@jcwhitney.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@at.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adbrite[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.popuptraffic[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@click.payserve[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@doubleclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn4.specificclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@collective-media[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@sales.liveperson[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.burstnet[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ehg-verizon.hitbox[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@247realmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@advertising[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.burstbeacon[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@data.coremetrics[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@imrworldwide[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.adult-empire[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mediaplex[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mediamatters[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.crakmedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@winzip.122.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@sales.liveperson[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xiti[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.pointroll[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@media6degrees[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@msnportal.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@revsci[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@galleries1.adult-empire[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@yadro[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@burstnet[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adinterax[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn1.trafficmp[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adecn[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@kontera[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad.wsod[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.cnn[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@statcounter[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adult-empire[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad1.clickhype[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@invitemedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@interclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@toplist[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@eyewonder[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.comotionmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@serving-sys[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adlegend[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adv.dmv[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adserver.adtechus[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@stat.dealtime[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@stats.adbrite[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@2o7[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@dc.tremormedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@youporn[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adxpose[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adultfriendfinder[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@legolas-media[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@thefind[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cms.trafficmp[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@web-stat[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@my-sex-porno[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.pornoxo[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairy-thumbs[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@trafficregenerator[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ev.ads.pointroll[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tracking.foxnews[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@media.legacy[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@pro-market[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@azjmp[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@centralmediaserver[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@oasn04.247realmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@e-2dj6wfk4qgdpmkp.stats.esomniture[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@liveperson[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tracking.admarketplace[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.googleadservices[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@wt.xxxcupid[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@burstnetads[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@chitika[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cbsdigitalmedia.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter15.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@arabsexblog[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@videos.mediaite[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxlporntube[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.thefrisky[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@msnbc.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter1.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.maturesexnude[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.onlyhairypussy[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxxcounter[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@smartadserver[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter4.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@roiservice[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxxblackbook[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairydivas[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@paypal.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@CAZJRFO1.txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.agedcunts[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@statse.webtrendslive[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.bighornytits[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@dealtime[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adx.bidsystem[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairy-thumbs[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.fpctraffic2[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairypeaches[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@agedcunts[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@lucidmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@network.realmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.trackoptimize[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.collegeflagsandbanners[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@stats.townnews[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad2.doublepimp[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@findarticles[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.my-sex-porno[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@pornhub[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@videoegg.adbureau[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad.slutload[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adv.exbii[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.whaleads[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.****bookdating[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@galleries.adult-empire[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@content.yieldmanager[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@maturesexnude[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mediaforgews[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cz7.clickzs[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@e-2dj6wjk4chd5cbp.stats.esomniture[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@CAXT54AP.txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@****bookdating[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.furrykittens[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@click.janbrewer[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@vip.clickzs[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@the****dolls[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@kanoodle[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter8.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@s-tracking[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.hairyexclusive[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.smarthairypussy[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.esm1[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.sexynaked[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@test.coremetrics[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cracked[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@delivery.trafficjunky[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@bizrate[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxxcupid[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.cracked[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adfarm1.adition[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter13.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@e-2dj6wfmiemcjwlp.stats.esomniture[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.hairysexvideos[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@sexlist[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ero-advertising[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn.at.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter10.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.nba[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hearstdigital.122.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairy-women-pussy[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@burstbeacon[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@bluestreak[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.hairy-women-pussy[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.hairypeaches[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@corkyteens[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@naked[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@liveperson[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.hidcountry[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@stats.paypal[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxlporntube[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@counter3.sextracker[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@celebrity-xxx[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@bannerbobber[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@intelligentbeauty.122.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@giftscom.122.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@xxlporntube[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.xxxmaturepost[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad2.clickhype[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairycollection[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tracking.sokrati[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@skydivemedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@breakmedia.checkm8[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.watchmygf[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.xxxmilfpics[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@walmart.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@pornoxo[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.smarthairypussy[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@citi.bridgetrack[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@wearehairy[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@CA08H094.txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@hairy-places[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.eham[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@CAAHOYIB.txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tsprotraffic[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.onlyhairypussy[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@clickcash[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@click.friendsoftheuschamber[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@facebookofsex[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adultswim[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www1.xxxcupid[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.googleadservices[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@revenue[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@CAQOPN7K.txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tubesexclips[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adserver.adpredictive[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@the****dolls[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mylovedhairy[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@edgeadx[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.xxxmaturepost[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@trafficholder[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.nascar[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.mylovedhairy[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@smartmoney.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.bestpregnantporn[2].txt
    cdn4.specificclick.net [ C:\Users\Dee\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4S8REAXT ]
    udn.specificclick.net [ C:\Users\Dee\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\4S8REAXT ]
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@adlegend[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@www.burstbeacon[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@advertising[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@adbrite[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@adecn[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@tracking.foxnews[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ad.yieldmanager[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@2o7[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@a1.interclick[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ads.pointroll[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@atdmt[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@apmebf[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ar.atwola[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ar.atwola[3].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@at.atwola[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@cdn4.specificclick[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@atwola[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@bs.serving-sys[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@burstnet[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@casalemedia[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@cdn.at.atwola[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@cdn1.trafficmp[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@doubleclick[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@collective-media[1].txt
     
    deester,
    #6
  8. 2010/07/18
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@data.coremetrics[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@invitemedia[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ehg-lexmark.hitbox[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@fastclick[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@hitbox[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@imrworldwide[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@insightexpressai[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@interclick[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@legolas-media[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@media6degrees[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@mediaplex[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@microsoftwindows.112.2o7[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@overture[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@pointroll[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@ru4[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@questionmarket[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@realmedia[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@revsci[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@serving-sys[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@tracking.admarketplace[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@specificclick[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@specificmedia[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@statse.webtrendslive[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@t.pointroll[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@tacoda[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@trafficmp[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@tribalfusion[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@www.burstnet[1].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@yieldmanager[2].txt
    C:\Users\Dee\AppData\Roaming\Microsoft\Windows\Cookies\dee@zedo[1].txt
    .serving-sys.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    .advertising.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    .doubleclick.net [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    .revenue.net [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\s4gz0q3c.default\cookies.sqlite ]
    bc.youporn.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    cdn4.specificclick.net [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    cloudfront.mediamatters.org [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    core.insightexpressai.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    i.adultswim.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    media.kens5.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    media.king5.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    media.mtvnservices.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    media.wfaa.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    media1.break.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    mediaforgews.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    msnbcmedia.msn.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    objects.tremormedia.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    s0.2mdn.net [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    secure-us.imrworldwide.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    spe.atdmt.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    static.xxxcupid.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    udn.specificclick.net [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    www.media.chrysler.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    www.naiadsystems.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    www.pornhub.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@2o7[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@ad.wsod[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@ad.yieldmanager[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@apmebf[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@at.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@atdmt[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@fastclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@interclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@mediaplex[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@microsoftwindows.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\Low\ted@msnportal.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@advertising[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mediaplex[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@zedo[2].txt
    .ad.yieldmanager.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .apmebf.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .fastclick.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .fastclick.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .fastclick.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .interclick.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .microsoftwindows.112.2o7.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .msnportal.112.2o7.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .doubleclick.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .advertising.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .printcountry.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .printcountry.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    server.iad.liveperson.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    server.iad.liveperson.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ehg-lexmark.hitbox.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .thefind.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .thefind.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .thefind.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .thefind.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .thefind.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    s04.flagcounter.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .chitika.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .atwola.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .advertising.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    fantasyfinder.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tracking.keywordmax.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.googleadservices.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atwola.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    cdn4.specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    cdn5.specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    cloudfront.mediamatters.org [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    core.insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    crackle.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    indieclick.3janecdn.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media.azfamily.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media.ign.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media.ktvb.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media.mtvnservices.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media.scanscout.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    media10.washingtonpost.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    msnbcmedia.msn.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    objects.tremormedia.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    secure-us.imrworldwide.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    service.twistage.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    sex.healthguru.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    udn.specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    video.redorbit.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    vidii.hardsextube.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    www.pornhub.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    www1.yporn.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    wwwstatic.megaporn.com [ C:\Users\TED G STONE\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GCZUNC9N ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tacoda.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ar.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ar.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .doubleclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adlegend.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adlegend.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .statcounter.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tribalfusion.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .questionmarket.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .revsci.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .kontera.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .kontera.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .kontera.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .kontera.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .www.versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .versiontracker.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .apmebf.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .yieldmanager.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificmedia.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    cdn4.specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    cdn4.specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .overture.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .overture.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .collective-media.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .specificclick.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .2o7.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .2o7.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .findmysoft.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .findmysoft.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .richmedia.yahoo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ehg-lexmark.hitbox.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .hitbox.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ehg-lexmark.hitbox.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .interclick.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adecn.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    fantasyfinder.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .tracking.keywordmax.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    rotator.adjuggler.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    rotator.adjuggler.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .chitika.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .revsci.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .revsci.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .revsci.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .media6degrees.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .ads.pointroll.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    hairyvaginas.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    hairyvaginas.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .bs.serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .serving-sys.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .at.atwola.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .a1.interclick.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .a1.interclick.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .zedo.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .revsci.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .a1.interclick.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .interclick.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .advertising.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .adbrite.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .collective-media.net [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    breakmedia.checkm8.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .questionmarket.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    statse.webtrendslive.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]
    .insightexpressai.com [ C:\Users\TED G STONE\AppData\Roaming\Mozilla\Firefox\Profiles\anbbdax3.default\cookies.sqlite ]

    Adware.Flash Tracking Cookie
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\BC.YOUPORN.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\CLOUDFRONT.MEDIAMATTERS.ORG
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MEDIA.KENS5.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MEDIA.KING5.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MEDIA.WFAA.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MEDIA1.BREAK.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MEDIAFORGEWS.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MSNBCMEDIA.MSN.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\OBJECTS.TREMORMEDIA.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\I.ADULTSWIM.COM
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\UDN.SPECIFICCLICK.NET
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\SECURE-US.IMRWORLDWIDE.COM

    Trojan.Agent/Gen
     
    deester,
    #7
  9. 2010/07/18
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    OTL logfile created on: 7/18/2010 9:06:23 PM - Run 1
    OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Ted\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 75.00% Memory free
    12.00 Gb Paging File | 10.00 Gb Available in Paging File | 87.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 581.48 Gb Total Space | 544.82 Gb Free Space | 93.70% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: TED-PC
    Current User Name: Ted
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010/07/18 21:01:53 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Ted\Downloads\OTL.exe
    PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2010/03/30 11:16:16 | 001,820,040 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/02/01 22:54:38 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    PRC - [2010/02/01 22:54:36 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    PRC - [2009/12/29 10:08:28 | 001,653,248 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
    PRC - [2009/10/30 05:34:50 | 002,765,860 | ---- | M] (iXi Tools) -- C:\Program Files (x86)\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe
    PRC - [2009/10/28 10:38:50 | 000,039,272 | ---- | M] (AOL, LLC.) -- C:\Program Files (x86)\AOL 9.5\waol.exe
    PRC - [2009/10/28 10:38:49 | 000,054,632 | ---- | M] (AOL, LLC.) -- C:\Program Files (x86)\AOL 9.5\shellmon.exe
    PRC - [2009/07/20 15:52:23 | 000,041,264 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\1272921891\ee\aolsoftware.exe
    PRC - [2009/06/03 14:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
    PRC - [2009/06/03 14:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
    PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe


    ========== Modules (SafeList) ==========

    MOD - [2010/07/18 21:01:53 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Ted\Downloads\OTL.exe
    MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
    MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2007/11/28 15:51:42 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdqcoms.exe -- (lxdq_device)
    SRV:64bit: - [2007/04/24 19:24:34 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbfcoms.exe -- (lxbf_device)
    SRV:64bit: - [2007/03/16 01:24:18 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbccoms.exe -- (lxbc_device)
    SRV - [2010/05/03 18:17:47 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
    SRV - [2010/03/30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009/06/03 14:46:38 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
    SRV - [2007/04/24 19:24:16 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbfcoms.exe -- (lxbf_device)
    SRV - [2007/03/16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbccoms.exe -- (lxbc_device)
    SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
    DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/06/10 16:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
    DRV:64bit: - [2006/11/29 18:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw) WAN Miniport (ATW)

    ========== Standard Registry (SafeList) ==========
     
    deester,
    #8
  10. 2010/07/18
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "AOL Search "
    FF - prefs.js..browser.search.defaulturl: "http://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aol-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=03-05-2010&tb_mrud=03-05-2010 "
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.com "
    FF - prefs.js..extensions.enabledItems: {7affbfae-c4e2-4915-8c0f-00fa3ec610a1}:5.74.1.5499
    FF - prefs.js..extensions.enabledItems: {D5493C6A-FD62-4255-AA85-AB7E7D0F0001}:1.0
    FF - prefs.js..extensions.enabledItems: {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}:4.0
    FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
    FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-aol-ab-en-us&tb_uuid=100000000000000002&tb_oid=03-05-2010&tb_mrud=03-05-2010&query= "


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/06/30 16:31:42 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/06/30 16:31:42 | 000,000,000 | ---D | M]

    [2010/05/03 17:18:13 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\Mozilla\Extensions
    [2010/07/18 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\extensions
    [2010/05/03 17:31:16 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
    [2010/05/17 19:55:19 | 000,000,000 | ---D | M] (Freeze Toolbar) -- C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\extensions\{CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC}
    [2010/05/03 17:31:32 | 000,002,341 | ---- | M] () -- C:\Users\Ted\AppData\Roaming\Mozilla\Firefox\Profiles\r5dshsxs.default\searchplugins\aol-search.xml
    [2010/07/18 20:41:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2010/07/10 08:21:45 | 000,000,000 | ---D | M] (BarQuery) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{D5493C6A-FD62-4255-AA85-AB7E7D0F0001}

    O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (My.Freeze.com Toolbar) - {0bd6f992-62ad-47f7-aca6-299729be4e2b} - C:\Program Files (x86)\myfreezetoolbar\myfreezedx.dll ()
    O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
    O2 - BHO: (Shop to Win 2) - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files (x86)\Shop to Win 2\ShoppingBHO.dll (Freecause Inc.)
    O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL L.L.C.)
    O2 - BHO: (Updater For My.Freeze.com Toolbar) - {C26CD490-5F01-41E3-B150-EB29F19DA056} - C:\Program Files (x86)\myfreezetoolbar\auxi\myfreezetoolbAu.dll (Visicom Media)
    O2 - BHO: (no name) - {CC3C8D60-29D6-4880-B9D8-443C4CBA2BEC} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (My.Freeze.com Toolbar) - {0bd6f992-62ad-47f7-aca6-299729be4e2b} - C:\Program Files (x86)\myfreezetoolbar\myfreezedx.dll ()
    O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL L.L.C.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL L.L.C.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O4:64bit: - HKLM..\Run: [DriverUpdater] C:\Program Files (x86)\Driver Assure Corp\Driver Access\DriverUpdater.exe (Driver Assure Corp)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\aol\1272921891\ee\aolsoftware.exe (AOL LLC)
    O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
    O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files (x86)\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
    O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL 9.5\AOL.EXE (AOL, LLC.)
    O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files (x86)\iXi Tools\Driver Updater Pro\DriverUpdaterPro.exe (iXi Tools)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - HKCU..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
    O4 - Startup: C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8:64bit: - Extra context menu item: Open with WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
    O8 - Extra context menu item: Open with WordPerfect - C:\Program Files (x86)\WordPerfect Office X3\Programs\WPLauncher.hta ()
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - Reg Error: Key error. - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
    Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
    Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
    Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.uyvy - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
    Drivers32:64bit: vidc.yvyu - msyuv.dll (Microsoft Corporation)
    Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
    Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
    Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
    Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
    Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
    Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
    Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
    Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
    Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
    Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
    Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
    Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
    Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
    Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 90 Days ==========

    [2010/07/18 19:39:20 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\SUPERAntiSpyware.com
    [2010/07/18 19:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2010/07/18 19:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
    [2010/07/18 19:39:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2010/07/16 18:09:52 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\Electrics_FWFpeterspiet
    [2010/07/16 08:43:56 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Leadertech
    [2010/07/12 20:04:41 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Malwarebytes
    [2010/07/12 20:04:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/07/12 20:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010/07/12 20:04:34 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010/07/12 20:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2010/07/12 08:59:46 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\xvfsnrtgv
    [2010/07/11 03:16:46 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\SAND BLASTER
    [2010/07/09 02:46:39 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\various01560
    [2010/07/07 18:12:44 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\The Weather Channel
    [2010/07/07 18:12:03 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Apple Computer
    [2010/07/07 17:23:15 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Microsoft Games
    [2010/07/06 11:25:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2010/07/06 09:26:40 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\ElevatedDiagnostics
    [2010/07/02 03:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
    [2010/07/01 07:16:18 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\KodakGallery
    [2010/07/01 07:15:56 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Skinux
    [2010/06/30 21:43:30 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\6747-7
    [2010/06/30 21:14:26 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\IMG_0271
    [2010/06/30 21:13:09 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\IMG_0275
    [2010/06/30 21:11:37 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\IMG_0278
    [2010/06/30 16:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
    [2010/06/30 16:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
    [2010/06/30 16:31:10 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Programs
    [2010/06/30 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\My Print Creations
    [2010/06/30 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\ArcSoft
    [2010/06/30 16:30:45 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Arcsoft
    [2010/06/30 16:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
    [2010/06/30 16:30:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
    [2010/06/30 16:30:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
    [2010/06/30 16:30:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
    [2010/06/30 16:30:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
    [2010/06/30 16:29:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Koda
    [2010/06/30 16:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kodak
    [2010/06/12 20:39:33 | 000,000,000 | ---D | C] -- C:\Windows\Sun
    [2010/06/08 06:52:41 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\277978
    [2010/06/07 11:39:19 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\eTaxi
    [2010/06/07 01:02:37 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\SeatBeltAnchorRH
    [2010/06/01 20:42:31 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\PossiblytheBestShuttlePicturesEver
    [2010/05/29 20:43:47 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\NX929DH001
    [2010/05/28 07:08:59 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\image003
    [2010/05/18 09:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\TedCUB
    [2010/05/17 19:55:25 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\WeatherBug
    [2010/05/17 19:55:23 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\WeatherBug
    [2010/05/17 19:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AWS
    [2010/05/17 19:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
    [2010/05/17 19:55:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
    [2010/05/17 19:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\EmailNotifier
    [2010/05/17 19:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceGong
    [2010/05/17 19:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\myfreezetoolbar
    [2010/05/17 19:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shop to Win 2
    [2010/05/17 19:51:15 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\Seen
    [2010/05/17 16:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010/05/17 16:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2010/05/17 16:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2010/05/17 16:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TinyZIP
    [2010/05/17 13:36:19 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\jZip
    [2010/05/17 13:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jZip
    [2010/05/17 12:43:40 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\Teds
    [2010/05/15 23:09:03 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\CCWin
    [2010/05/10 03:00:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
    [2010/05/10 03:00:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
    [2010/05/07 10:21:33 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\img_2862-sm
    [2010/05/06 17:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
    [2010/05/06 16:41:19 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\Corel User Files
    [2010/05/06 16:41:14 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Corel
    [2010/05/06 16:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
    [2010/05/06 16:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordPerfect Office X3
    [2010/05/06 16:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
    [2010/05/06 16:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
    [2010/05/06 16:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
    [2010/05/06 16:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Borland
    [2010/05/06 16:31:10 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Adobe
    [2010/05/05 19:47:20 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\LogMeIn Hamachi
    [2010/05/05 19:47:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2010/05/05 18:33:32 | 000,000,000 | ---D | C] -- C:\Users\Ted\Documents\pic15993
    [2010/05/05 15:33:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
    [2010/05/05 15:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
    [2010/05/05 15:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
    [2010/05/04 22:02:41 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\OpenOffice.org
    [2010/05/04 16:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Z500-Z600 Series
    [2010/05/04 16:24:53 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
    [2010/05/04 16:24:53 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
    [2010/05/04 16:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Z500-Z600 Series
    [2010/05/04 16:24:52 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
    [2010/05/04 16:24:52 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
    [2010/05/04 16:24:52 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
    [2010/05/04 16:24:52 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
    [2010/05/04 16:24:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
    [2010/05/04 16:24:52 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
    [2010/05/04 16:24:52 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
    [2010/05/04 16:24:52 | 000,434,176 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbcjswr.dll
    [2010/05/04 16:24:52 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
    [2010/05/04 16:24:52 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
    [2010/05/04 16:24:52 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
    [2010/05/04 16:24:52 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
    [2010/05/04 16:24:52 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
    [2010/05/04 16:24:52 | 000,155,648 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbcinsb.dll
    [2010/05/04 16:24:52 | 000,131,072 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcins.dll
    [2010/05/04 16:24:52 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbccur.dll
    [2010/05/04 16:24:52 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
    [2010/05/04 16:24:52 | 000,086,016 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcinsr.dll
    [2010/05/04 16:24:52 | 000,073,728 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXBCcfg.dll
    [2010/05/04 16:24:52 | 000,073,728 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbccu.dll
    [2010/05/04 16:24:42 | 001,418,240 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcserv.dll
    [2010/05/04 16:24:42 | 001,099,776 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcusb1.dll
    [2010/05/04 16:24:42 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomc.dll
    [2010/05/04 16:24:42 | 000,660,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxbchbn3.dll
    [2010/05/04 16:24:42 | 000,566,704 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccoms.exe
    [2010/05/04 16:24:42 | 000,488,448 | ---- | C] ( ) -- C:\Windows\SysNative\lxbclmpm.dll
    [2010/05/04 16:24:42 | 000,416,768 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbcjswr.dll
    [2010/05/04 16:24:42 | 000,410,112 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpmui.dll
    [2010/05/04 16:24:42 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysNative\LXBChcp.dll
    [2010/05/04 16:24:42 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomm.dll
    [2010/05/04 16:24:42 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcinpa.dll
    [2010/05/04 16:24:42 | 000,236,464 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccfg.exe
    [2010/05/04 16:24:42 | 000,233,392 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcih.exe
    [2010/05/04 16:24:42 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbciesc.dll
    [2010/05/04 16:24:42 | 000,177,664 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcins.dll
    [2010/05/04 16:24:42 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbcinsb.dll
    [2010/05/04 16:24:42 | 000,077,824 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbccu.dll
    [2010/05/04 16:24:42 | 000,076,800 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbccur.dll
    [2010/05/04 16:24:42 | 000,072,192 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcinsr.dll
    [2010/05/04 16:24:42 | 000,062,464 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\LXBCcfg.dll
    [2010/05/04 16:24:42 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcprox.dll
    [2010/05/04 16:24:42 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpplc.dll
    [2010/05/04 15:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark X6100 Series
    [2010/05/04 15:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark X6100 Series
    [2010/05/04 15:53:15 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfserv.dll
    [2010/05/04 15:53:15 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfusb1.dll
    [2010/05/04 15:53:15 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfhbn3.dll
    [2010/05/04 15:53:15 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfcomc.dll
    [2010/05/04 15:53:15 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfpmui.dll
    [2010/05/04 15:53:15 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbflmpm.dll
    [2010/05/04 15:53:15 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfcoms.exe
    [2010/05/04 15:53:15 | 000,483,328 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbfjswr.dll
    [2010/05/04 15:53:15 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfcomm.dll
    [2010/05/04 15:53:15 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfinpa.dll
    [2010/05/04 15:53:15 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfiesc.dll
    [2010/05/04 15:53:15 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfih.exe
    [2010/05/04 15:53:15 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfcfg.exe
    [2010/05/04 15:53:15 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfppls.exe
    [2010/05/04 15:53:15 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfprox.dll
    [2010/05/04 15:53:15 | 000,155,648 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbfinsb.dll
    [2010/05/04 15:53:15 | 000,094,208 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbfcur.dll
    [2010/05/04 15:53:15 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbfpplc.dll
    [2010/05/04 15:53:15 | 000,073,728 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXBFcfg.dll
    [2010/05/04 15:53:15 | 000,073,728 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxbfcu.dll
    [2010/05/04 15:53:05 | 001,418,240 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfserv.dll
    [2010/05/04 15:53:05 | 001,099,776 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfusb1.dll
    [2010/05/04 15:53:05 | 000,660,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfhbn3.dll
    [2010/05/04 15:53:05 | 000,566,704 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfcoms.exe
    [2010/05/04 15:53:05 | 000,488,448 | ---- | C] ( ) -- C:\Windows\SysNative\lxbflmpm.dll
    [2010/05/04 15:53:05 | 000,468,992 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbfjswr.dll
    [2010/05/04 15:53:05 | 000,410,112 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfpmui.dll
    [2010/05/04 15:53:05 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysNative\LXBFhcp.dll
    [2010/05/04 15:53:05 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfcomm.dll
    [2010/05/04 15:53:05 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfinpa.dll
    [2010/05/04 15:53:05 | 000,233,392 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfih.exe
    [2010/05/04 15:53:05 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfiesc.dll
    [2010/05/04 15:53:05 | 000,135,168 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbfinsb.dll
    [2010/05/04 15:53:05 | 000,079,360 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbfcu.dll
    [2010/05/04 15:53:05 | 000,077,824 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysNative\lxbfcur.dll
    [2010/05/04 15:53:05 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfprox.dll
    [2010/05/04 15:53:05 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfpplc.dll
    [2010/05/04 15:53:04 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfcomc.dll
    [2010/05/04 15:53:04 | 000,236,464 | ---- | C] ( ) -- C:\Windows\SysNative\lxbfcfg.exe
    [2010/05/04 15:53:04 | 000,062,464 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\LXBFcfg.dll
    [2010/05/04 15:52:14 | 000,000,000 | ---D | C] -- C:\drivers
    [2010/05/04 15:34:10 | 000,000,000 | ---D | C] -- C:\Windows\LMI2D85.tmp
    [2010/05/04 15:08:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
    [2010/05/04 15:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iXi Tools
    [2010/05/04 15:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Assure Corp
    [2010/05/04 14:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
    [2010/05/04 14:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Drivers HeadQuarters
    [2010/05/04 10:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
    [2010/05/04 10:41:49 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\PC_Drivers_Headquarters
    [2010/05/04 10:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverMD
    [2010/05/04 10:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DriverMD
    [2010/05/04 00:09:45 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Deployment
    [2010/05/04 00:09:45 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Apps
    [2010/05/03 23:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
    [2010/05/03 23:39:41 | 000,000,000 | ---D | C] -- C:\Users\Ted\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
    [2010/05/03 19:30:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
    [2010/05/03 19:30:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem
    [2010/05/03 18:36:09 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
    [2010/05/03 18:32:02 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
    [2010/05/03 18:31:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
    [2010/05/03 18:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
    [2010/05/03 18:17:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
    [2010/05/03 18:17:47 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Citrix
    [2010/05/03 18:10:49 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\SupportSoft
    [2010/05/03 18:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SupportSoft
    [2010/05/03 18:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
    [2010/05/03 18:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\supportsoft
    [2010/05/03 18:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Support Center
    [2010/05/03 18:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell
    [2010/05/03 17:28:22 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\AOL Toolbar
    [2010/05/03 17:25:40 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Macromedia
    [2010/05/03 17:25:40 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\AOL
    [2010/05/03 17:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
    [2010/05/03 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
    [2010/05/03 17:25:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viewpoint
    [2010/05/03 17:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Toolbar
    [2010/05/03 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL Toolbar
    [2010/05/03 17:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
    [2010/05/03 17:25:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AOL Downloads
    [2010/05/03 17:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
    [2010/05/03 17:24:59 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\AOL
    [2010/05/03 17:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL
    [2010/05/03 17:24:44 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
    [2010/05/03 17:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\aolshare
    [2010/05/03 17:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOL 9.5
    [2010/05/03 17:24:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL
    [2010/05/03 17:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\aol
    [2010/05/03 17:23:36 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Adobe
    [2010/05/03 17:23:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
    [2010/05/03 17:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AOL Downloads
    [2010/05/03 17:18:04 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Mozilla
    [2010/05/03 17:18:04 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Mozilla
    [2010/05/03 17:17:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010/05/03 17:01:29 | 000,000,000 | R--D | C] -- C:\Users\Ted\Searches
    [2010/05/03 17:01:29 | 000,000,000 | -H-D | C] -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2010/05/03 17:01:21 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Identities
    [2010/05/03 17:01:20 | 000,000,000 | R--D | C] -- C:\Users\Ted\Contacts
    [2010/05/03 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\VirtualStore
    [2010/05/03 17:01:15 | 000,000,000 | --SD | C] -- C:\Users\Ted\AppData\Roaming\Microsoft
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Videos
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Saved Games
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Pictures
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Music
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Links
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Favorites
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Downloads
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\My Documents
    [2010/05/03 17:01:15 | 000,000,000 | R--D | C] -- C:\Users\Ted\Desktop
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\AppData\Local\Temporary Internet Files
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Templates
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Start Menu
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\SendTo
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Recent
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\PrintHood
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\NetHood
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Documents\My Videos
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Documents\My Pictures
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Documents\My Music
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\My Documents
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Local Settings
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\AppData\Local\History
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Cookies
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\Application Data
    [2010/05/03 17:01:15 | 000,000,000 | -HSD | C] -- C:\Users\Ted\AppData\Local\Application Data
    [2010/05/03 17:01:15 | 000,000,000 | -H-D | C] -- C:\Users\Ted\AppData
    [2010/05/03 17:01:15 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Temp
    [2010/05/03 17:01:15 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Local\Microsoft
    [2010/05/03 17:01:15 | 000,000,000 | ---D | C] -- C:\Users\Ted\AppData\Roaming\Media Center Programs
    [2010/05/03 17:01:05 | 000,000,000 | -HSD | C] -- C:\Recovery
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 90 Days ==========

    [2010/07/18 21:06:46 | 001,835,008 | -HS- | M] () -- C:\Users\Ted\ntuser.dat
    [2010/07/18 20:35:56 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/07/18 20:35:56 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/07/18 20:29:09 | 000,000,508 | ---- | M] () -- C:\Windows\win.ini
    [2010/07/18 20:28:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/07/18 20:28:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/07/18 20:28:21 | 528,355,327 | -HS- | M] () -- C:\hiberfil.sys
    [2010/07/18 19:46:16 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/07/18 12:01:16 | 000,000,848 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
    [2010/07/16 18:21:00 | 000,000,707 | ---- | M] () -- C:\Windows\lexstat.ini
    [2010/07/16 18:09:52 | 000,235,391 | ---- | M] () -- C:\Users\Ted\Documents\Electrics_FWFpeterspiet.zip
    [2010/07/12 20:10:07 | 000,001,037 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/07/12 20:10:07 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/07/12 05:40:10 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Z500-Z600 Series Solution Center.lnk
    [2010/07/11 03:16:46 | 000,890,997 | ---- | M] () -- C:\Users\Ted\Documents\SAND BLASTER.zip
    [2010/07/09 02:46:39 | 003,234,598 | ---- | M] () -- C:\Users\Ted\Documents\various01560.zip
    [2010/07/05 09:01:17 | 000,207,872 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
    [2010/07/05 09:01:17 | 000,143,360 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
    [2010/07/05 08:44:12 | 000,004,422 | ---- | M] () -- C:\Users\Ted\Documents\GRANET FINAL BILL.wpd
    [2010/06/30 21:43:30 | 000,694,855 | ---- | M] () -- C:\Users\Ted\Documents\6747-7.zip
    [2010/06/30 21:14:26 | 008,098,091 | ---- | M] () -- C:\Users\Ted\Documents\IMG_0271.zip
    [2010/06/30 21:13:09 | 010,178,116 | ---- | M] () -- C:\Users\Ted\Documents\IMG_0275.zip
    [2010/06/30 21:11:37 | 009,464,730 | ---- | M] () -- C:\Users\Ted\Documents\IMG_0278.zip
    [2010/06/30 20:37:43 | 005,663,515 | ---- | M] () -- C:\Users\Ted\Documents\The_most_beautiful_seatbelt_advocacy_commercial_ever.wmv
    [2010/06/30 16:31:40 | 000,002,447 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
    [2010/06/30 16:31:40 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2010/06/09 03:17:26 | 000,309,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010/06/07 12:33:54 | 001,488,896 | ---- | M] () -- C:\Users\Ted\Documents\EmpireStateBldg.pps
    [2010/06/07 11:39:19 | 003,187,041 | ---- | M] () -- C:\Users\Ted\Documents\eTaxi.zip
    [2010/06/07 11:38:03 | 000,842,654 | ---- | M] () -- C:\Users\Ted\Documents\AFLAC.bmp
    [2010/06/06 04:45:07 | 000,024,711 | ---- | M] () -- C:\Users\Ted\Documents\ATT00016.jpg
    [2010/06/05 14:41:23 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\jZip.lnk
    [2010/06/05 14:41:23 | 000,000,923 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
    [2010/06/03 10:42:30 | 001,981,708 | ---- | M] () -- C:\Users\Ted\Documents\baseballflash.wmv
    [2010/06/01 15:52:07 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010/06/01 15:52:07 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010/06/01 15:52:07 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010/06/01 12:20:27 | 000,111,616 | ---- | M] () -- C:\Users\Ted\Documents\Read_Alone.pps
    [2010/06/01 05:38:01 | 000,082,305 | ---- | M] () -- C:\Users\Ted\Documents\W&Bcalculations.jpg
    [2010/05/31 17:58:53 | 000,463,640 | ---- | M] () -- C:\Users\Ted\Documents\Hales_2010_Picnic.pdf
    [2010/05/29 20:43:47 | 001,025,324 | ---- | M] () -- C:\Users\Ted\Documents\NX929DH001.zip
    [2010/05/29 07:58:52 | 009,864,747 | ---- | M] () -- C:\Users\Ted\Documents\WrightsvilleBeachflight2010.wmv
    [2010/05/28 19:20:17 | 000,983,180 | ---- | M] () -- C:\Users\Ted\Documents\LarrysPiet.jpg
    [2010/05/21 16:19:56 | 000,012,132 | ---- | M] () -- C:\Users\Ted\Documents\image001.jpg
    [2010/05/19 20:11:33 | 000,019,421 | ---- | M] () -- C:\Users\Ted\Documents\310 N 16.odt
    [2010/05/18 09:19:18 | 009,293,865 | ---- | M] () -- C:\Users\Ted\Documents\TedCUB.zip
    [2010/05/18 02:57:57 | 006,466,488 | ---- | M] () -- C:\Users\Ted\Documents\Little_Shrunken_Sings_The_Blues.wmv
    [2010/05/17 19:55:17 | 000,002,032 | ---- | M] () -- C:\Users\Ted\Desktop\WeatherBug.lnk
    [2010/05/17 19:55:13 | 000,001,954 | ---- | M] () -- C:\Users\Ted\Desktop\Full-Service ID Theft Protection.lnk
    [2010/05/17 19:55:13 | 000,001,950 | ---- | M] () -- C:\Users\Ted\Desktop\1000 Free Songs!.lnk
    [2010/05/17 19:55:13 | 000,001,932 | ---- | M] () -- C:\Users\Ted\Desktop\Free Games!!.lnk
    [2010/05/17 19:51:15 | 000,563,006 | ---- | M] () -- C:\Users\Ted\Documents\Seen.zip
    [2010/05/17 16:26:25 | 000,001,853 | ---- | M] () -- C:\Users\Ted\Documents\TinyZIP.lnk
    [2010/05/17 13:36:18 | 000,000,125 | ---- | M] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
    [2010/05/17 12:43:39 | 009,293,865 | ---- | M] () -- C:\Users\Ted\Documents\Teds.zip
    [2010/05/12 12:57:14 | 003,926,016 | ---- | M] () -- C:\Users\Ted\Documents\I_LoveTheBeach.pps
    [2010/05/10 20:30:23 | 006,931,109 | ---- | M] () -- C:\Users\Ted\Documents\The1.wmv
    [2010/05/09 18:36:06 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/05/07 10:21:37 | 000,072,752 | ---- | M] () -- C:\Users\Ted\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010/05/07 10:21:33 | 000,301,055 | ---- | M] () -- C:\Users\Ted\Documents\img_2862-sm.zip
    [2010/05/06 16:40:15 | 000,001,029 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
    [2010/05/06 16:40:12 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\Quattro Pro X3.lnk
    [2010/05/06 16:40:12 | 000,002,663 | ---- | M] () -- C:\Users\Public\Desktop\WordPerfect X3.lnk
    [2010/05/06 16:40:12 | 000,001,284 | ---- | M] () -- C:\Users\Public\Desktop\Presentations X3.lnk
    [2010/05/06 04:48:22 | 000,001,239 | ---- | M] () -- C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
    [2010/05/06 04:38:54 | 006,012,416 | ---- | M] () -- C:\Users\Ted\Documents\1AmazingSculpture.pps
    [2010/05/05 15:31:58 | 001,445,036 | ---- | M] () -- C:\Users\Ted\Documents\HootersCalendar2010.pdf
    [2010/05/04 16:28:01 | 000,010,316 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
    [2010/05/04 15:57:30 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark X6100 Series Solution Center.lnk
    [2010/05/04 15:08:25 | 000,001,241 | ---- | M] () -- C:\Users\Public\Desktop\Driver Updater Pro.lnk
    [2010/05/04 15:06:25 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\Driver Access.lnk
    [2010/05/04 14:03:50 | 000,002,473 | ---- | M] () -- C:\Users\Public\Desktop\Driver Detective.lnk
    [2010/05/04 10:41:24 | 000,002,192 | ---- | M] () -- C:\Users\Public\Desktop\DriverMD.lnk
    [2010/05/04 01:10:03 | 000,001,079 | ---- | M] () -- C:\Users\Ted\Desktop\TED G STONE - Shortcut.lnk
    [2010/05/04 00:09:55 | 000,061,224 | ---- | M] () -- C:\Users\Ted\GoToAssistDownloadHelper.exe
    [2010/05/03 23:41:32 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
    [2010/05/03 18:47:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
    [2010/05/03 18:47:21 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
    [2010/05/03 18:38:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2010/05/03 18:11:09 | 000,017,328 | ---- | M] () -- C:\Users\Ted\Desktop\EndUserLicenseAgreement.html
    [2010/05/03 18:10:24 | 000,002,587 | ---- | M] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
    [2010/05/03 17:25:37 | 000,000,935 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
    [2010/05/03 17:25:37 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
    [2010/05/03 17:21:28 | 000,000,335 | ---- | M] () -- C:\Windows\nsreg.dat
    [2010/05/03 17:18:01 | 000,001,967 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/05/03 17:18:01 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/03 17:13:50 | 000,001,441 | ---- | M] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/05/03 17:03:43 | 000,524,288 | -HS- | M] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010/05/03 17:03:43 | 000,524,288 | -HS- | M] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/03 17:03:43 | 000,065,536 | -HS- | M] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010/05/03 17:03:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
    [2010/05/03 17:01:15 | 000,000,020 | -HS- | M] () -- C:\Users\Ted\ntuser.ini
    [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/07/18 19:39:14 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2010/07/16 18:09:51 | 000,235,391 | ---- | C] () -- C:\Users\Ted\Documents\Electrics_FWFpeterspiet.zip
    [2010/07/12 20:10:07 | 000,001,037 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
    [2010/07/12 20:04:38 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010/07/11 03:16:44 | 000,890,997 | ---- | C] () -- C:\Users\Ted\Documents\SAND BLASTER.zip
    [2010/07/09 02:46:32 | 003,234,598 | ---- | C] () -- C:\Users\Ted\Documents\various01560.zip
    [2010/07/05 08:44:12 | 000,004,422 | ---- | C] () -- C:\Users\Ted\Documents\GRANET FINAL BILL.wpd
    [2010/07/01 07:16:06 | 000,207,872 | R--- | C] () -- C:\Users\Public\Documents\ESBK.mbb
    [2010/07/01 07:16:06 | 000,143,360 | R--- | C] () -- C:\Users\Public\Documents\ESBK.mb
    [2010/06/30 21:43:28 | 000,694,855 | ---- | C] () -- C:\Users\Ted\Documents\6747-7.zip
    [2010/06/30 21:14:09 | 008,098,091 | ---- | C] () -- C:\Users\Ted\Documents\IMG_0271.zip
    [2010/06/30 21:12:46 | 010,178,116 | ---- | C] () -- C:\Users\Ted\Documents\IMG_0275.zip
    [2010/06/30 21:11:16 | 009,464,730 | ---- | C] () -- C:\Users\Ted\Documents\IMG_0278.zip
    [2010/06/30 20:37:32 | 005,663,515 | ---- | C] () -- C:\Users\Ted\Documents\The_most_beautiful_seatbelt_advocacy_commercial_ever.wmv
    [2010/06/30 16:31:40 | 000,002,447 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
    [2010/06/30 16:31:40 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
    [2010/06/07 12:33:50 | 001,488,896 | ---- | C] () -- C:\Users\Ted\Documents\EmpireStateBldg.pps
    [2010/06/07 11:39:13 | 003,187,041 | ---- | C] () -- C:\Users\Ted\Documents\eTaxi.zip
    [2010/06/07 11:38:02 | 000,842,654 | ---- | C] () -- C:\Users\Ted\Documents\AFLAC.bmp
    [2010/06/06 04:45:06 | 000,024,711 | ---- | C] () -- C:\Users\Ted\Documents\ATT00016.jpg
    [2010/06/05 14:41:23 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\jZip.lnk
    [2010/06/03 10:42:26 | 001,981,708 | ---- | C] () -- C:\Users\Ted\Documents\baseballflash.wmv
    [2010/06/01 12:20:26 | 000,111,616 | ---- | C] () -- C:\Users\Ted\Documents\Read_Alone.pps
    [2010/06/01 05:38:01 | 000,082,305 | ---- | C] () -- C:\Users\Ted\Documents\W&Bcalculations.jpg
    [2010/05/31 17:58:52 | 000,463,640 | ---- | C] () -- C:\Users\Ted\Documents\Hales_2010_Picnic.pdf
    [2010/05/29 20:43:45 | 001,025,324 | ---- | C] () -- C:\Users\Ted\Documents\NX929DH001.zip
    [2010/05/29 07:58:34 | 009,864,747 | ---- | C] () -- C:\Users\Ted\Documents\WrightsvilleBeachflight2010.wmv
    [2010/05/28 19:20:15 | 000,983,180 | ---- | C] () -- C:\Users\Ted\Documents\LarrysPiet.jpg
    [2010/05/21 16:19:55 | 000,012,132 | ---- | C] () -- C:\Users\Ted\Documents\image001.jpg
    [2010/05/18 09:18:53 | 009,293,865 | ---- | C] () -- C:\Users\Ted\Documents\TedCUB.zip
    [2010/05/18 05:11:12 | 000,019,421 | ---- | C] () -- C:\Users\Ted\Documents\310 N 16.odt
    [2010/05/18 02:57:41 | 006,466,488 | ---- | C] () -- C:\Users\Ted\Documents\Little_Shrunken_Sings_The_Blues.wmv
    [2010/05/17 19:55:17 | 000,002,032 | ---- | C] () -- C:\Users\Ted\Desktop\WeatherBug.lnk
    [2010/05/17 19:55:13 | 000,001,954 | ---- | C] () -- C:\Users\Ted\Desktop\Full-Service ID Theft Protection.lnk
    [2010/05/17 19:55:13 | 000,001,950 | ---- | C] () -- C:\Users\Ted\Desktop\1000 Free Songs!.lnk
    [2010/05/17 19:55:13 | 000,001,932 | ---- | C] () -- C:\Users\Ted\Desktop\Free Games!!.lnk
    [2010/05/17 19:51:13 | 000,563,006 | ---- | C] () -- C:\Users\Ted\Documents\Seen.zip
    [2010/05/17 16:26:25 | 000,001,853 | ---- | C] () -- C:\Users\Ted\Documents\TinyZIP.lnk
    [2010/05/17 13:36:18 | 000,076,407 | ---- | C] () -- C:\Users\Ted\AppData\Roaming\Smiley.ico
    [2010/05/17 13:36:18 | 000,000,125 | ---- | C] () -- C:\Users\Public\Desktop\Emoticons for your messenger!.url
    [2010/05/17 13:36:17 | 000,000,923 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
    [2010/05/17 12:43:16 | 009,293,865 | ---- | C] () -- C:\Users\Ted\Documents\Teds.zip
    [2010/05/12 12:57:04 | 003,926,016 | ---- | C] () -- C:\Users\Ted\Documents\I_LoveTheBeach.pps
    [2010/05/10 20:30:04 | 006,931,109 | ---- | C] () -- C:\Users\Ted\Documents\The1.wmv
    [2010/05/07 10:21:32 | 000,301,055 | ---- | C] () -- C:\Users\Ted\Documents\img_2862-sm.zip
    [2010/05/06 16:41:01 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
    [2010/05/06 16:40:12 | 000,002,675 | ---- | C] () -- C:\Users\Public\Desktop\Quattro Pro X3.lnk
    [2010/05/06 16:40:12 | 000,002,663 | ---- | C] () -- C:\Users\Public\Desktop\WordPerfect X3.lnk
    [2010/05/06 16:40:12 | 000,001,284 | ---- | C] () -- C:\Users\Public\Desktop\Presentations X3.lnk
    [2010/05/06 04:48:22 | 000,001,239 | ---- | C] () -- C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
    [2010/05/06 04:38:31 | 006,012,416 | ---- | C] () -- C:\Users\Ted\Documents\1AmazingSculpture.pps
    [2010/05/05 15:33:56 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010/05/05 15:31:54 | 001,445,036 | ---- | C] () -- C:\Users\Ted\Documents\HootersCalendar2010.pdf
    [2010/05/04 16:29:27 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Z500-Z600 Series Solution Center.lnk
    [2010/05/04 16:24:53 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
    [2010/05/04 16:24:52 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
    [2010/05/04 16:24:52 | 000,001,858 | ---- | C] () -- C:\Windows\SysWow64\lxbc.loc
    [2010/05/04 16:24:42 | 000,567,808 | ---- | C] () -- C:\Windows\SysNative\lxbcutil.dll
    [2010/05/04 16:24:42 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBCinst.dll
    [2010/05/04 16:24:42 | 000,001,858 | ---- | C] () -- C:\Windows\SysNative\lxbc.loc
    [2010/05/04 15:57:30 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark X6100 Series Solution Center.lnk
    [2010/05/04 15:54:47 | 000,000,707 | ---- | C] () -- C:\Windows\lexstat.ini
    [2010/05/04 15:53:15 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbfutil.dll
    [2010/05/04 15:53:15 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBFinst.dll
    [2010/05/04 15:53:15 | 000,002,011 | ---- | C] () -- C:\Windows\SysWow64\lxbf.loc
    [2010/05/04 15:53:05 | 000,568,832 | ---- | C] () -- C:\Windows\SysNative\lxbfutil.dll
    [2010/05/04 15:53:05 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBFinst.dll
    [2010/05/04 15:53:05 | 000,010,316 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
    [2010/05/04 15:53:04 | 000,002,011 | ---- | C] () -- C:\Windows\SysNative\lxbf.loc
    [2010/05/04 15:08:04 | 000,001,241 | ---- | C] () -- C:\Users\Public\Desktop\Driver Updater Pro.lnk
    [2010/05/04 15:06:25 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\Driver Access.lnk
    [2010/05/04 14:03:50 | 000,002,473 | ---- | C] () -- C:\Users\Public\Desktop\Driver Detective.lnk
    [2010/05/04 10:41:24 | 000,002,192 | ---- | C] () -- C:\Users\Public\Desktop\DriverMD.lnk
    [2010/05/04 01:10:03 | 000,001,079 | ---- | C] () -- C:\Users\Ted\Desktop\TED G STONE - Shortcut.lnk
    [2010/05/04 00:09:55 | 000,061,224 | ---- | C] () -- C:\Users\Ted\GoToAssistDownloadHelper.exe
    [2010/05/03 23:41:32 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
    [2010/05/03 19:30:27 | 000,000,024 | RH-- | C] () -- C:\Windows\DELL_version
    [2010/05/03 18:38:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2010/05/03 18:31:31 | 528,355,327 | -HS- | C] () -- C:\hiberfil.sys
    [2010/05/03 18:11:09 | 000,017,328 | ---- | C] () -- C:\Users\Ted\Desktop\EndUserLicenseAgreement.html
    [2010/05/03 18:10:24 | 000,002,587 | ---- | C] () -- C:\Users\Public\Desktop\Dell Support Center.lnk
    [2010/05/03 17:25:37 | 000,000,935 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
    [2010/05/03 17:25:37 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\AOL 9.5.lnk
    [2010/05/03 17:21:28 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
    [2010/05/03 17:18:01 | 000,001,967 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/05/03 17:18:01 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/05/03 17:13:50 | 000,001,441 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2010/05/03 17:03:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
    [2010/05/03 17:01:15 | 001,835,008 | -HS- | C] () -- C:\Users\Ted\ntuser.dat
    [2010/05/03 17:01:15 | 000,524,288 | -HS- | C] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010/05/03 17:01:15 | 000,524,288 | -HS- | C] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010/05/03 17:01:15 | 000,262,144 | -HS- | C] () -- C:\Users\Ted\ntuser.dat.LOG1
    [2010/05/03 17:01:15 | 000,065,536 | -HS- | C] () -- C:\Users\Ted\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010/05/03 17:01:15 | 000,000,290 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2010/05/03 17:01:15 | 000,000,272 | ---- | C] () -- C:\Users\Ted\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
    [2010/05/03 17:01:15 | 000,000,020 | -HS- | C] () -- C:\Users\Ted\ntuser.ini
    [2010/05/03 17:01:15 | 000,000,000 | -HS- | C] () -- C:\Users\Ted\ntuser.dat.LOG2
    [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
     
    deester,
    #9
  11. 2010/07/18
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    ========== LOP Check ==========

    [2010/07/16 08:43:56 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\Leadertech
    [2010/05/04 22:02:41 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\OpenOffice.org
    [2010/07/01 07:15:56 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\Skinux
    [2010/05/17 19:55:23 | 000,000,000 | ---D | M] -- C:\Users\Ted\AppData\Roaming\WeatherBug
    [2009/07/14 01:08:49 | 000,007,852 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.* >
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
    [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
    [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
    [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
    [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
    [2010/07/18 20:28:21 | 528,355,327 | -HS- | M] () -- C:\hiberfil.sys
    [2007/11/07 08:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe
    [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
    [2007/11/07 08:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
    [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
    [2007/11/07 08:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
    [2007/11/07 08:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
    [2007/11/07 08:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
    [2007/11/07 08:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
    [2007/11/07 08:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
    [2007/11/07 08:44:20 | 000,074,768 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
    [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
    [2010/07/18 20:28:24 | 2136,133,631 | -HS- | M] () -- C:\pagefile.sys
    [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
    [2007/11/07 08:50:40 | 001,927,956 | ---- | M] () -- C:\VC_RED.cab
    [2007/11/07 08:53:12 | 000,242,176 | ---- | M] () -- C:\VC_RED.MSI

    < %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

    < %systemroot%\system32\*.wt >

    < %systemroot%\system32\*.ruy >

    < %systemroot%\Fonts\*.com >
    [2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >

    < %systemroot%\*. /mp /s >
    color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
    [2009/07/13 21:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
    [2009/07/13 21:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\user32.dll /md5 >
    [2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

    < %systemroot%\system32\ws2_32.dll /md5 >
    [2009/07/13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_3

    < %systemroot%\system32\ws2help.dll /md5 >
    [2009/07/13 21:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >
    < End of report >2.dll

    [
     
    deester,
    #10
  12. 2010/07/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I still need Extras.txt log.
    Also, your Superantispyware log ends with:
    Trojan.Agent/Gen
    like something is after that line, but it was cut off.
    Can you repost that log. Omit "tracking cookies" whatsoever.
     
    broni,
    #11
  13. 2010/07/21
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    broni,
    This is going to be a slow process for me, my access to this computer is limited brcause our invalid staya on it. I could not load OTL to desk top and that may be the reason I only got 1 log. Will send other other logs ASAP.
    See Private message.
    Dee
     
    deester,
    #12
  14. 2010/07/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Ok....
     
    broni,
    #13
  15. 2010/07/21
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    i need to know how to download OTL into my desktop and also how to remove the tracking cookies from the antispyware.
    Thanks.
     
    deester,
    #14
  16. 2010/07/21
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Regarding Superantispyware...
    Please, re-read my reply #5, re-run Superantispyware and post full log.
    Don't worry about OTL for now...
     
    broni,
    #15
  17. 2010/07/22
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    UPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/22/2010 at 08:28 PM

    Application Version : 4.40.1002

    Core Rules Database Version : 5134
    Trace Rules Database Version: 2946

    Scan type : Complete Scan
    Total Scan Time : 00:18:32

    Memory items scanned : 617
    Memory threats detected : 0
    Registry items scanned : 12377
    Registry threats detected : 0
    File items scanned : 26411
    File threats detected : 70

    Adware.Tracking Cookie
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@casalemedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@yieldmanager[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@realmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad.yieldmanager[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@a1.interclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@questionmarket[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@apmebf[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@atdmt[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tacoda[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.undertone[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@fastclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ar.atwola[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@zedo[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn.at.atwola[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@overture[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@pointroll[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tribalfusion[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@insightexpressai[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@bs.serving-sys[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@specificclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adserver.adpredictive[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ar.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@media.mtvnservices[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@at.atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adbrite[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@doubleclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn4.specificclick[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@collective-media[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.burstnet[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@statse.webtrendslive[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@advertising[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@www.burstbeacon[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@data.coremetrics[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@imrworldwide[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@mediaplex[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.pointroll[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@media6degrees[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@msnportal.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@revsci[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@burstnet[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cdn1.trafficmp[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ad.wsod[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adecn[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@citi.bridgetrack[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@atwola[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@videoegg.adbureau[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@invitemedia[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@interclick[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@serving-sys[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adlegend[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@2o7[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@legolas-media[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tracking.foxnews[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@cbcnewmedia.112.2o7[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@specificmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@tracking.admarketplace[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@msnbc.112.2o7[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@lucidmedia[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@edgeadx[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adinterax[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@content.yieldmanager[3].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@adserver.adtechus[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@trafficmp[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@burstbeacon[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@content.yieldmanager[1].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@ads.infinisource[2].txt
    C:\Users\Ted\AppData\Roaming\Microsoft\Windows\Cookies\ted@olympus.112.2o7[1].txt
    media.mtvnservices.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]
    msnbcmedia.msn.com [ C:\Users\Ted\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\2AW867XU ]

    Adware.Flash Tracking Cookie
    C:\Users\Ted\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\2AW867XU\MSNBCMEDIA.MSN.COM
     
    deester,
    #16
  18. 2010/07/22
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    How is your computer doing at the moment?

    I don't see any antivirus program running. Why is that?
     
    broni,
    #17
  19. 2010/07/22
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    With my limted use of itm it is running fine, I am one step ahead , I have already installed an antivus,
     
    deester,
    #18
  20. 2010/07/22
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    OK then.
    Re-run OTL with a script listed in my reply #5 (red lettering) and post fresh log.
     
    broni,
    #19
  21. 2010/07/22
    deester

    deester Inactive Alumni Thread Starter

    Joined:
    2008/07/08
    Messages:
    633
    Likes Received:
    0
    Please tell me hoe to dowmload tp desk top do I get an icon.
     
    deester,
    #20
Page 1 of 2
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...