1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Safesurf/Surfguard virus/malware

Discussion in 'Malware and Virus Removal Archive' started by ztorin, 2010/09/27.

Thread Status:
Not open for further replies.
  1. 2010/09/27
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    [Inactive] Safesurf/Surfguard virus/malware

    After spending about 4 hours last night searching the web for "Safesurf/Surfguard help ", I ended up here, thankfully. After all of that research, I appear to be infected with this virus/malware. And unfortunately, I have the issue on both of my laptops.

    The only thing I've been successful with, is at least (for now), stopping the Safesurf.exe from starting up when my system reboots. The only way I was able to do that was to use my TuneUp Utilities program, where I was able to "turn off" the Safesurf.exe from starting up. However, I still have all of the other issues I've read about with this malware/virus, in my Windows\SysWOW64\drivers folder. Those issues are: I have the "f" folder, up.exe, safesurf.exe, and surfguard.exe all within that drivers folder.

    So I'm looking for assistance in removing all of those items, which I understand is the only way to rid this from my machine.

    I will now paste the two DDS logs below. Any help you can offer will be appreciated. Thank you in advance.


    DDS (Ver_10-03-17.01) - NTFSX64
    Run by Torin at 12:53:23.37 on Mon 09/27/2010
    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.1701 [GMT -4:00]


    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\Hpservice.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
    C:\Program Files\LSI SoftModem\agr64svc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\SysWOW64\atashost.exe
    C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
    C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
    C:\Program Files (x86)\DeskSite Software\DeskSiteContent.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\DeskSite Software\DeskSiteMonitor.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\SMINST\BLService.exe
    C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\DeskSite Software\DeskSiteApplication.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\system32\notepad.exe
    C:\Users\Torin\Desktop\HiJackThis.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Torin\Desktop\dds.scr
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uStart Page = hxxp://www.yahoo.com
    mLocal Page = c:\windows\syswow64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~2\yahoo!\compan~1\installs\cpn\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~2\yahoo!\compan~1\installs\cpn\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~4\office14\GROOVEEX.DLL
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live

    \WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~4\office14\URLREDIR.DLL
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files (x86)\msn\toolbar\3.0.0541.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~2\yahoo!\compan~1\installs\cpn\YTSING~1.DLL
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files (x86)\msn\toolbar\3.0.0541.0\msneshellx.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~2\yahoo!\compan~1\installs\cpn\yt.dll
    TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll
    uRun: [ISUSPM] "c:\program files (x86)\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    mRun: [<NO NAME>]
    mRun: [nmapp] "c:\program files (x86)\pure networks\network magic\nmapp.exe" -autorun -nosplash
    mRun: [nmctxth] "c:\program files (x86)\common files\pure networks shared\platform\nmctxth.exe "
    mRun: [QlbCtrl.exe] "c:\program files (x86)\hewlett-packard\hp quick launch buttons\QlbCtrl.exe" /Start
    mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [WirelessAssistant] c:\program files (x86)\hewlett-packard\hp wireless assistant\HPWAMain.exe
    mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\micros~4\office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\micros~4\office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer

    \WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office 2010\office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office

    2010\office14\ONBttnIELinkedNotes.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing

    \hpswp_BHO.dll
    Trusted Zone: intuit.com
    Trusted Zone: intuit.com\ttlc
    Trusted Zone: juno.com
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files (x86)\yahoo!\common\Yinsthelper.dll
    DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
    DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll
    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files (x86)\common files\pure networks shared\platform\puresp4.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~2\micros~4\office14\GROOVEEX.DLL
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
    BHO-X64: Windows Live Family Safety Browser Helper - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live

    \WindowsLiveLogin.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\progra~1\micros~2\office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    mRun-x64: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    mRun-x64: [SysTrayApp] c:\program files\idt\wdm\sttray64.exe
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
    Hosts: 91.121.221.171 thepiratebay.org
    Hosts: 91.121.221.171 www.thepiratebay.org

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\torin\appdata\roaming\mozilla\firefox\profiles\8cfu24dg.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - component: c:\program files (x86)\avg\avg9\firefox\components\avgssff.dll
    FF - component: c:\users\torin\appdata\roaming\mozilla\firefox\profiles\8cfu24dg.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
    FF - plugin: c:\progra~2\micros~4\office14\NPAUTHZ.DLL
    FF - plugin: c:\progra~2\micros~4\office14\NPSPWRAP.DLL
    FF - plugin: c:\program files (x86)\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
    FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files (x86)\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\nppopcaploader.dll
    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npyaxmpb.dll
    FF - plugin: c:\program files (x86)\tvuplayer\npTVUAx.dll
    FF - plugin: c:\program files (x86)\veetle\player\npvlc.dll
    FF - plugin: c:\program files (x86)\veetle\plugins\npVeetle.dll
    FF - plugin: c:\program files (x86)\veetle\vlcbroadcast\npvbp.dll
    FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
    FF - plugin: c:\users\torin\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: c:\users\torin\appdata\roaming\move networks\plugins\npqmp071701000002.dll
    FF - plugin: c:\users\torin\appdata\roaming\mozilla\firefox\profiles\8cfu24dg.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
    FF - plugin: c:\users\torin\appdata\roaming\mozilla\firefox\profiles\8cfu24dg.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
    FF - plugin: c:\users\torin\appdata\roaming\mozilla\firefox\profiles\8cfu24dg.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
    FF - plugin: c:\users\torin\appdata\roaming\mozilla\plugins\npcoolirisplugin.dll
    FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows

    presentation foundation\dotnetassistantextension\
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.use_native_colors ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.use_native_popup_windows ", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.enable_click_image_resizing ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "accessibility.browsewithcaret_shortcut.enabled ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.high_water_mark ", 32);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "javascript.options.mem.gc_frequency ", 1600);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.auth.force-generic-ntlm ", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.proxy.type ", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.count ", 24);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "network.buffer.cache.size ", 4096);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "dom.ipc.plugins.timeoutSecs ", 45);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "svg.smil.enabled ", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "ui.trackpoint_hack.enabled ", -1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.debug ", false);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.agedWeight ", 2);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.bucketSize ", 1);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.maxTimeGroupings ", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.timeGroupingSize ", 604800);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.boundaryWeight ", 25);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "browser.formfill.prefixWeight ", 5);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "accelerometer.enabled ", true);
    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref( "html5.enable ", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ",

    true);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.download.backgroundInterval ", 600);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref( "browser.search.param.yahoo-fr-ja ", "mozff ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name ",

    "chrome://browser/locale/browser.properties ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description ",

    "chrome://browser/locale/browser.properties ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add ", "addons.mozilla.org ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "xpinstall.whitelist.add.36 ", "getpersonas.com ");
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "lightweightThemes.update.enabled ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.allTabs.previews ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.hide_infobar_for_outdated_plugin ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "plugins.update.notifyUser ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "toolbar.customization.usesheet ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.nptest.dll ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npswf32.dll ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npctrl.dll ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled.npqtplugin.dll ", true);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "dom.ipc.plugins.enabled ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.enable ", false);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.max ", 20);
    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref( "browser.taskbar.previews.cachetime ", 20);

    ============= SERVICES / DRIVERS ===============

    R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-2-27 55024]
    R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2010-4-22 269904]
    R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2010-4-22 35536]
    R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2010-4-22 317520]
    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009

    -3-2 89600]
    R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-4-6 202752]
    R2 atashost;WebEx Service Host for Support Center;c:\windows\syswow64\atashost.exe [2010-6-19 20376]
    R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-7-15 308136]
    R2 DeskSiteApplication;DeskSiteApplication;c:\program files (x86)\desksite software\DeskSiteApplication.exe [2010-3-23 87376]
    R2 DeskSiteContent;DeskSiteContent;c:\program files (x86)\desksite software\DeskSiteContent.exe [2010-3-23 193872]
    R2 DeskSiteMonitor;DeskSiteMonitor;c:\program files (x86)\desksite software\DeskSiteMonitor.exe [2010-3-23 54608]
    R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2010-7-16 30520]
    R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files (x86)\sminst\BLService.exe [2008-10-23 365952]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesService64.exe [2009-10-30 1353544]
    R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\hewlett-packard\media\tv\kernel\tv\TVCapSvc.exe [2009-4-22 296320]
    R2 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\hewlett-packard\media\tv\kernel\tv\TVSched.exe [2009-4-22 116104]
    R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-4-6 6659072]
    R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-4-6 195584]
    R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-10-23 228408]
    R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-1-24 60928]
    R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-7-21 145496]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\tuneup utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
    R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-2-18 26168]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-

    18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010

    -3-18 138576]
    S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-7-17 136176]
    S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2009-4-12 61808]
    S3 fsssvc;Windows Live Family Safety;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-2-6 533360]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\microsoft office

    2010\office14\GROOVE.EXE [2010-1-21 30963576]
    S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9

    4925184]
    S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2009-11-15 19544]
    S3 SRS_WOWHD_DivX_Service;WOW HD DivX Edition;c:\windows\system32\drivers\SRS_DivX_amd64.sys [2009-11-10 377584]
    S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-11 1255736]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf

    \wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]

    =============== Created Last 30 ================

    2010-09-27 05:53:47 0 d-----w- c:\users\torin\appdata\roaming\Crayon Physics Deluxe
    2010-09-27 05:49:35 0 d-----w- c:\windows\syswow64\system32
    2010-09-24 16:58:04 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
    2010-09-24 09:12:13 683 ----a-w- c:\users\torin\Torin - Shortcut.lnk
    2010-09-16 23:44:22 87040 ----a-w- c:\windows\system32\pdfcmnnt.dll
    2010-09-16 23:44:22 137000 ----a-w- c:\windows\syswow64\MSMAPI32.OCX
    2010-09-16 23:44:21 23552 ----a-w- c:\windows\syswow64\MSMPIDE.DLL
    2010-09-16 23:44:21 0 d-----w- c:\program files (x86)\PDFCreator
    2010-09-15 21:50:21 2058752 ----a-w- c:\windows\syswow64\iertutil.dll
    2010-09-15 18:09:31 558592 ----a-w- c:\windows\system32\spoolsv.exe
    2010-09-11 20:26:21 0 d-----w- c:\program files (x86)\Merriam Webster's Spell-Jam
    2010-09-11 20:24:55 0 d-----w- c:\program files (x86)\Brainiversity
    2010-09-11 20:23:53 0 d-----w- c:\program files (x86)\Gutterball 2
    2010-09-11 20:21:57 0 d-----w- c:\program files (x86)\The Price is Right
    2010-09-09 22:39:14 2826240 ----a-w- c:\windows\syswow64\GPhotos.scr
    2010-09-08 07:17:26 0 d-----w- c:\program files (x86)\Coupons
    2010-09-08 07:17:17 0 d-----w- c:\programdata\HP Photo Creations
    2010-09-08 07:17:17 0 d-----w- c:\program files (x86)\HP Photo Creations
    2010-09-08 07:15:54 0 d-----w- c:\programdata\HP Product Assistant
    2010-09-08 06:54:26 197014 ------w- c:\windows\hpoins43.dat.temp
    2010-09-06 04:54:36 0 d-----w- c:\program files (x86)\MSECache
    2010-09-03 05:03:38 0 d-----w- c:\program files\iPod
    2010-09-03 05:03:37 0 d-----w- c:\program files\iTunes
    2010-09-03 05:03:37 0 d-----w- c:\program files (x86)\iTunes
    2010-09-02 23:07:23 0 d-----w- c:\program files (x86)\DAEMON Tools Lite
    2010-09-02 06:06:41 65536 --sha-w- c:\users\torin\ntuser.dat{9ddcccb1-b656-11df-a29e-00235a1ef118}.TM.blf
    2010-09-02 06:06:41 524288 --sha-w- c:\users\torin\ntuser.dat{9ddcccb1-b656-11df-a29e-

    00235a1ef118}.TMContainer00000000000000000002.regtrans-ms
    2010-09-02 06:06:41 524288 --sha-w- c:\users\torin\ntuser.dat{9ddcccb1-b656-11df-a29e-

    00235a1ef118}.TMContainer00000000000000000001.regtrans-ms

    ==================== Find3M ====================

    2010-09-24 16:56:14 208096 ----a-w- c:\windows\hpoins43.dat
    2010-09-02 06:35:38 502256 ----a-w- c:\windows\system32\drivers\sptd.sys
    2010-08-12 06:22:22 332288 ----a-w- c:\windows\system32\uxtheme.dll
    2010-08-12 06:22:18 2851328 ----a-w- c:\windows\system32\themeui.dll
    2010-08-12 06:22:14 44544 ----a-w- c:\windows\system32\themeservice.dll
    2010-08-12 05:32:50 245760 ----a-w- c:\windows\syswow64\uxtheme.dll
    2010-08-12 05:32:45 2755072 ----a-w- c:\windows\syswow64\themeui.dll
    2010-08-11 09:07:16 22744 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-08-11 07:30:07 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
    2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll
    2010-07-27 14:03:24 12867584 ----a-w- c:\windows\syswow64\shell32.dll
    2010-07-17 09:00:12 153376 ----a-w- c:\windows\syswow64\javaws.exe
    2010-07-17 09:00:12 145184 ----a-w- c:\windows\syswow64\javaw.exe
    2010-07-17 09:00:10 145184 ----a-w- c:\windows\syswow64\java.exe
    2010-07-17 09:00:04 423656 ----a-w- c:\windows\syswow64\deployJava1.dll
    2010-07-16 19:04:14 19256 ----a-w- c:\windows\system32\HPMDPCoInst11.dll
    2010-07-16 19:03:58 30520 ----a-w- c:\windows\system32\hpservice.exe
    2010-07-16 19:03:54 20792 ----a-w- c:\windows\system32\accelerometerdll.DLL
    2010-07-15 22:04:28 13048 ----a-w- c:\windows\system32\avgrssta.dll
    2010-07-07 21:58:06 37376 ----a-w- c:\windows\syswow64\libusb0.dll
    2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll
    2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll
    2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll
    2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll
    2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll
    2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
    2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll
    2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll
    2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll
    2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll
    2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll
    2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe
    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-

    app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c

    \WinMail.exe

    ============= FINISH: 12:54:30.78 ===============


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/11/2010 6:34:20 AM
    System Uptime: 9/27/2010 11:51:25 AM (1 hours ago)

    Motherboard: Compal | | 30FC
    Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-74 | Socket M2/S1G1 |

    2200/200mhz

    ==== Disk Partitions =========================

    C: is FIXED (NTFS) - 285 GiB total, 88.093 GiB free.
    D: is FIXED (NTFS) - 13 GiB total, 2.018 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    G: is CDROM ()
    H: is CDROM ()
    I: is CDROM ()

    ==== Disabled Device Manager Items =============

    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart C4700 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart C4700 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:

    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart C4700 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart C4700 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam

    ==== System Restore Points ===================

    RP40: 9/23/2010 8:46:09 AM - Avg Update
    RP41: 9/25/2010 10:10:37 PM - HPSF Restore Point
    RP42: 9/27/2010 11:41:47 AM - Removed Google Earth.

    ==== Installed Programs ======================

    µTorrent
    Acrobat.com
    Activation Assistant for the 2007 Microsoft Office suites
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.3.4
    Agatha Christie - Murder on the Orient Express
    AMD USB Audio Driver Filter
    AnswerWorks 5.0 English Runtime
    Apple Application Support
    Apple Software Update
    Art of Murder: The Hunt for the Puppeteer
    Atheros Driver Installation Program
    AVG Free 9.0
    Axialis IconWorkshop 6.33
    Big Fish Games: Game Manager
    BlackBerry Desktop Software 5.0.1
    BlackBerry Device Software v4.5.0 for the BlackBerry 8330 smartphone
    BlackBerry® Media Sync
    Borders Desktop
    Brainiversity
    BufferChm
    C4700
    Canon RAW Codec
    CanoScan Toolbox Ver4.9
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    CCC Help English
    Choice Guard
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco Network Magic
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    ConvertHelper 2.2
    Coupon Printer for Windows
    CrackMem
    CyberLink DVD Suite
    Dark Fall Lost Souls
    Definition update for Microsoft Office 2010 (KB982726)
    Destinations
    DeviceDiscovery
    DivX Converter
    DivX Plus DirectShow Filters
    DivX Setup
    Dreamfall
    ESU for Microsoft Vista
    FLAC 1.2.1b (remove only)
    FLV Player 2.0 (build 25)
    Futuremark SystemInfo
    GEAR driver installer for x86 and x64
    Google Chrome
    Google Update Helper
    GPBaseService2
    Gutterball 2
    HP Customer Experience Enhancements
    HP Doc Viewer
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP MediaSmart TV
    HP MediaSmart Webcam
    HP MULTIPLE MODEM INSTALLER for VISTA
    HP Photo Creations
    HP Quick Launch Buttons
    HP Support Assistant
    HP Total Care Advisor
    HP Update
    HP User Guides 0129
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    HPPhotoGadget
    hpPrintProjects
    HPProductAssistant
    HPSSupply
    HPTCSSetup
    hpWLPGInstaller
    IBM iSeries Access for Windows
    IDT Audio
    Java Auto Updater
    Java(TM) 6 Update 21
    Java(TM) 6 Update 7
    Jeopardy! 2nd Edition
    JMicron JMB38X Flash Media Controller
    Junk Mail filter update
    Keepsake
    LabelPrint
    Logitech Updater
    Machinarium
    Malwarebytes' Anti-Malware
    MarketResearch
    Mata Hari
    Merriam Webster's Spell-Jam
    Microsoft Live Search Toolbar
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Reader
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Move Media Player
    Mozilla Firefox (3.6.8)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee Reveal
    My HP Games
    Network Magic
    NVIDIA GAME System Software 2.8.1
    Octoshape add-in for Adobe Flash Player
    Patriots DeskSite
    PDFCreator
    Picasa 3
    PictoWords
    PopCap Browser Plugin
    Power2Go
    PowerDirector
    PS_AIO_06_C4700_SW_Min
    Pure Networks Platform
    QLBCASL
    QuickTime
    QuickTransfer
    Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows

    Vista
    Retrospect Express HD 2.5
    Rosetta Stone Version 3
    Scan
    Scrabbleâ„¢ Interactive 2009 Edition
    Skins
    SmartWebPrinting
    SolutionCenter
    SopCast 3.0.3
    Spelling Dictionaries Support For Adobe Reader 9
    SPORE Creature Creator Trial Edition
    Sprint Now Saver
    Status
    StreamTorrent 1.0
    The Price is Right
    Toolbox
    Trader's Little Helper 2.4.1
    TrayApp
    TuneUp Utilities
    TuneUp Utilities Language Pack (en-US)
    TurboTax 2008
    TurboTax 2008 wctiper
    TurboTax 2008 WinPerFedFormset
    TurboTax 2008 WinPerProgramHelp
    TurboTax 2008 WinPerReleaseEngine
    TurboTax 2008 WinPerTaxSupport
    TurboTax 2008 WinPerUserEducation
    TurboTax 2008 wrapper
    TurboTax 2009
    TurboTax 2009 wctiper
    TurboTax 2009 WinPerFedFormset
    TurboTax 2009 WinPerReleaseEngine
    TurboTax 2009 WinPerTaxSupport
    TurboTax 2009 wmaiper
    TurboTax 2009 wrapper
    TVAnts 1.0
    TVUPlayer 2.5.3.1
    VC80CRTRedist - 8.0.50727.4053
    Veetle TV 0.9.17
    Visual C++ 8.0 Runtime Setup Package (x64)
    VLC media player 1.0.1
    WebEx Support Manager for Internet Explorer
    WebReg
    Wheel Of Fortune
    Winamp
    Windows 7 Upgrade Advisor
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Player Firefox Plugin
    WinZip 14.0
    World of Warcraft FREE Trial
    Xvid 1.2.2 final uninstall
    Yahoo! Install Manager
    Yahoo! Messenger
    Yahoo! Toolbar
    Yahoo! Widgets

    ==== Event Viewer Messages From Past Week ========

    9/27/2010 5:40:24 AM, Error: Service Control Manager [7026] - The following boot-

    start or system-start driver(s) failed to load: ActiveMonitor TheStubwareDriver
    9/27/2010 5:37:21 AM, Error: Application Popup [1060] - \SystemRoot

    \SysWow64\Drivers\ActiveMonitor.SYS has been blocked from loading due to

    incompatibility with this system. Please contact your software vendor for a

    compatible version of the driver.
    9/27/2010 11:54:13 AM, Error: Service Control Manager [7022] - The DeskSiteMonitor

    service hung on starting.
    9/27/2010 11:52:26 AM, Error: Service Control Manager [7009] - A timeout was

    reached (30000 milliseconds) while waiting for the DeskSiteApplication service to

    connect.
    9/27/2010 11:52:26 AM, Error: Service Control Manager [7000] - The

    DeskSiteApplication service failed to start due to the following error: The service

    did not respond to the start or control request in a timely fashion.
    9/24/2010 2:06:21 AM, Error: Service Control Manager [7009] - A timeout was

    reached (30000 milliseconds) while waiting for the DeskSiteContent service to

    connect.
    9/24/2010 2:06:21 AM, Error: Service Control Manager [7000] - The DeskSiteContent

    service failed to start due to the following error: The service did not respond to the

    start or control request in a timely fashion.
    9/24/2010 1:01:13 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The

    machine-default permission settings do not grant Local Activation permission for the

    COM Server application with CLSID {10DA4F3C-CC99-4190-BE4D-58330754E882} and

    APPID {7DDEFEA6-98EE-4F13-A25B-EC83D9BC5541} to the user NT AUTHORITY

    \LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security

    permission can be modified using the Component Services administrative tool.
    9/22/2010 8:03:53 PM, Error: Server [2505] - The server could not bind to the

    transport \Device\NetBT_Tcpip_{B0D5DF67-62B0-4F03-AFA8-983AA8834D7F}

    because another computer on the network has the same name. The server could not

    start.

    ==== End Of File ===========================
     
    ztorin,
    #1
  2. 2010/09/27
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    I see you have P2P software ( Azures, Limewire, BitTorrent, uTorrent etc…) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

    Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

    References for the risk of these programs are here, and here.

    I would strongly recommend that you uninstall them, and read the links above for educational value!

    Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

    A Malware expert will have a look at your log in due course.
     
    Admin.,
    #2


  3. to hide this advert.

  4. 2010/09/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Download Malwarebytes' Anti-Malware (aka MBAM): http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html to your desktop.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    Be sure to restart the computer.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    ===============================================================

    Download SUPERAntiSpyware Free for Home Users:
    http://www.superantispyware.com/

    * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    * An icon will be created on your desktop. Double-click that icon to launch the program.
    * If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
    * Close SUPERAntiSpyware.

    Restart computer in Safe Mode.
    To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

    * Open SUPERAntiSpyware.
    * Under "Configuration and Preferences ", click the Preferences button.
    * Click the Scanning Control tab.
    * Under Scanner Options make sure the following are checked (leave all others unchecked):

    • Close browsers before scanning.
      Scan for tracking cookies.
      Terminate memory threats before quarantining.
    * Click the "Close" button to leave the control center screen.
    * Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
    * On the left, make sure you check C:\Fixed Drive.
    * On the right, under "Complete Scan ", choose Perform Complete Scan.
    * Click "Next" to start the scan. Please be patient while it scans your computer.
    * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK ".
    * Make sure everything has a checkmark next to it and click "Next ".
    * A notification will appear that "Quarantine and Removal is Complete ". Click "OK" and then click the "Finish" button to return to the main menu.
    * If asked if you want to reboot, click "Yes ".
    * To retrieve the removal information after reboot, launch SUPERAntispyware again.

    • Click Preferences, then click the Statistics/Logs tab.
      Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
      If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
      Please copy and paste the Scan Log results in your next reply.
    * Click Close to exit the program.
    Post SUPERAntiSpyware log.

    ==============================================================

    Download MBRCheck to your desktop

    Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
    It will show a black screen with some data on it.
    Enter N to exit.
    A report called MBRcheckxxxx.txt will be on your desktop
    Open this report and post its content in your next reply.
     
    broni,
    #3
  5. 2010/09/27
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Well, after the 10 or so hours I've spent on this, I just did a system restore, going back 5 days. By doing so, it seems to have removed all of the items that the Safesurf/Surfguard malware/virus had created. The four items that were created in my SysWOW64\drivers folder were: the "f" folder, up.exe, safesurf.exe, and surfguard.exe all within that drivers folder. Those are no longer there. I have no idea why I didn't try System Restore initially.
     
    ztorin,
    #4
  6. 2010/09/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    System restore rarely clears any infection completely, but...
    Let me know, if you need any more help.
     
    broni,
    #5
  7. 2010/09/27
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Understood, broni. Thank you. I am still going to continue with the 3 options you posted above (Malwarebytes, SuperAntiSypware, and MBRCheck), and I will post those logs shortly. Fingers crossed. This has been driving me crazy since Midnight last night, and I was up until 6AM this morning trying to fix it, and then another 5-6 hours today.

    Thank you again for your continued assistance. This site was a Godsend last night when I happened upon it during my research.

    -torin
     
    ztorin,
    #6
  8. 2010/09/27
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome :)
     
    broni,
    #7
  9. 2010/09/27
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Broni, here's the first of the three logs, starting with the Malwarebytes log, which didn't find any issues:

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Database version: 4707

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    9/27/2010 10:07:00 PM
    mbam-log-2010-09-27 (22-07-00).txt

    Scan type: Quick scan
    Objects scanned: 158485
    Time elapsed: 7 minute(s), 54 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
     
    ztorin,
    #8
  10. 2010/09/28
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Here's the 2nd of the 3 logs, this one is the SUPERAntiSpyware, which was all cookies.

    I'll have to split this one up over two posts, due to the size of it.


    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 09/28/2010 at 01:59 AM

    Application Version : 4.43.1000

    Core Rules Database Version : 5592
    Trace Rules Database Version: 3404

    Scan type : Complete Scan
    Total Scan Time : 03:13:37

    Memory items scanned : 317
    Memory threats detected : 0
    Registry items scanned : 15782
    Registry threats detected : 0
    File items scanned : 288157
    File threats detected : 741

    Adware.Tracking Cookie
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@imrworldwide[3].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@zedo[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@interclick[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@doubleclick[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@content.yieldmanager[3].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@www.femalefirst.co[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@windowsmedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ad.yieldmanager[3].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ad.verticalmarketinggroup[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@adply.plymedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@avgtechnologies.112.2o7[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ads.livenation[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@fastclick[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@bikinimedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@richmedia.yahoo[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@click.tigeronline[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@www.windowsmedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@adbrite[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@couponmountain[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@invitemedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@dc.tremormedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@eurosexparties[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@insightexpressai[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ad.yieldmanager[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@clicksor[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@content.yieldmanager[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@atdmt[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@realmedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@adinterax[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@torrent-finder[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@socialmedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@crackberry[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@network.realmedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@questionmarket[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ads.as4x.tmcs[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@yadro[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@adserver.adtechus[1].txt
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .doubleclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adserver.adtechus.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .www.burstnet.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .foxinteractivemedia.122.2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .apmebf.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .imrworldwide.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    stat.onestat.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .statcounter.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .247realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .naked.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    advertising.sheknows.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yadro.ru [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .nextag.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .nextag.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ero-advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .msnbc.112.2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .legolas-media.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .hyundaimotoramerica.122.2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .eyewonder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.youporn.videobox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.youporn.videobox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.videobox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.zeusclicks.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .xiti.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .myroitracking.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clicksor.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    counter9.sextracker.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .sextracker.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhublive.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.pornhublive.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pornhub.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpose.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media.adfrontiers.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fullcount.weei.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediabrandsww.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adecn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .usatoday1.112.2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lstat.youku.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lstat.youku.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    metroleap.rotator.hadj7.adjuggler.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    googleads.g.doubleclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickfuse.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickfuse.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ehg-chartercommunications.hitbox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .charter.112.2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .charter2.db.advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .hitbox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .hitbox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ehg-chartercommunications.hitbox.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adinterax.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .casalemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .yieldmanager.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .overture.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ourmedia.org [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .torrent-finder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    data.coremetrics.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    statse.webtrendslive.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstnet.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .lucidmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .network.realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    dc.tremormedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .amex-insights.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .delivery.trafficjunky.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.crakmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.crakmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .youporn.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adxpansion.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .****tube.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .picadmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .picadmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .atdmt.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .intermundomedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .intermundomedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .intermundomedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.bridgetrack.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.bridgetrack.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.bridgetrack.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ads.bridgetrack.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .2o7.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.addynamix.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    metroleap.rotator.hadj7.adjuggler.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .richmedia.yahoo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .fastclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .at.atwola.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    in.getclicky.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .azjmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .azjmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adinterax.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .a1.interclick.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    flagcounter.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.burstbeacon.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .burstbeacon.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .specificclick.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .collective-media.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .clickaider.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .smartadserver.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tacoda.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media.adfrontiers.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    cdn1.trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    cdn1.trafficmp.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    network.realmedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .advertising.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .kontera.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .tribalfusion.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ads.pointroll.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .insightexpressai.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .bs.serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .serving-sys.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .adbrite.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .ru4.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .zedo.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .media6degrees.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    crackberry.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
     
    ztorin,
    #9
  11. 2010/09/28
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Here's the second-half of the SUPERAntiSpyware log:


    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .linksynergy.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .linksynergy.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .invitemedia.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .revsci.net [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    www.burstnet.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .content.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .mediaplex.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    .questionmarket.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
    bbca.channelfinder.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    bc.youporn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    cdn.insights.gravity.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    cdn2.themis-media.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    cdn4.specificclick.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    content.oddcast.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    countdownpage.createyourcountdown.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    crackle.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    ds.serving-sys.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    files.youporn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    ia.media-imdb.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    iliketeens.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media-macys2.pictela.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.b5media.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.cbs3springfield.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.cnbc.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.ign.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.kiiitv.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.movieweb.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.mtvnservices.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.nbcchicago.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.nbcnewyork.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.noob.us [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.perthnow.com.au [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.scanscout.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.socialvibe.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media.thewb.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media01.kyte.tv [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media1.break.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media2.myfoxboston.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    media2.myfoxdc.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    msnbcmedia.msn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    naiadsystems.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    objects.tremormedia.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    pornme.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    pornotube.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    s0.2mdn.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    secure-us.imrworldwide.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    sftrack.searchforce.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    static.2mdn.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    static.xxxbunker.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    static.youporn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    tour.pornclassics.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    udn.specificclick.net [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    video.redorbit.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    videomedia.ign.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    vidii.hardsextube.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.babeporn.info [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.castyourporn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.classicpornlinks.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.classicporntheater.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.crackle.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.fantasyenhancer.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.freshteen.biz [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.****tube.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.livesexlist.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.mediadump.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.naiadsystems.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.pornhost.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.pornhub.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    www.youngpornmovies.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    wwwstatic.megaporn.com [ C:\Users\Torin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\X9U8K5SM ]
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@247realmedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@2o7[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ad.wsod[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ad.yieldmanager[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ad.yieldmanager[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@adbrite[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@adecn[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.bcserving[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.pointroll[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.pubmatic[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.redorbit[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.undertone[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ads.us.e-planning[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@adserver.adtechus[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@advertising[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@adx.bidsystem[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@apmebf[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@at.atwola[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@atdmt[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@atlas.entrepreneur[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@bs.serving-sys[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@burstbeacon[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@burstnet[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@chitika[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@collective-media[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@content.yieldmanager[3].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@crackle[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@data.coremetrics[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@doubleclick[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@eas.apm.emediate[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@entrepreneur.122.2o7[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@eyewonder[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@fastclick[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@imrworldwide[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@insightexpressai[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@interclick[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@invitemedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@kontera[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@media2.myfoxboston[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@media6degrees[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@mediaplex[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@pointroll[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@questionmarket[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@realmedia[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@rotator.adjuggler[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@ru4[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@serving-sys[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@specificmedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@statcounter[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@tacoda[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@trafficmp[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@www.burstbeacon[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@www.burstnet[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@www.googleadservices[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@yieldmanager[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\Low\torin@zedo[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@ad.yieldmanager[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@bs.serving-sys[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@casalemedia[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@fastclick[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@imrworldwide[2].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@serving-sys[1].txt
    C:\Users\Torin\AppData\Roaming\Microsoft\Windows\Cookies\torin@statse.webtrendslive[1].txt
    .invitemedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .invitemedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediaplayer.srswowcast.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    forums.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .forums.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .forums.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    forums.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    pluckit.demandmedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .cracked.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .cracked.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .cracked.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .cracked.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .youporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .youporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .youporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .youporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .sexbitches.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .foothillsmediagroup.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.townnews.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    dc.tremormedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats.fyxm.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .darkwarez.info [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .adult-videos.videosurf.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .adult-videos.videosurf.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .maxporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .maxporn.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .naiadsystems.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .naiadsystems.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .foxinteractivemedia.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stat.onestat.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stat.onestat.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .imrworldwide.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .nhl.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .doubleclick.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .stats.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .weei.stats.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .weei.stats.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .statcounter.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    sales.liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    sales.liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .avgtechnologies.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .winzip.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .advertmint.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .advertmint.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-chartercommunications.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .gmgmacmortgage.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .warnerbros.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .dmtracker.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    tracking.hostgator.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .overture.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .overture.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .yadro.ru [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    statse.webtrendslive.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .walmart.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .lgelectronics.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .atdmt.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .microsoftpmx.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    sales.liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .calphalon2.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .microsoftwlsearchcrm.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .msnportal.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .apmebf.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediaplex.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    data.coremetrics.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .timeinc.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    software.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    software.crackberry.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    ad.yieldmanager.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .adultfriendfinder.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .webreports.digitalinsight.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .webreports.digitalinsight.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .webreports.digitalinsight.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    counter.hitslink.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .e-2dj6wfmyclcjabq.stats.esomniture.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    flagcounter.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .microsoftwindows.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-verizon.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-verizon.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-verizon.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediafire.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .s.clickability.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .s.clickability.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-techtarget.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .ehg-techtarget.hitbox.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .buzznet.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .surveymonkey.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .media.photobucket.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .fim.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediatakeout.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediatakeout.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .mediatakeout.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .linksynergy.walmart.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .linksynergy.walmart.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .linksynergy.walmart.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .liveperson.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .packagetrackr.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .packagetrackr.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .packagetrackr.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .packagetrackr.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    in.getclicky.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .roiservice.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stat.onestat.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .andomedia.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .pornhub.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .pornhub.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .pornhub.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    www.packagetrackr.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .usatoday1.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .boostmobile.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .statcounter.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    test.coremetrics.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .micron.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .burstnetads.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .burstnetads.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .apmebf.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    traffic.buyservices.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .borders.112.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats1.clicktracks.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats1.clicktracks.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats1.clicktracks.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    stats1.clicktracks.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .buycom.122.2o7.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .revsci.net [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .account.woot.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .account.woot.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
    .e-2dj6wjlyqlcpsbp.stats.esomniture.com [ C:\Users\Torin\AppData\Roaming\Mozilla\Firefox\Profiles\8cfu24dg.default\cookies.sqlite ]
     
    ztorin,
    #10
  12. 2010/09/28
    ztorin

    ztorin Inactive Thread Starter

    Joined:
    2010/09/27
    Messages:
    7
    Likes Received:
    0
    Here's the last of the 3 logs. This is the MBRCheck log. Thanks for taking the time to help me with this. Please advise how you think I should proceed.

    -torin

    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows 7 Home Premium Edition
    Windows Information: (build 7600), 64-bit
    Base Board Manufacturer: Compal
    BIOS Manufacturer: Hewlett-Packard
    System Manufacturer: Hewlett-Packard
    System Product Name: HP Pavilion dv7 Notebook PC
    Logical Drives Mask: 0x000001fc

    Kernel Drivers (total 215):
    0x02E0E000 \SystemRoot\system32\ntoskrnl.exe
    0x033EA000 \SystemRoot\system32\hal.dll
    0x00BC8000 \SystemRoot\system32\kdcom.dll
    0x00CD7000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
    0x00CE4000 \SystemRoot\system32\PSHED.dll
    0x00CF8000 \SystemRoot\system32\CLFS.SYS
    0x00C00000 \SystemRoot\system32\CI.dll
    0x00D56000 \SystemRoot\system32\drivers\Wdf01000.sys
    0x00CC0000 \SystemRoot\system32\drivers\WDFLDR.SYS
    0x00E86000 \SystemRoot\System32\Drivers\sptd.sys
    0x00FE2000 \SystemRoot\System32\Drivers\WMILIB.SYS
    0x00E00000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
    0x00E2F000 \SystemRoot\system32\DRIVERS\pci.sys
    0x00E62000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
    0x010E5000 \SystemRoot\system32\DRIVERS\ACPI.sys
    0x0113C000 \SystemRoot\system32\DRIVERS\msisadrv.sys
    0x01146000 \SystemRoot\System32\drivers\partmgr.sys
    0x0115B000 \SystemRoot\system32\DRIVERS\volmgr.sys
    0x01170000 \SystemRoot\System32\drivers\volmgrx.sys
    0x011CC000 \SystemRoot\system32\DRIVERS\compbatt.sys
    0x011D5000 \SystemRoot\system32\DRIVERS\BATTC.SYS
    0x011E1000 \SystemRoot\system32\DRIVERS\pciide.sys
    0x011E8000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
    0x01000000 \SystemRoot\System32\drivers\mountmgr.sys
    0x0101A000 \SystemRoot\system32\DRIVERS\atapi.sys
    0x01023000 \SystemRoot\system32\DRIVERS\ataport.SYS
    0x0104D000 \SystemRoot\system32\DRIVERS\msahci.sys
    0x01058000 \SystemRoot\system32\DRIVERS\amdxata.sys
    0x01063000 \SystemRoot\system32\drivers\fltmgr.sys
    0x010AF000 \SystemRoot\system32\drivers\fileinfo.sys
    0x010C3000 \SystemRoot\System32\Drivers\PxHlpa64.sys
    0x01239000 \SystemRoot\System32\Drivers\Ntfs.sys
    0x0144A000 \SystemRoot\System32\Drivers\msrpc.sys
    0x014A8000 \SystemRoot\System32\Drivers\ksecdd.sys
    0x014C2000 \SystemRoot\System32\Drivers\cng.sys
    0x01535000 \SystemRoot\System32\drivers\pcw.sys
    0x01546000 \SystemRoot\System32\Drivers\Fs_Rec.sys
    0x016DF000 \SystemRoot\system32\drivers\ndis.sys
    0x01600000 \SystemRoot\system32\drivers\NETIO.SYS
    0x01660000 \SystemRoot\System32\Drivers\ksecpkg.sys
    0x01800000 \SystemRoot\System32\drivers\tcpip.sys
    0x0168B000 \SystemRoot\System32\drivers\fwpkclnt.sys
    0x01550000 \SystemRoot\system32\DRIVERS\volsnap.sys
    0x016D5000 \SystemRoot\System32\Drivers\spldr.sys
    0x0159C000 \SystemRoot\System32\drivers\rdyboost.sys
    0x017D1000 \SystemRoot\System32\Drivers\mup.sys
    0x017E3000 \SystemRoot\System32\drivers\hwpolicy.sys
    0x01400000 \SystemRoot\System32\DRIVERS\fvevol.sys
    0x017EC000 \SystemRoot\system32\DRIVERS\hpdskflt.sys
    0x015D6000 \SystemRoot\system32\DRIVERS\disk.sys
    0x01200000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
    0x017F6000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
    0x02C1E000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0x02C48000 \SystemRoot\System32\Drivers\Null.SYS
    0x02C51000 \SystemRoot\System32\Drivers\Beep.SYS
    0x02C58000 \SystemRoot\System32\drivers\vga.sys
    0x02C66000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
    0x02C8B000 \SystemRoot\System32\drivers\watchdog.sys
    0x02C9B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0x02CA4000 \SystemRoot\system32\drivers\rdpencdd.sys
    0x02CAD000 \SystemRoot\system32\drivers\rdprefmp.sys
    0x02CB6000 \SystemRoot\System32\Drivers\Msfs.SYS
    0x02CC1000 \SystemRoot\System32\Drivers\Npfs.SYS
    0x02CD2000 \SystemRoot\system32\DRIVERS\tdx.sys
    0x02CF0000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0x02CFD000 \SystemRoot\System32\Drivers\avgtdia.sys
    0x02D4E000 \SystemRoot\System32\DRIVERS\netbt.sys
    0x03ABF000 \SystemRoot\system32\drivers\afd.sys
    0x03B49000 \SystemRoot\system32\DRIVERS\wfplwf.sys
    0x03B52000 \SystemRoot\system32\DRIVERS\pacer.sys
    0x03B78000 \SystemRoot\system32\DRIVERS\vwififlt.sys
    0x03B8E000 \SystemRoot\system32\DRIVERS\netbios.sys
    0x03B9D000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0x03BB8000 \SystemRoot\system32\DRIVERS\termdd.sys
    0x03BCC000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    0x03BD6000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    0x03A00000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0x03A51000 \SystemRoot\system32\drivers\nsiproxy.sys
    0x03A5D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0x03A68000 \SystemRoot\System32\drivers\discache.sys
    0x03A77000 \SystemRoot\System32\Drivers\dfsc.sys
    0x03A95000 \SystemRoot\system32\DRIVERS\blbdrive.sys
    0x03AA6000 \SystemRoot\System32\Drivers\avgmfx64.sys
    0x02D93000 \SystemRoot\System32\Drivers\avgldx64.sys
    0x02DDA000 \SystemRoot\system32\DRIVERS\tunnel.sys
    0x03BE0000 \SystemRoot\system32\DRIVERS\amdppm.sys
    0x03CE6000 \SystemRoot\system32\DRIVERS\atikmpag.sys
    0x03EB2000 \SystemRoot\system32\DRIVERS\atikmdag.sys
    0x048CE000 \SystemRoot\System32\drivers\dxgkrnl.sys
    0x04800000 \SystemRoot\System32\drivers\dxgmms1.sys
    0x04846000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0x0486A000 \SystemRoot\system32\DRIVERS\jmcr.sys
    0x04A42000 \SystemRoot\system32\DRIVERS\athrx.sys
    0x04B9A000 \SystemRoot\system32\DRIVERS\vwifibus.sys
    0x04BA7000 \SystemRoot\system32\DRIVERS\Rtlh64.sys
    0x04BE1000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    0x04BEE000 \SystemRoot\system32\DRIVERS\usbohci.sys
    0x0455C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0x04A00000 \SystemRoot\system32\DRIVERS\usbfilter.sys
    0x04A0A000 \SystemRoot\system32\DRIVERS\USBD.SYS
    0x04A0C000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0x04A1D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0x04891000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
    0x0489D000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0x03E00000 \SystemRoot\system32\DRIVERS\SynTP.sys
    0x048AC000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0x04A3B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
    0x03E53000 \SystemRoot\System32\Drivers\a595hep7.SYS
    0x049C2000 \SystemRoot\system32\DRIVERS\enecir.sys
    0x049DE000 \SystemRoot\system32\DRIVERS\Accelerometer.sys
    0x049EB000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
    0x048BB000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
    0x03E98000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
    0x045B2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0x049F4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0x03D1C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0x045D6000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0x03D4B000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0x03D6C000 \SystemRoot\system32\DRIVERS\rassstp.sys
    0x04A40000 \SystemRoot\system32\DRIVERS\swenum.sys
    0x03D86000 \SystemRoot\system32\DRIVERS\ks.sys
    0x03DC9000 \SystemRoot\system32\DRIVERS\circlass.sys
    0x03DDB000 \SystemRoot\system32\DRIVERS\umbus.sys
    0x03C00000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0x03C5A000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0x03C6F000 \SystemRoot\system32\drivers\AtiHdmi.sys
    0x03C8E000 \SystemRoot\system32\drivers\portcls.sys
    0x05EE2000 \SystemRoot\system32\drivers\drmk.sys
    0x05F04000 \SystemRoot\system32\drivers\ksthunk.sys
    0x05F0A000 \SystemRoot\system32\DRIVERS\stwrt64.sys
    0x06036000 \SystemRoot\system32\DRIVERS\agrsm64.sys
    0x06172000 \SystemRoot\system32\drivers\modem.sys
    0x06181000 \SystemRoot\system32\DRIVERS\hidir.sys
    0x06192000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0x061AB000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0x061B4000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0x061C2000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0x000E0000 \SystemRoot\System32\win32k.sys
    0x061CF000 \SystemRoot\System32\drivers\Dxapi.sys
    0x061DB000 \SystemRoot\System32\Drivers\crashdmp.sys
    0x061E9000 \SystemRoot\System32\Drivers\dump_dumpata.sys
    0x061F5000 \SystemRoot\System32\Drivers\dump_msahci.sys
    0x06000000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
    0x06013000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0x05F89000 \SystemRoot\System32\Drivers\usbvideo.sys
    0x05FB7000 \SystemRoot\system32\DRIVERS\monitor.sys
    0x004F0000 \SystemRoot\System32\TSDDD.dll
    0x007C0000 \SystemRoot\System32\cdd.dll
    0x00820000 \SystemRoot\System32\ATMFD.DLL
    0x05FC5000 \SystemRoot\system32\drivers\luafv.sys
    0x05FE8000 \SystemRoot\system32\DRIVERS\lltdio.sys
    0x05E00000 \SystemRoot\system32\DRIVERS\nwifi.sys
    0x05E53000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0x05E66000 \SystemRoot\system32\DRIVERS\pnarp.sys
    0x05E72000 \SystemRoot\system32\DRIVERS\purendis.sys
    0x05E7E000 \SystemRoot\system32\DRIVERS\rspndr.sys
    0x0644C000 \SystemRoot\system32\drivers\HTTP.sys
    0x06514000 \SystemRoot\system32\DRIVERS\bowser.sys
    0x06532000 \SystemRoot\System32\drivers\mpsdrv.sys
    0x0654A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0x06577000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    0x065C5000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    0x078CE000 \SystemRoot\system32\DRIVERS\atksgt.sys
    0x0791D000 \SystemRoot\system32\DRIVERS\lirsgt.sys
    0x0792A000 \SystemRoot\system32\drivers\peauth.sys
    0x079D0000 \SystemRoot\System32\Drivers\secdrv.SYS
    0x07800000 \SystemRoot\System32\DRIVERS\srvnet.sys
    0x0782D000 \SystemRoot\System32\drivers\tcpipreg.sys
    0x0783F000 \SystemRoot\system32\drivers\tdtcp.sys
    0x0784A000 \SystemRoot\System32\DRIVERS\tssecsrv.sys
    0x07859000 \SystemRoot\System32\Drivers\RDPWD.SYS
    0x088AD000 \SystemRoot\System32\DRIVERS\srv2.sys
    0x08915000 \SystemRoot\System32\DRIVERS\srv.sys
    0x089AD000 \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
    0x08871000 \SystemRoot\system32\DRIVERS\asyncmac.sys
    0x77990000 \Windows\System32\ntdll.dll
    0x47EF0000 \Windows\System32\smss.exe
    0xFFCB0000 \Windows\System32\apisetschema.dll
    0xFFFF0000 \Windows\System32\autochk.exe
    0xFFBD0000 \Windows\System32\usp10.dll
    0x77B60000 \Windows\System32\psapi.dll
    0xFFBC0000 \Windows\System32\lpk.dll
    0xFFB90000 \Windows\System32\imm32.dll
    0xFF930000 \Windows\System32\iertutil.dll
    0xFF920000 \Windows\System32\nsi.dll
    0xFF880000 \Windows\System32\clbcatq.dll
    0xFF830000 \Windows\System32\ws2_32.dll
    0xFF7E0000 \Windows\System32\Wldap32.dll
    0xFF770000 \Windows\System32\gdi32.dll
    0xFF660000 \Windows\System32\msctf.dll
    0xFF640000 \Windows\System32\imagehlp.dll
    0xFF5C0000 \Windows\System32\difxapi.dll
    0xFF490000 \Windows\System32\rpcrt4.dll
    0x77870000 \Windows\System32\kernel32.dll
    0xFF2B0000 \Windows\System32\setupapi.dll
    0xFF210000 \Windows\System32\msvcrt.dll
    0xFE480000 \Windows\System32\shell32.dll
    0xFE300000 \Windows\System32\urlmon.dll
    0x77770000 \Windows\System32\user32.dll
    0xFE260000 \Windows\System32\comdlg32.dll
    0xFE180000 \Windows\System32\oleaut32.dll
    0xFE100000 \Windows\System32\shlwapi.dll
    0xFE0E0000 \Windows\System32\sechost.dll
    0xFDED0000 \Windows\System32\ole32.dll
    0x77B50000 \Windows\System32\normaliz.dll
    0xFDDA0000 \Windows\System32\wininet.dll
    0xFDCC0000 \Windows\System32\advapi32.dll
    0xFDC80000 \Windows\System32\cfgmgr32.dll
    0xFDC40000 \Windows\System32\wintrust.dll
    0xFDAD0000 \Windows\System32\crypt32.dll
    0xFDA30000 \Windows\System32\comctl32.dll
    0xFDA10000 \Windows\System32\devobj.dll
    0xFD9A0000 \Windows\System32\KernelBase.dll
    0xFD990000 \Windows\System32\msasn1.dll
    0x77520000 \Windows\SysWOW64\normaliz.dll

    Processes (total 103):
    0 System Idle Process
    4 System
    284 C:\Windows\System32\smss.exe
    428 csrss.exe
    496 C:\Windows\System32\wininit.exe
    516 csrss.exe
    560 C:\Windows\System32\services.exe
    576 C:\Windows\System32\lsass.exe
    584 C:\Windows\System32\lsm.exe
    684 C:\Windows\System32\svchost.exe
    740 C:\Windows\System32\winlogon.exe
    804 C:\Windows\System32\svchost.exe
    852 C:\Windows\System32\atiesrxx.exe
    904 C:\Windows\System32\svchost.exe
    948 C:\Windows\System32\svchost.exe
    1016 C:\Windows\System32\svchost.exe
    376 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
    1080 C:\Windows\System32\svchost.exe
    1144 C:\Windows\System32\atieclxx.exe
    1156 C:\Windows\System32\hpservice.exe
    1244 C:\Windows\System32\svchost.exe
    1444 C:\Windows\System32\dwm.exe
    1488 C:\Windows\explorer.exe
    1524 C:\Windows\System32\spoolsv.exe
    1552 C:\Windows\System32\svchost.exe
    1632 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    1652 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
    1680 C:\Program Files\LSI SoftModem\agr64svc.exe
    1700 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    1736 C:\Windows\System32\taskhost.exe
    1856 C:\Windows\SysWOW64\atashost.exe
    1888 C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
    1908 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    1948 C:\Program Files (x86)\DeskSite Software\DeskSiteApplication.exe
    1992 C:\Program Files (x86)\DeskSite Software\DeskSiteContent.exe
    988 C:\Program Files (x86)\DeskSite Software\DeskSiteMonitor.exe
    2084 C:\Windows\System32\svchost.exe
    2152 C:\Windows\SysWOW64\svchost.exe
    2196 C:\Windows\System32\svchost.exe
    2240 C:\Windows\System32\svchost.exe
    2272 C:\Program Files (x86)\SMINST\BLService.exe
    2336 C:\Program Files (x86)\Retrospect\Retrospect Express HD 2.5\retrorun.exe
    2432 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    2456 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    2468 C:\Program Files\IDT\WDM\sttray64.exe
    2568 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    2808 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    2848 C:\Program Files\Windows Sidebar\sidebar.exe
    2756 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
    2968 C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    580 C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
    2832 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    3132 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    3524 C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
    3588 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    3964 C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
    3180 C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
    3188 C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
    3380 C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
    4836 C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
    4880 C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    4912 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    4996 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    5112 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    4152 C:\Program Files (x86)\AVG\AVG9\avgtray.exe
    3452 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    4120 WmiPrvSE.exe
    4532 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    4928 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    4080 C:\Windows\System32\svchost.exe
    4472 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    5160 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    5168 C:\Windows\System32\svchost.exe
    5520 C:\Program Files\Windows Media Player\wmpnetwk.exe
    5540 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
    5608 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    6088 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    4312 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    4712 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    4040 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    292 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    1292 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    5792 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    4608 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    2588 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    3104 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    3204 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    3688 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    5924 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    3064 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    6140 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    5100 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    5696 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    644 C:\Users\Torin\AppData\Local\Google\Chrome\Application\chrome.exe
    172 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    2872 C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    3116 C:\Windows\System32\svchost.exe
    5248 C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    4788 C:\Windows\System32\notepad.exe
    1412 C:\Windows\System32\audiodg.exe
    5624 C:\Users\Torin\Desktop\MBRCheck.exe
    6352 C:\Windows\System32\conhost.exe
    6192 C:\Windows\System32\dllhost.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000047`4bd00000 (NTFS)

    PhysicalDrive0 Model Number: FUJITSUMHZ2320BHG2, Rev: 8909

    Size Device Name MBR Status
    --------------------------------------------
    298 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
    SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


    Done!
     
    ztorin,
    #11
  13. 2010/09/28
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good :)

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /i " " /c
    dir /b "%systemroot%\*.exe" | find /i " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    broni,
    #12
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...