Page 1 of 2 12 LastLast
Results 1 to 10 of 20
  1. #1
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default Malware? Not sure.

    Hi,

    My computer seems to run high CPU but the real strange thing is when I'm typing my cursor will move randomly and when I look up, I'm typing somewhere else on the page. When running high CPU FireFox will say "not responding" and the screen will move a little and fade then right back to normal. I downloaded Hijack this and below is my log. Any help will be greatly appreciated.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 7:24:56 PM, on 4/6/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Windows\system32\Taskmgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/clipextractor/{B1B5B843-118D-441F-A9CE-6786BA65AA71}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = actsvr.comcastonline.com:8100
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = cdn;*.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: PackageCab - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
    O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
    O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\Windows\system32\CSHelper.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton Security Suite (N360) - Symantec Corporation - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 8338 bytes

  2. #2
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    Malwarebytes Anti-Malware 1.60.1.1000
    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Database version: v2012.04.06.09

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Tina & Mark :: OFFICE-PC [administrator]

    4/6/2012 7:45:50 PM
    mbam-log-2012-04-06 (19-45-50).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 198193
    Time elapsed: 9 minute(s), 22 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Tina & Mark\Downloads\SoftonicDownloader_for_trojanhunter.exe (PUP.OfferBundler.ST) -> No action taken.

    (end)

  3. #3
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 04/06/2012 at 08:37 PM

    Application Version : 5.0.1146

    Core Rules Database Version : 8424
    Trace Rules Database Version: 6236

    Scan type : Quick Scan
    Total Scan Time : 00:13:10

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)

    Memory items scanned : 688
    Memory threats detected : 0
    Registry items scanned : 27502
    Registry threats detected : 0
    File items scanned : 8094
    File threats detected : 210

    Adware.Tracking Cookie
    .adinterax.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    content2.kitnmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    cdn.eyewonder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    cdn.eyewonder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .clickbooth.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ads.saymedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    wstat.wibiya.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    traffic.prod.cobaltgroup.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Bizrate - Shop and Compare Prices [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .mediaforge.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    tracking.waterfrontmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .pittsburghurbanmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .pittsburghurbanmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    a.intentmedia.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    wpdiva87.freestats.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    wpdiva87.freestats.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .countdowntopregnancy.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .countdowntopregnancy.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .countdowntopregnancy.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .steelhousemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .findadoc.upmc.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .findadoc.upmc.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .kantarmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Apartments for Rent | Apartment Finder and Rentals Locator | Apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Apartments for Rent | Apartment Finder and Rentals Locator | Apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Apartments for Rent | Apartment Finder and Rentals Locator | Apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .apartmentfinder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    TOM Tracker Version 3 - Tracking Online Media [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    TOM Tracker Version 3 - Tracking Online Media [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    www.qsstats.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ads2.forexglossary.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .askavetquestion.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .askavetquestion.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .askavetquestion.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .askavetquestion.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ads.saymedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    dc.tremormedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6whlicnazolp.stats.esomniture.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wcmyugcpcfo.stats.esomniture.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Bizrate - Shop and Compare Prices [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .eyewonder.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .kanoodle.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Google [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Google [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .adxpose.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .elite.gowildgadgets.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .elite.gowildgadgets.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .kanoodle.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    Google [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .mm.chitika.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .bizrate.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .tshirtinsight.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .T-Shirt Insight, tees sourced from shops all over the web [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .getclicky.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .static.getclicky.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .tshirtinsight.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    mediaservices-d.openxenterprise.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .srv.resultsmedia.biz [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .ncp.imrworldwide.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .lfstmedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    gosurveys.itracks.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .adinterax.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .kaspersky.122.2o7.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\COOKIES.SQLITE ]

  4. #4
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    My computer is a Dell Inspiron 11420, 32-bit operating system, memory 3.00 GB, Windows Vista Home Premium

  5. #5
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    Can someone help please?

  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello and welcome to Help2Go

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    Please take note:

    1. If you have since resolved the original problem you were having, we would appreciate you letting us know.
    2. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
      • If you are unsure about any of these characteristics just post what you can and we will guide you.
    3. Please tell us if you have your original Windows CD/DVD available.
    4. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
    5. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
    6. Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
    7. If you have already posted a DDS log, please do so again, as your situation may have changed.
    8. Use the 'Add Reply' and add the new log to this thread.


    We need to see some information about what is happening in your machine. Please perform the following scan again:

    • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE


    We also need a new log from the GMER anti-rootkit Scanner.

    Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Then proceed to run aswMbr.exe as noted below.

    Please first disable any CD emulation programs using the steps found in this topic:

    Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:


    Note:
    If you are unable to run a Gmer scan due the fact you are running a 64bit machine please run the following tool and post its log.

    Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.




    Thanks and again sorry for the delay.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. #7
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello.

    Are you still there?

    If you are please follow the instructions in my previous post.

    If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

    Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

    Thanks for understanding

    With Regards,
    fireman4it
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  8. #8
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    Hello,

    Sorry for the delay. I was unable to download the DDS. Not sure, but a window will pop up and go away and that's it... I did do this one though. Thank you.

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-04-13 10:41:28
    -----------------------------
    10:41:28.336 OS Version: Windows 6.0.6002 Service Pack 2
    10:41:28.336 Number of processors: 2 586 0xF0D
    10:41:28.337 ComputerName: OFFICE-PC UserName:
    10:42:04.140 Initialize success
    10:42:27.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
    10:42:27.387 Disk 0 Vendor: WDC_WD25 11.0 Size: 238475MB BusType: 3
    10:42:27.405 Disk 0 MBR read successfully
    10:42:27.409 Disk 0 MBR scan
    10:42:27.415 Disk 0 Windows VISTA default MBR code
    10:42:27.419 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 94 MB offset 63
    10:42:27.448 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 194560
    10:42:27.469 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 225578 MB offset 21166080
    10:42:27.474 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 483151872
    10:42:27.532 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 483153920
    10:42:27.541 Disk 0 scanning sectors +488394752
    10:42:27.610 Disk 0 scanning C:\Windows\system32\drivers
    10:42:34.279 Service scanning
    10:42:49.964 Modules scanning
    10:43:04.388 Disk 0 trace - called modules:
    10:43:04.483 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
    10:43:04.498 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86906ac8]
    10:43:04.512 3 CLASSPNP.SYS[8aba38b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85772030]
    10:43:04.525 Scan finished successfully
    10:43:16.112 Disk 0 MBR has been saved successfully to "C:\Users\Tina & Mark\Desktop\MBR.dat"
    10:43:16.127 The log file has been saved successfully to "C:\Users\Tina & Mark\Desktop\aswMBR.txt"

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Since DDS wont work lets try an alternative.

    • 1. Please download OTL from one of the following mirrors:
    • This is THE Mirror
      2. Save it to your desktop.
      3. Double click on the icon on your desktop.
      4. Under the Custom Scan box paste this in
      Code:
      c:\windows\*. /SL
      c:\windows\*. /RP 
      netsvcs
      activex
      drivers32
      %ALLUSERSPROFILE%\Application Data\*.
      %ALLUSERSPROFILE%\Application Data\*.exe /s
      %APPDATA%\*.
      %APPDATA%\*.exe /s
      %SYSTEMDRIVE%\*.exe
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\System32\config\*.sav 
      %systemroot%\system32\drivers\*.sys /90
      5. Push the Quick Scan button.
      6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member
    Join Date
    Apr 2012
    Posts
    10
    Points
    0

    Default

    Here is it. Thank you.

    OTL logfile created on: 4/15/2012 8:13:20 PM - Run 2
    OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Tina & Mark\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 60.10% Memory free
    6.21 Gb Paging File | 4.75 Gb Available in Paging File | 76.56% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 220.29 Gb Total Space | 131.14 Gb Free Space | 59.53% Space Free | Partition Type: NTFS
    Drive D: | 10.00 Gb Total Space | 4.54 Gb Free Space | 45.39% Space Free | Partition Type: NTFS

    Computer Name: OFFICE-PC | User Name: Tina & Mark | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/04/15 20:11:41 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Tina & Mark\Desktop\OTL.exe
    PRC - [2012/03/19 08:20:50 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2012/02/15 11:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
    PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe
    PRC - [2010/08/14 00:56:47 | 000,266,240 | ---- | M] () -- C:\Windows\System32\CSHelper.exe
    PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2008/10/04 15:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    PRC - [2008/10/04 15:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    PRC - [2008/09/24 00:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
    PRC - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
    PRC - [2008/01/02 00:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
    PRC - [2007/04/13 12:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
    PRC - [2006/11/02 08:34:50 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\calc.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/04/13 16:31:09 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
    MOD - [2012/04/12 03:25:30 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\48302596a8c8f2ab396b3be518dbd800\System.Web.ni.dll
    MOD - [2012/03/19 08:20:50 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2012/02/16 09:19:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll
    MOD - [2012/02/16 08:51:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
    MOD - [2012/02/16 02:53:00 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
    MOD - [2011/10/13 09:15:51 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
    MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2008/10/27 05:52:12 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
    SRV - File not found [Auto | Stopped] -- -- (ekrn)
    SRV - File not found [On_Demand | Stopped] -- -- (BFRC)
    SRV - [2012/04/13 16:31:09 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
    SRV - [2010/08/14 00:56:47 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Windows\System32\CSHelper.exe -- (CSHelper)
    SRV - [2009/01/29 19:38:12 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
    SRV - [2008/10/04 15:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
    SRV - [2008/09/24 00:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
    SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
    SRV - [2008/01/02 00:37:02 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
    SRV - [2007/04/13 12:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TMPassthru.sys -- (TMPassthruMP)
    DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\szkgfs.sys -- (szkgfs)
    DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\szkg.sys -- (szkg5)
    DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\TINA&M~1\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2012/04/02 19:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120402.001\BHDrvx86.sys -- (BHDrvx86)
    DRV - [2012/03/06 17:04:10 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120413.001\IDSvix86.sys -- (IDSVix86)
    DRV - [2012/02/03 22:40:04 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
    DRV - [2012/02/03 22:40:04 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2012/01/19 22:25:43 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120414.016\NAVEX15.SYS -- (NAVEX15)
    DRV - [2012/01/19 22:25:43 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120414.016\NAVENG.SYS -- (NAVENG)
    DRV - [2011/07/19 08:05:52 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
    DRV - [2011/07/02 02:36:44 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)
    DRV - [2011/04/20 21:37:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symtdiv.sys -- (SYMTDIv)
    DRV - [2011/03/30 23:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\srtsp.sys -- (SRTSP)
    DRV - [2011/03/30 23:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV - [2011/03/14 22:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symefa.sys -- (SymEFA)
    DRV - [2011/01/27 02:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\symds.sys -- (SymDS)
    DRV - [2010/11/15 21:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502000.00D\ironx86.sys -- (SymIRON)
    DRV - [2010/04/28 08:17:46 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
    DRV - [2009/08/19 17:49:22 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
    DRV - [2009/06/16 14:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2008/10/27 05:52:00 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV - [2008/08/22 00:49:58 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
    DRV - [2008/08/22 00:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
    DRV - [2008/06/23 08:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
    DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
    DRV - [2008/01/02 00:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2007/09/24 05:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
    DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
    DRV - [2006/11/27 03:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2006/11/27 03:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006/11/27 03:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
    DRV - [2005/06/24 18:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
    DRV - [2005/05/26 11:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
    DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Google
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/clipextractor/{B1B5B843-118D-441F-A9CE-6786BA65AA71}
    IE - HKLM\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
    IE - HKLM\..\SearchScopes\{467FDAE5-AC36-4751-97B1-510FC61BC1FF}: "URL" = http://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_Id={D556CD9F-51A9-4A18-9FD3-46FE12EB8518}&query={searchTerms}
    IE - HKLM\..\SearchScopes\{4C1618B8-8E53-43b5-9891-B8072426BA17}: "URL" = http://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_Id={21C288A1-4A7D-4E51-B8CB-80E1052B834F}&query={searchTerms}
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/webResults.html?src=ieb&q={searchTerms}

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = Yahoo!
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
    IE - HKCU\..\SearchScopes\{112A7E09-6595-D1C3-2C4E-CDFD9E56B66C}: "URL" = http://bing.zugo.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Bing&cfg=2-76-0-irOH

    IE - HKCU\..\SearchScopes\{1243C57B-8B0D-4fd0-8442-88FC0C8E48CC}: "URL" = http://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_Id={21C288A1-4A7D-4E51-B8CB-80E1052B834F}&query={searchTerms}
    IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BLT&o=15554&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=HH&apn_dtid=YYYYYYHCUS&apn_uid=23AC72F0-6552-439F-83BD-156B67B17F9D&apn_sauid=91982C7E-A36B-46F8-9898-03F7BAC69E8D
    IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.msn.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}
    IE - HKCU\..\SearchScopes\{6329B82B-F37A-4535-A5F7-80E39EE832DB}: "URL" = http://www.fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={CBA94599-CE4F-48e8-BBB4-EF31914B7233}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKCU\..\SearchScopes\{6C16D9AC-CD2C-4BB8-82C0-F8E9CB8F772A}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avgb-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
    IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=SttfWQaYLRqyqozY8Px3oYwnppQ?q={searchTerms}
    IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.hiyo.com/?search={searchTerms}&loc=ie_search
    IE - HKCU\..\SearchScopes\{8BB63DD3-DE42-4A47-8619-A3FE00B3AD74}: "URL" = http://search.live.com/results.aspx?FORM=SOLTDF&q={searchTerms}&src={referrer:source?}
    IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/clipextractor/{B1B5B843-118D-441F-A9CE-6786BA65AA71}?q={searchTerms}
    IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true&tool_id=58485&qkw={searchTerms}
    IE - HKCU\..\SearchScopes\{AE51929D-A651-435d-BCB8-0D2117FA964A}: "URL" = http://www.greatsearchnow.com/greatsearch.aspx?category=web&Toolbar_Id={D556CD9F-51A9-4A18-9FD3-46FE12EB8518}&query={searchTerms}
    IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NSS&chn=retail&geo=US&ver=4
    IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
    IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-tyc8
    IE - HKCU\..\SearchScopes\{E5F5D888-2587-E012-A817-7038F5690F26}: "URL" = http://www.whitesmokestart.com/s/?q={searchTerms}&iesrc=IE-SearchBox&site=Bing&cfg=2-122-0-1syrh
    IE - HKCU\..\SearchScopes\{EE2EDF38-BFF5-4D42-B6DD-BE37A7A3790C}: "URL" = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true&tool_id=58485&qkw={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = cdn;*.local
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = actsvr.comcastonline.com:8100

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "bing"
    FF - prefs.js..browser.search.selectedEngine: ""
    FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
    FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.19
    FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2
    FF - prefs.js..extensions.enabledItems: {bda718c4-e0e1-42a7-948e-931568160690}:1.7.3
    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.3.6
    FF - prefs.js..keyword.URL: "http://utils.babylon.com/abt/index.php?url="


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope DRM plugin 1,version=1.1.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll (ArtistScope)
    FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScope42.dll (ArtistScope)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@View22/View22: File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope DRM plugin 1,version=1.1.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll (ArtistScope)
    FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins\npArtistScope42.dll (ArtistScope)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/08 11:02:25 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_6_3 [2012/04/15 10:04:58 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/19 08:20:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 22:43:24 | 000,000,000 | ---D | M]

    [2010/01/07 20:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Extensions
    [2009/06/23 16:45:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
    [2010/03/07 19:30:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\extensions
    [2010/07/21 20:52:05 | 000,000,000 | ---D | M] (PlaySushi TextLinks) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\extensions\textlinks@playsushi.com
    [2011/03/17 14:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\imvly8j2.default\extensions
    [2010/07/21 18:20:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\imvly8j2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2012/03/31 15:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\extensions
    [2011/12/08 12:15:21 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
    [2010/07/23 11:41:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/03/13 08:35:04 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
    [2012/03/02 09:38:08 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2011/03/17 14:21:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\s7mmxqbr.default\extensions
    [2010/07/09 09:20:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\s7mmxqbr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/10/15 06:02:39 | 000,002,336 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\searchplugins\bigseekpro.xml
    [2010/10/29 10:17:56 | 000,001,820 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\searchplugins\bing.xml
    [2012/03/30 21:25:30 | 000,001,800 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\searchplugins\funmoods.xml
    [2011/07/19 01:29:33 | 000,002,468 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla\Firefox\Profiles\j3yywc00.default\searchplugins\safesearch.xml
    [2012/03/22 14:19:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/11/01 09:09:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2012/03/22 14:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
    [2010/11/05 07:32:19 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
    () (No name found) -- C:\USERS\TINA & MARK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\J3YYWC00.DEFAULT\EXTENSIONS\{BDA718C4-E0E1-42A7-948E-931568160690}.XPI
    [2012/03/19 08:20:51 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2009/01/15 13:53:03 | 000,616,448 | ---- | M] (ArtistScope) -- C:\Program Files\mozilla firefox\plugins\npArtistScope42.dll
    [2009/02/02 01:06:56 | 000,211,456 | ---- | M] (ArtistScope) -- C:\Program Files\mozilla firefox\plugins\npArtistScopeDRM11.dll
    [2012/03/22 14:19:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2010/11/05 07:32:17 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2012/03/19 08:20:47 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2011/01/14 16:51:11 | 000,002,064 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bingober11118534.xml
    [2012/03/19 08:20:47 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Users\Tina & Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

    O1 HOSTS File: ([2011/07/08 20:25:42 | 000,434,943 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 ??,?,?cr67com,???,????,??112scg,tt?8bc8,?
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 博彩通,博彩网,金宝博188,博彩通评级,百家乐,奥妙百家乐
    O1 - Hosts: 127.0.0.1 100sexlinks.com - Sex links Resources and Information. This website is for sale!
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 Wips.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 14994 more lines...
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {00000130-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/ACELPACM.CAB (Reg Error: Key error.)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} Reg Error: Value error. (Shockwave ActiveX Control)
    O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} Reg Error: Value error. (ExentInf Class)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} Reg Error: Value error. (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: PackageCab http://ak.imgag.com/imgag/cp/install/AxCtp2.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{535C5084-3D5D-4361-AA95-C7025610AA5D}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCA9A86D-9BE9-4880-B546-77D6E0AC4C1D}: DhcpNameServer = 68.87.75.198 68.87.64.150
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
    O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_02.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_02.jpg
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found

    ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
    ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA851-CC51-11CF-AAFA-00AA00B6015C} - rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie4x86.inf,PerUserStub
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

    Drivers32: msacm.ac3acm - C:\Windows\System32\AC3ACM.acm (fccHandler)
    Drivers32: msacm.alf2cd - C:\Windows\System32\alf2cd.acm (NCT Company)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.scg726 - C:\Windows\System32\Scg726.acm (SHARP Corporation)
    Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.DIVX - C:\Windows\System32\divx.dll (DivXNetworks, Inc.)
    Drivers32: vidc.dvsd - C:\Windows\System32\mcdvd_32.dll (MainConcept)
    Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
    Drivers32: vidc.xvid - C:\Windows\System32\xvidvfw.dll ()

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/04/15 20:11:40 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Tina & Mark\Desktop\OTL.exe
    [2012/04/15 13:17:00 | 000,000,000 | ---D | C] -- C:\Users\Tina & Mark\Desktop\New Folder
    [2012/04/03 13:31:52 | 000,000,000 | ---D | C] -- C:\Users\Tina & Mark\AppData\Roaming\Smart PDF Creator
    [2012/04/03 13:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PDF Creator
    [2012/03/31 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
    [2012/03/22 14:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [8 C:\Users\Tina & Mark\Desktop\*.tmp files -> C:\Users\Tina & Mark\Desktop\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/04/15 20:11:41 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Tina & Mark\Desktop\OTL.exe
    [2012/04/15 20:04:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/04/15 20:04:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/04/15 19:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/04/15 15:20:04 | 000,000,448 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Tina & Mark.job
    [2012/04/15 13:14:58 | 000,635,832 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/04/15 13:14:58 | 000,117,920 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/04/15 13:01:51 | 000,032,441 | ---- | M] () -- C:\ProgramData\nvModes.dat
    [2012/04/15 13:01:50 | 000,032,441 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2012/04/15 13:01:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/04/15 12:42:03 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2012/04/15 10:04:31 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Tina & Mark-Startup.job
    [2012/04/15 10:04:16 | 3219,173,376 | -HS- | M] () -- C:\hiberfil.sys
    [2012/04/11 12:03:45 | 000,090,822 | ---- | M] () -- C:\Users\Tina & Mark\Desktop\LLC form.pdf
    [2012/04/11 11:34:43 | 000,282,344 | ---- | M] () -- C:\Users\Tina & Mark\Desktop\W9 Form.pdf
    [2012/04/11 11:29:00 | 000,282,344 | ---- | M] () -- C:\Users\Tina & Mark\W9 Form.pdf
    [2012/04/11 11:21:26 | 000,015,555 | ---- | M] () -- C:\Users\Tina & Mark\EIN TC Construction.pdf
    [2012/04/03 13:31:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SmartSoft PDF Printer Port
    [2012/03/30 21:25:38 | 000,000,050 | ---- | M] () -- C:\user.js
    [2012/03/21 11:51:05 | 000,216,614 | ---- | M] () -- C:\Users\Tina & Mark\Desktop\compass report.pdf
    [8 C:\Users\Tina & Mark\Desktop\*.tmp files -> C:\Users\Tina & Mark\Desktop\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/04/11 12:03:45 | 000,090,822 | ---- | C] () -- C:\Users\Tina & Mark\Desktop\LLC form.pdf
    [2012/04/11 11:34:43 | 000,282,344 | ---- | C] () -- C:\Users\Tina & Mark\Desktop\W9 Form.pdf
    [2012/04/11 11:25:11 | 000,282,344 | ---- | C] () -- C:\Users\Tina & Mark\W9 Form.pdf
    [2012/04/11 11:21:26 | 000,015,555 | ---- | C] () -- C:\Users\Tina & Mark\EIN TC Construction.pdf
    [2012/03/31 15:18:59 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/03/30 21:25:38 | 000,000,050 | ---- | C] () -- C:\user.js
    [2012/03/21 11:51:01 | 000,216,614 | ---- | C] () -- C:\Users\Tina & Mark\Desktop\compass report.pdf
    [2011/09/26 12:03:17 | 000,000,000 | ---- | C] () -- C:\Users\Tina & Mark\AppData\Local\{B2D0D1A6-7F14-4262-854D-C6851EC4B07F}
    [2011/08/18 15:39:13 | 000,000,032 | ---- | C] () -- C:\Windows\System32\thxcfg.ini
    [2011/05/18 20:12:21 | 000,001,940 | ---- | C] () -- C:\Users\Tina & Mark\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2011/03/24 06:28:45 | 000,000,036 | ---- | C] () -- C:\Users\Tina & Mark\AppData\Local\housecall.guid.cache
    [2010/11/03 07:08:25 | 000,032,441 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2010/11/03 07:08:03 | 000,032,441 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2010/10/15 06:05:59 | 000,000,604 | ---- | C] () -- C:\Users\Tina & Mark\AppData\Roaming\ClipExtractor-YouTube-Clip-ExtractorFlvConverterDefaultSettings.xml
    [2010/09/01 04:19:37 | 000,000,000 | ---- | C] () -- C:\Windows\System32\settings.dat
    [2010/08/14 00:56:47 | 000,266,240 | ---- | C] () -- C:\Windows\System32\CSHelper.exe
    [2010/08/04 12:25:35 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
    [2010/06/16 20:17:13 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
    [2010/06/16 20:17:13 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
    [2010/05/09 15:04:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

    ========== LOP Check ==========

    [2009/11/27 09:17:06 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\AVG9
    [2009/02/26 22:25:46 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\AVSMedia
    [2012/01/25 22:03:35 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Canon
    [2009/06/27 12:18:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
    [2011/02/23 02:52:36 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\DriverCure
    [2012/03/03 02:03:22 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\driveridentifier
    [2011/03/17 14:12:15 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\DVDVideoSoftIEHelpers
    [2011/03/13 08:20:06 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Foxit Software
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\GetRightToGo
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle Card Games
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle FaceCreator
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle Puzzle and Board Games
    [2009/02/05 21:31:21 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Individual Software
    [2010/01/18 02:35:44 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\iWin
    [2011/04/27 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire
    [2010/10/15 06:14:15 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Moyea
    [2010/02/21 22:08:25 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\MusicNet
    [2009/06/01 12:21:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Netscape
    [2011/01/15 16:32:48 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Oberon Media
    [2009/03/17 10:12:43 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\OpenOffice.org
    [2010/03/15 10:14:38 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Paltalk
    [2011/02/23 02:52:36 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\ParetoLogic
    [2010/11/21 15:09:21 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PCDr
    [2009/08/28 21:38:32 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PeerNetworking
    [2009/07/04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PlayFirst
    [2009/02/12 19:57:03 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Runes of Avalon
    [2009/06/26 13:32:19 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Save
    [2009/02/25 20:49:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\ScanSoft
    [2012/04/03 13:32:07 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smart PDF Creator
    [2011/09/12 15:39:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smart PDF Creator Pro
    [2010/07/21 20:52:05 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox
    [2012/03/19 19:22:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Spotify
    [2011/02/23 02:45:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\spotmau
    [2009/02/04 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Template
    [2010/08/24 17:36:30 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Tific
    [2010/10/28 00:32:16 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TS3Client
    [2010/05/21 14:17:22 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TuneUp Software
    [2009/06/30 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
    [2011/08/20 00:40:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Uniblue
    [2011/11/27 23:54:32 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\wsInspector
    [2012/04/15 05:03:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2012/04/15 10:04:31 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Tina & Mark-Startup.job

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < c:\windows\*. /SL >

    < c:\windows\*. /RP >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2011/08/10 11:45:46 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\ABBYY
    [2011/03/15 11:43:10 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Adobe
    [2011/12/16 18:25:53 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Apple Computer
    [2009/11/27 09:17:06 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\AVG9
    [2009/02/26 22:25:46 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\AVSMedia
    [2012/01/25 22:03:35 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Canon
    [2009/06/27 12:18:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
    [2010/10/11 11:02:15 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\CyberLink
    [2009/02/04 01:53:32 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Dell
    [2011/02/23 02:52:36 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\DriverCure
    [2012/03/03 02:03:22 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\driveridentifier
    [2011/03/17 14:12:15 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\DVDVideoSoftIEHelpers
    [2011/03/13 08:20:06 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Foxit Software
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\GetRightToGo
    [2009/02/10 01:23:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Google
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle Card Games
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle FaceCreator
    [2010/07/21 20:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle Puzzle and Board Games
    [2009/02/04 01:55:48 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Identities
    [2009/02/05 21:31:21 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Individual Software
    [2010/01/18 02:35:44 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\iWin
    [2011/04/27 23:15:16 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire
    [2009/02/04 14:11:48 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Macromedia
    [2010/07/21 12:46:44 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Malwarebytes
    [2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Media Center Programs
    [2011/09/20 13:33:27 | 000,000,000 | --SD | M] -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft
    [2010/10/15 06:14:15 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Moyea
    [2010/03/07 19:30:42 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Mozilla
    [2010/02/21 22:08:25 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\MusicNet
    [2009/06/01 12:21:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Netscape
    [2011/01/15 16:32:48 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Oberon Media
    [2009/03/17 10:12:43 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\OpenOffice.org
    [2010/03/15 10:14:38 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Paltalk
    [2011/02/23 02:52:36 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\ParetoLogic
    [2010/11/21 15:09:21 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PCDr
    [2009/08/28 21:38:32 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PeerNetworking
    [2009/07/04 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\PlayFirst
    [2010/05/25 09:50:10 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Real
    [2009/07/03 10:48:05 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Roxio
    [2009/02/12 19:57:03 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Runes of Avalon
    [2009/06/26 13:32:19 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Save
    [2009/02/25 20:49:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\ScanSoft
    [2012/04/15 20:21:40 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Skype
    [2010/06/22 15:48:12 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\skypePM
    [2012/04/03 13:32:07 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smart PDF Creator
    [2011/09/12 15:39:01 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smart PDF Creator Pro
    [2010/07/21 20:52:05 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox
    [2012/03/19 19:22:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Spotify
    [2011/02/23 02:45:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\spotmau
    [2009/02/04 14:02:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Template
    [2010/08/24 17:36:30 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Tific
    [2010/10/28 00:32:16 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TS3Client
    [2010/05/21 14:17:22 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TuneUp Software
    [2009/06/30 20:01:47 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
    [2010/08/26 18:13:33 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\U3
    [2011/08/20 00:40:29 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Uniblue
    [2011/11/27 23:54:32 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\wsInspector
    [2010/03/31 14:39:19 | 000,000,000 | ---D | M] -- C:\Users\Tina & Mark\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2007/07/17 07:09:04 | 000,696,320 | ---- | M] (Dynamix, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Hoyle Puzzle and Board Games\pool.exe
    [2010/10/19 16:41:05 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
    [2010/10/19 16:41:06 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
    [2010/10/19 16:41:06 | 000,014,848 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
    [2010/10/19 16:41:06 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
    [2010/10/19 16:41:06 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
    [2010/10/19 16:41:06 | 000,018,432 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
    [2010/10/19 16:41:06 | 000,014,336 | ---- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
    [2010/10/19 16:41:06 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
    [2010/10/19 16:41:06 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Tina & Mark\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
    [2009/02/04 21:01:17 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{C92CA83A-E0EF-4449-BA4C-C959779447FC}\ARPPRODUCTICON.exe
    [2009/02/04 21:01:17 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{C92CA83A-E0EF-4449-BA4C-C959779447FC}\NewShortcut2_8E91D63107214AB29D1ADAFFAB64B8BB.exe
    [2009/02/04 21:01:17 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{C92CA83A-E0EF-4449-BA4C-C959779447FC}\NewShortcut3_3958D9D2BDD3491C9529778711F42CDC.exe
    [2009/02/04 20:54:21 | 000,013,094 | R--- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\ARPPRODUCTICON.exe
    [2009/02/04 20:54:21 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\NewShortcut1_3214B0DAF89E49FAA161D1AD00F5294D.exe
    [2009/02/04 20:54:21 | 000,010,134 | R--- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\SHORTCUT_EP_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe
    [2009/02/04 20:54:21 | 000,001,718 | R--- | M] () -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\Shortcut_EventPlan_5D0DF1BBD82E4FB2B98E4FDE42EF7EBB.exe
    [2009/02/04 20:54:21 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\Shortcut_HCS_2007_79CA6728A9EA441A925273E16EA743BE.exe
    [2009/02/04 20:54:21 | 000,053,248 | R--- | M] (Macrovision Corporation) -- C:\Users\Tina & Mark\AppData\Roaming\Microsoft\Installer\{E7875036-3CFC-4F0F-A470-8EADFFE43F6C}\Shortcut_HCS_Deskt_C98039D069C44058BF9E06B50572E8CD.exe
    [2009/11/25 18:27:20 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Real\Update\setup3.09\setup.exe
    [2009/10/23 14:01:26 | 001,581,704 | ---- | M] (Smilebox, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox\SmileboxClient.exe
    [2009/10/23 14:11:32 | 000,205,448 | ---- | M] (Smilebox, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox\SmileboxDvd.exe
    [2009/10/23 14:11:32 | 000,373,384 | ---- | M] (Smilebox, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox\SmileboxStarter.exe
    [2009/10/23 14:11:32 | 000,266,888 | ---- | M] (Smilebox, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox\SmileboxTray.exe
    [2009/10/23 13:24:40 | 000,123,528 | ---- | M] (Smilebox, Inc.) -- C:\Users\Tina & Mark\AppData\Roaming\Smilebox\SmileboxUpdater.exe
    [2012/03/19 19:07:44 | 004,011,184 | ---- | M] (Spotify Ltd) -- C:\Users\Tina & Mark\AppData\Roaming\Spotify\spotify.exe

    < %SYSTEMDRIVE%\*.exe >

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >
    [2008/01/20 23:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
    [2008/01/20 23:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
    [2008/01/20 23:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
    [2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
    [2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

    < %systemroot%\system32\drivers\*.sys /90 >
    [2012/02/29 09:32:37 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\fs_rec.sys
    [2012/02/15 12:01:50 | 000,043,520 | ---- | M] (Apple, Inc.) -- C:\Windows\system32\drivers\usbaapl.sys

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:F878F14A
    @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:57B4E612
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMPFC5A2B2
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:F5B69884
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:E73B14E2
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP1B5B4F1

    < End of report >

Page 1 of 2 12 LastLast